Keynotes
-
Changing Your Story
We all have stories we tell ourselves, about who we are, and what we do, and we believe those stories are static. Stories like "I'm not good at backend", "I can't dance", or "I canāt figure out Vue". When we can recognize those stories, we can also recognize that we are authors, and we can change our own stories. I had my own stories of āI canāt be a developer because Iām not technical enoughā, āIām not good enough at math to be a programmerā, and āI canāt do handstands, because Iām not an athleteā. In this talk, I will encourage people to rethink their personal stories and reimagine their capabilities not only as developers but also as humans with what I learned about changing my stories. I will also cover a framework I came up with for how to change your story.
-
Tech Debt - Why you Need it.
Stop complaining about technical debt. Understand why it is there. Pay the debt service regularly like you do any other debt. Know the cost of any new debt proposed and deploy technical debt as just another tool to give your business an advantage in the marketplace.
-
This Talk Won't Change You, But How You Remember It Will
Memories are unreliable and fickle, yet drive our emotions and our narrative. We are anchored not by our past but by how we remember and process our past. Learn to improve the narrative by recognizing the fallibility of memory, how that fallibility serves us, and to release the attachment holding us back.
-
Your Software is Mission Critical
If an autopilot fails, or a weapon system malfunctions, lives can and will be lost. As a result, significant checks, practices and concepts go into designing the software for such systems. But the code we, as developers in a wide range of jobs and fields, write can be just as critical - a delayed benefits submission because of a server error causes somebody to become homeless; a mistake on an immigration system causes a family to be deported; a misrouting of a delivery driver causes a car crash.
As developers we should explore the culture around what we build - move fast and break things doesn't work if you're dealing with real people's real lives. Are there lessons of software development, design, project management, that we can learn from "mission critical" software production, and apply to our "normal" development projects that can ultimately save frustration, jobs and even lives in the process?
Workshops
-
Building Slack Apps with PHP
Slack has become ubiquitous across the tech industry as the de facto platform for company communication and collaboration. Though fundamentally a chat application, Slack itself is also a development platform. In this tutorial, you will learn how to build Slack apps using PHP step-by-step. Slack apps can be created to improve collaboration and workflows at your company or to sell to others. Whether you want to build a chatbot, an interactive set of forms, or something simple to make your workday more efficient, you can leverage the PHP skills you already have, plus some open source software, to build Slack apps quickly.
-
Getting started with Graph Databases and PHP
In this workshop, we will explore the wonderful world of Graph Databases with Neo4j. It is an entry-level course where we will teach the basics of Neo4j and its query language: Cypher. We will compare the database paradigm with SQL and help discuss the significant differences so you can make an informed decision when choosing your tech stack.
To get a feel for the technology, we will connect our project to a cloud database and start building a highly performant and real-time web application that will change your understanding of what is possible.
-
Leadership Improv
What is the difference between a good leader and a great leader? Research gives us some answers, and in this workshop, youāll learn not only learn how to be a great leader, but why these skills are important for delivering innovative products. And, most importantly, youāll get to practice and be on your way to success.
Weāll use some of the techniques from improv comedy set in scenarios straight out of your workplace.
Software development and innovation expert Leslie Martinich engages the audience with situations she has seen throughout her career, and guides participants to learn new ways to connect with their teams.
-
Websockets calling: Building a Real-time application with PHP
Websockets provides a way to have a persistent 2-way connection between your server and your clientās browser. This allows for more efficient communication than traditional front end mechanisms such as XHR or long polling, and allows for better web native applications as a result. Starting out with websockets in the browser has its complications, especially regarding how they can hook into your existing application.
The tutorial will cover the basics of websockets, and then move on to PHP workers and the React event library for PHP. Using these we can implement PHP clients as part of a websocket application, allowing your existing stack to communicate with a websocket server and your users in the browser. The tutorial requires no existing familiarity with websockets or event-based frameworks, though basic knowledge of JavaScript and a reasonable knowledge of OOP PHP and PHP via CLI are recommended.
Attendees will start with a pre-built set of applications, so you can either code along or just look at the end results and hack it apart later in your own time!
-
Writing your own custom PHPStan rules
If you're using tools like PHPStan on your projects you'll already be reaping the benefits. However are you using them to their full potential?
Do you have conventions on your project that you have to remember, either when writing or during code review? (E.g. a certain object should only be built by a factory. Or a method should only be used for testing.) Do you wish you could automate the checking of these conventions so they'd never be forgotten?
Or do you wish PHP had features that other languages had, e.g. Java's package visibility modifier?
The great news is PHPStan allows you to write your own custom rules to enforce all kinds of conventions or new language features.
This tutorial will guide you through the basics of writing your own rules for PHPStan. We'll create a couple of simpler rules together and by the end of the session you'll be in a position to start writing your own rules.
NOTE: This tutorial assumes you already use PHPStan on a regular basis.
-
You're (Probably) Testing Things Wrong
Over the years there has been a lot of dogma surrounding what you should be doing and how you should do it when it comes to testing. It's time to take a step back and take a closer look at what tools and practices actually lead to better outcomes when it comes to testing.
In this tutorial I will guide participants through the process of setting up effective test suites and complementary tooling. By the end you'll have a great place to start re-examining your testing practices and using tests as your tool to confidently release code changes into production.
Talks
-
A Grumpy Programmer's Guide To Being A Senior Developer
So you're a "Senior Developer" now? What does that even mean? Is it a title you get for being the last one standing in a difficult environment? Is it a label you get for being older than your peers? If you want to become a "senior developer" what are some things that can help you get there?
In this talk, Chris shares his experiences of being a "senior developer" on different projects across different companies across different programming languages. Some of the things discussed include:
- problem isolation
- mentoring
- tooling support
- domain knowledge
While sometimes it just takes time to get to be "senior", these tips can help apply structure to a job that often comes with less coding and more problem solving.
-
API Security: When Failure looks like Success
In the last decade, APIs have become fundamental to our teams, partners, and customers. While weād like to believe it all happened as a carefully executed plan, letās be honestā¦ thereās as much luck as foresight in the mix. Luckily, success drives success so weāve seen things explode in great ways. Unfortunately, that very success has cost us too.
APIs are becoming a consistent and devastating attack vector for applications that store everything from financial records to passport information to what youāre looking for in a date. In this session, weāll reconsider some our earliest assumptions and lay out some strategies for bringing our APIs out of the shadows and protecting ourselves, our partners, and our customers.
-
Accessibility for Everyone
It is important to reach every last customer, but there are a lot of customers out there for whom the web is not an easy quick-stop. Your target audience contains people who need visual or motor assistance whether they have a specific condition that affects them or are just part of the very large and aging Baby Boomer generation. Learn some tips for evaluating the accessibility of your site, and find out how to broaden your site's appeal while making the web a more accessible place for everyone.
-
Auth 101
Auth; almost every application employs it. From verifying that a user is who they say they are, to restricting access to a protected resource. If your application isnāt secure, thereās a lot to lose. Letās learn the difference between authentication and authorisation, and the best ways to implement them.
-
Automating the Web
Even in the modern era of web services, at some point in our careers, we come across a need to automate interaction with a web application targeted at human end-users. This need might be for an automated end-to-end test suite, an integration to push data in the absence of a usable API, or a crawler to extract and index data. Meeting such a need requires a deeper knowledge and a special set of skills and tools beyond those that we use to write these applications. Attend this talk for a high-level overview of these, plus some pitfalls and pro-tips, from a two-decade industry veteran and published author in the field.
-
Diagram Like a Principal Engineer
What separates software engineers from principal software engineers? Mainly communication skills. One of the main communication skills in the principal engineerās toolbelt is diagramming. In this session weāll discuss different types of diagrams and their purposes. Then weāll look at different tools we can use to make and share diagrams. Hopefully, weāll all come out of this with a greater ability to draw boxes and arrows in a way that can bring about better software and teamwork and bigger paychecks.
-
Docker for Team development
In this talk I will focus on how you and your team can work smarter and faster in order to ship better code using Docker as your development environment. I will also include a bash script that will save you time and keystrokes in managing your docker setup!
This talk includes:
- Ubuntu
- Nginx
- Git
- MySQL
- PHPMyAdmin
- Node
- Bash
- ASCII Art
-
Docs or it didn't happen
Your code can be all rainbows and unicorns, cutting and shining, but if thereās no documentation, does it even exist?
Documentation can make or break your open source project. Donāt believe me? Let me tell you a story or three about writing and managing documentation for the largest open source CMS community. The WordPress documentation.
-
Enterprise Ready Laravel
"Enterprise ready" is such an ambigious term in the software world. Like PHP itself, Laravel's enterprise readiness is constantly in question. At Ziff Media Group we've deployed dozens of PHP/Laravel based applications for our enterprise. In this talk, we'll cover what Enterprise Ready means to us specific to how we build Laravel applications: what features of the framework we use (or don't use), how we fashion the code, what developer/consumer workflows and processes we put in place, and how we fit the Laravel into our own product development workflow.
-
Getting started with serverless PHP
Some of us love to manage servers. But for a lot of PHP developers, servers are something we'd rather avoid. We're happy to pay hosting providers so we don't have to worry about it.
PHP hosting doesn't remove all your hosting headaches. You still have to worry about scaling. You're often overpaying for hosting because you have to worry about the worst-case scenario.
Well, that's what serverless PHP tries to solve. With serverless PHP, you only pay for what you use. Meanwhile, you get an infrastructure that can scale from handling zero traffic to thousands in seconds.
This talk will go over serverless PHP and how it works. We'll then look at the state of serverless in the PHP ecosystem. We'll finish by going over tools and projects you can use to deploy your PHP application on AWS Lambda.
-
How to Make Your Website Not Ugly: Basic UX for Programmers
If youāre a programmer who has ever found themselves inadvertently (perhaps unwillingly!) straddling the line between design and code, this is the talk for you.
Even with zero design training or background, there are numerous small, simple and practical ways you can vastly improve the look and usability of a website. In this talk, weāll explore 10 of them together, using research and proven solutions to see how the impact as a whole for both clients and users is greater than the sum of its parts.
-
How to manage releases using Git tags and semantic versioning
Releasing code into a production environment is a process teams want to make sure is repeatable, easy to execute and even easier to track. If a release is not easily identifiable or annotated it is hard for teams to know exactly what changes were released, how major the changes were and who made those changes. Worse yet, if a release needs to be rolled back and is not properly documented a team needs to spend a lot of time figuring out how to revert the changes and get production back up and running.
Git tags allow you to mark specific commits in your repository as releases and using semantic versioning allows you to communicate if the changes were major, minor or simple patches.
In this session attendees will learn the structure of semantic versioning and how it communicates different levels of code changes in a repository; Such as the difference between creating v1.0.1, v1.1.0 and v2.0.0 of your codebase.
Using this understanding attendees will learn how they can mark git tags with semantic versions, examples of simple bash scripts to generate version releases and how to use other git commands to generate release notes.
By the end of this session attendees will be able to apply this knowledge to manage code releases in their git repositories.
-
How to tame a ?
You've got strange characters like "ļæ½" or "ĆĀ¶" display in your application? Yes, handling non-English characters in application code, files and databases can be a challenge, to say the least. Whether that's German Umlauts, Cyrillic letters, Asian Glyphs or Emojis: It's always a mess in an international application. In this session you will see why that is and how handling characters evolved in computing. You will also see how handling characters in applications and databases can be done less painfully. And don't worry when EBCDIC, BOM or ISO-8859-7 are Greek to you and your Unicode is a bit rusty: we'll have a look at them too!
-
Improve your API with OpenAPI
OpenAPI is the standard way to describe your HTTP API, adopted by most modern APIs. With the spec at the centre of your workflow, you can improve the quality of your API and development practices, and make integrations painless. With standardisation comes tooling and in this session, I will show you to leverage this to your advantage. We'll cover what OpenAPI is, why it's interesting and then how to use it. We will also look at how the OpenAPI specification enables you to create documentation, use mock servers and improve the robustness of our API with validation. This session is ideal for anyone who wants to write an API specification once and use it everywhere.
-
Intent-Driven Development
Having operated in several languages in my career, including C, JavaScript, Java, C# and PHP I've come to appreciate systems and methodologies allowing me to signal my intent and having that intent enforced in near real-time throughout the development cycle, guarding me from making costly mistakes, while increasing my ability to focus on the task at hand with increased productivity.
To fully take advantage of this, we'll explore the following topics:
- Type Systems
- Exceptions
- The value of IDEs with Real-Time Static Analysis
- Test-Driven Development
As we dive into these, the value of intent-signaling will emerge, allowing us to fully tap into the power of the PHP ecosystem as we engineer more robust software.
-
Leaflet JS (GIS) and Capital MetroRail
Leaflet is an open source JavaScript library used to build web mapping applications. Capital MetroRail is a hybrid rail system that serves the Greater Austin area. In this talk we'll use Leaflet JS to show the 32-mile route of Capital MetroRail, where it's stops are and we'll use Leaftlet JS to provide real time tracking of the all the active rail cars on the network. We'll then use Leaflet JS to show the full 154-miles of train track that that Capital Metro owns (despite not operating trains on all of it), the counties that those 154-miles of track run through and what the route looked like in the 1920's as captured by survey maps published by the Texas General Land Office (GLO).
Our journey will take us from client-side Javascript and server-side PHP to the CLI and the database.
-
Legacy Code - Testing and Safe Refactoring
I can't test this code because it's legacy. I need to update the code to make it testable. How can I manage that, without breaking existing functionality? I'll need to write some tests, but... argh!
-
Leveling Up With Unit Testing
Writing unit testing on a project can seem like a daunting task, and earning team and leadership buy-in can be challenging. Level up your skillset as we cover PHPUnit and Prophecy setup with composer, writing meaningful tests, restructuring existing classes with dependency injection to allow for unit testing, using mock objects, and releasing code confidently with test coverage. We'll also discuss overcoming common biases, unit testing challenges, and shortcomings of unit testing.
-
Make The (Big) Change Easy, Make The Easy Change
Getting a working solution is easy. More difficult is getting a solution that scales and is easy to maintain. There's a lot of planning and careful execution needed for large-scale refactoring, but shipping a large change boils down to classic refactoring advice: make the change easy, then make the change.
In this session, we share examples of successful executions of large refactoring ā from a monolithic application to a distributed system that manages millions of ad creative images, with tens of thousands ingested and processed on a daily basis ā at both the micro and macro level, the logic behind our approach in tackling that hard task first, and how it all worked out (spoiler alert: smashingly). Coming out of it, you'll have a better understanding of how to introduce changes in your own systems that not only maintain functionalities, but pave the way for easy implementation of new changes, large and small.
-
MySQL for developers: Just the good parts
In this talk we'll cover what application developers absolutely need to know about MySQL. Often times developers shy away from the database layer, but no one has a grasp on the application's data quite like the developer! We'll go over schema optimization, indexes, and a few non-obvious tips and tricks when working with ORMs and frameworks.
-
PHP Generics Today (Almost)
Ask PHP developers which big feature they wished PHP had and many would say generics. Generics offer additional type checking that reduces the chances of bugs. Hopefully one day they'll be implemented at language level but what if we want them now?
This talk starts with a deep delve into generics and the benefits of them. We'll then look at how existing static analysis tools can be configured to (almost) give us generics in PHP now.
-
Packages Anywhere! And They're Yours!
Modern web-based applications are complex, and developers fall in the trap of creating monolithic codebases at every turn with full-stack frameworks. Many turn to large monorepos to make development more manageable but then run into the difficulties of all-or-nothing deployments. Not to mention locking ourselves into vendor and framework dependencies, making future modernization difficult. However, avoiding these complex monsters has never been easier with minimal effort, using custom packages.
Custom packages can be anywhere you have git, and many service providers offer convenient git package repositories. I will highlight why this is important, and show how to easily create your own packages on GitHub to be later consumed with common package and dependency managers, making deployments easier. Ultimately, it also makes breaking up complex applications a no-brainer, to get you on the road to less vendor lock-in and dependencies.
-
Setting up GitHub Actions for your PHP projects
Setting up CI is probably on a list somewhere of something you want to do, but maybe haven't done yet. In this talk, I'll set up a CI using GitHub to run multiple jobs for checking lint and code style as well as running static analysis and tests. I'll also demonstrate how to cache dependencies for faster builds, and even export artifacts so you can use GitHub Actions to generate assets.
Don't skip out if you're using another service like Bitbucket or GitLab. Everything I set up in this talk can be done within those services as well and I'll provide an example workflows at the end.
-
UX Pitfalls
User Experience has become a buzzword in the tech industry. Project managers and business partners are clamoring to improve the experience. You understand UX is a business necessity, but you aren't quite sure what it means to you or where to begin. This session discusses some common pitfalls of user interface design and simple techniques to inject UX into your applications from the start. These are the basic UX design principles you need to start adding UX to your project today.
-
Use Case: Introduce Event Sourcing To Your Existing Application
Event Sourcing has such huge potential for many applications, however getting past the learning curve is tricky, especially for legacy/existing applications.
Let me show you how we introduced event sourcing into our application through an iterative process.
-
Webhooks: The Good, The Bad, and the Ugly
Webhooks are a pillar of modern application development. They notify us of that new commit, an incoming text message, our email was delivered, and a payment was processed. Our systems canāt function without webhooks sending data seamlessly and securely across the internet.
But what happens if theyāre not secure? What happens if your webhooks are intercepted, manipulated, or even replayed against your systems? What are the best ways - as both a provider and consumer - to protect our systems?
In this session, weāll delve into the 100+ implementations we explored to build webhooks.fyi to identify the best and worst patterns to protect our systems now and in the future.
-
What is Performance Driven Development and why aren't you doing it?
You code the app. You've used Test-Driven-Development for it, because you do things the right way. You care about the quality of your code. You ship it. The job is mostly done!
EXCEPT, of course, now that your app has -you know, users- performance is down. You've got a Redis instance caching sessions and database queries, but it's not enough! Your problem needs a bolted-on solution - maybe throw something else at it , like Varnish?
We don't do Performance-Driven-Development in PHP, and we should. The problem is in the code, not the caching. Using a variety of tools, I'm going to show you why PDD should be part of your process.
-
When UTC is the answer...
ā¦ you might have asked the wrong question. In this session we will take a look at time and its oddities. And determine whether the all-time favourite "Use UTC" actually is a good option in each and every case. And if that should not be the case, what other options we have at hands to handle time in our code and in databases.
-
Why we worry about all the wrong things
Modern humans arenāt great at risk assessment.
We often blithely ignore that which could harm us, and are conversely intimidated by things that are quite safe. This inability to recognize threat has vast implications for many aspects of our lives, including our careers.
In this talk, weāll explore root causes of fear and anxiety, and discover how we can start to deliberately rewrite our āinstinctsā. This will allow us to redirect our worry toward what actually matters, and channel it into productive outcomes that make us safer, happier and less stressed, both at work and in our personal lives.
-
WordPress Through The Terminal
Remember the famous ā5 minutes installationā process for installing WordPress? Letās see what WP-CLI can do in 5 minutes. And everything else that can happen in the terminal in 40 minutes. We might actually make WordPress instances more secure. Or just break it.
This is not your usual presentation talk. This is a live terminal commanding; SSHing your WordPress administration and development; and releasing the Kraken or two.