Issue #8
21 April 2026
"As Joel Spolsky famously observed, all good abstractions leak. This issue is a reminder that understanding the layers beneath the abstraction is still part of professional software development."
— Stefan & Sebastian
blog.packagist.com
Composer 2.9.6 and Composer 2.2.27 LTS fix two command injection vulnerabilities in the Perforce VCS driver. The issue can affect users even if they do not actively use Perforce, so upgrading immediately is strongly recommended.
Picked by Sebastian Bergmann and Stefan Priebsch – "An important reminder that supply-chain tooling deserves the same security attention as application code."
dev.to/gabrieloliverio
A practical deep dive into PHP streams: what they are, how resources and wrappers fit together, and how stream-related functions behave in real-world use. A good refresher on one of PHP’s most fundamental abstractions, quietly powering everyday code for years.
Picked by Sebastian Bergmann – "A well-written explanation of a fundamental PHP concept that many developers use every day without fully understanding it."
accesto.com
The article explains how a single long-running process handles real-time event delivery, tenant-aware routing, graceful shutdown, and stable memory usage without polling or unnecessary complexity.
Picked by Stefan Priebsch – "A strong real-world example of how PHP can power long-running, event-driven systems in production when the architecture is thoughtfully designed."