What we're about
Upcoming events (1)
We've got 2 big name speakers for July's in person meetup on Wednesday 13th July at Runway East...
### Auth 101
Auth; almost every application employs it. From verifying that a user is who they say they are, to restricting access to a protected resource. If your application isn’t secure, there’s a lot to lose. Let’s learn the difference between authentication and authorisation, and the best ways to implement them.
### From Betamax to VCR: harden your API integration testing
This talk comes from inheriting a complete, widely used open source PHP API library. It’s complete in that it has a full test suite, but problems arise from the approach of mocking JSON responses to assert tests on. The responses have to be maintained, and that can inevitably lead to false positives if the underlying API changes without the maintainer being notified. You can be clever and use a git submodule to bring in a standardised response that can be used by the same library in other languages, but then you need someone to maintain that across various departments of engineering. A chat with my colleague who is the resident Ruby library developer revealed that VCR has been used across the Ruby world for years. Why hadn’t I come across this approach, after years of PHP development (and specifically API testing work)? My passion is for expressive, self-documenting code. After all, it’s what I do in my current role: I advocate for the PHP developer community, and PHP developers are the ones that I maintain that library for. VCR plus integration with the PEST testing framework gives that readability we should strive for - it helps developers understand what your code is doing with responses. But the biggest thing here is the ability to trigger a record when something upstream changes. If someone pushes out a change to the OpenAPI specification, you can get a webhook to trigger a build on your library. The response is different, something has been removed or added, and your test suite fails. A test written in PEST, so highly readable. If you’re a new developer on the project, you’re being told what needs fixing, and that is a story that needs telling.
SR2 – Socially Responsible Recruitment (https://www.sr2rec.co.uk/) in Bristol are kindly helping us host this evening. Thanks to them!
Your first time coming to PHPSW? Welcome!
Here's how the evening tends to run:
- Feel free to turn up from 6:30pm.
- We'll have a selection of soft drinks & alcoholic drinks available from about 6:45pm, all free of charge thanks to our sponsors. It's a great chance to speak to people (we're a friendly bunch!) and do a bit of networking. Just speak to an organiser if you'd like an introduction to people, or just dive in and say "hello!".
- At 7pm, we'll do a quick welcome talk and some community announcements
- At ~7:10pm we'll have our first talk
- After our first talk, there's a small break whilst we switch over speakers
- At ~ 7:50pm we'll have our second talk
- We finish at ~9pm. We always go for a drink somewhere afterwards to discuss the talks and anything else that takes your fancy.
As always, a big thanks to our meetup sponsors Ents24 (http://www.ents24.com/), Brightpearl (http://www.brightpearl.com/) & OneSub (https://onesub.io/) without whom we wouldn't be able to put on our meetups.