Welcome back to PHP Core Roundup series! This is post #17, where we highlight and celebrate the improvements made to PHP during the month past by the PHP development team, members of the PHP Foundation, and more.
The PHP Foundation is a collective of PHP contributors, veterans, and companies that collaborate to ensure the long-term sustainability of the PHP programming language. The foundation currently supports six contributors focused on PHP's maintenance, debt reduction, and feature development. These contributors work closely with others on coding, documentation, and discussions.
Started over a year ago, the PHP Core Roundup series offers a summary of the latest developments, discussions, and news about PHP Core, contributed by both PHP Foundation members and other participants. This post is the thirteenth in the PHP Core Roundup series.
The PHP Foundation intends to conduct a security audit of the PHP source code. Derick Rethans 💜 has asked the PHP Internals mailing list for input on which sections of the PHP source code should be prioritized in this audit. Feel free to join the conversation if you have suggestions.
The PHP development team released two new versions in September 2023:
These releases include several bug fixes and improvements, notably in areas such as Core, DOM, Iconv, Intl, MySQLnd, ODBC, SimpleXML, SPL, and SQLite3.
Changes and improvements to PHP are discussed, reported, and voted on by the PHP Foundation Team, the PHP development team, and contributors. Bug reports are made to the PHP issue tracker, changes are discussed in mailing lists, minor code changes are proposed as pull requests, and major changes are discussed in detail and voted on as PHP RFCs. Documentation and the php.net website changes are also discussed and improved at their relevant Git repositories on GitHub.
Hundreds of awesome PHP contributors put their efforts into improvements to the PHP code base, documentation, and the php.net website. Here is a summary of some changes made by the people behind PHP. Things marked with 💜 are done by the PHP Foundation team.
A pull-request for the upcoming PHP 8.3 release page on php.net is in progress, and you can help with that!
This is a continuation of a good tradition started by Roman Pronskiy, Alexander Makarov, and the JetBrains design team.
Although PHP 8.3 is still being ironed out, there are some discussions and even an RFC currently being voted for proposed changes in PHP 8.4 (scheduled for the end of 2024).
RFC proposes to add a new optional suffix parameter to the
A suffix could provide even more semantic value or context for a user inspecting the generated files, and, in specific situations, could even provide more context for software processing such files. Right now, users can only add a prefix.
The RFC proposes increasing the default BCrypt cost. This is to enhance adaptive security in relation to increased processing power and thus increased possible cracking speed.
The last time the value was updated 11 years ago. Therefore, Tim suggests updating the default cost from 10 to either 11 (double the time) or 12 (quadruple the time). The RFC and the relevant mailing list thread mention several benchmarks showing the execution time for various cost levels on different CPUs.
RFC proposes to add two new classes:
DOM\XMLDocument to the dom extension. Furthermore, existing dom classes in the global namespace get an alias in the new DOM namespace. The
HTMLDocument class will add support for HTML5 document parsing and serializing. The
XMLDocument class serves as a modern alternative to
\DOMDocument, which is retained for compatibility. These new classes also provide a more misuse-resistant API for loading documents.
RFC proposes to add a new option to the event-driven (SAX)
XmlParser that would allow it to parse large documents.
RFC proposes to add four new modes to the
RFC proposes a new JIT implementation that is based on a separately developed IR Framework. The main advantage of the new approach is that PHP source code will be freed from the low-level details of JIT compilation. The downside is a longer JIT-compilation time.
Dmitry emailed PHP Internals mailing list, which led to a lengthy discussion on the merits of the new JIT implementation.
RFC is currently in draft, which stands to track ideas on deprecating certain features. So far those are related to the
mysqli::ping() functions, and
Gina P. Banyard 💜 is tracking the progress for PHP 8.3 related changes in php/doc-en#2796, and also triaged issues in the docs and marked several of them as "good first time", which are ideal easy picks if you would like to start contributing to PHP docs. You can find the full list on GitHub.
Following are some changes that did not go through an RFC process because they are either planned, bug fixes, or progressive enhancements.
Commits are in the order they were added, grouped by author in alphabetical order.
PHP_HAVE_BUILTIN_USUB_OVERFLOWmacro is defined even if __builtin_usub_overflow not available in 50ca24251d
stream_context_createwith address and port at 0 in d65c80031a
IntlDateFormatter::constructshould throw an exception is the locale field has an invalid value in a80db7b52a
ext/intl: expose dateformat UDAT_PATTERN constant in f6fae19a10
IntlDateFormatter::constructwith dateType set to UDAT_PATTERN but not timeType in 84c4336aa3
zend_call_stack_getimplementation for NetBSD in aef5225394
ext/mysqli: Work on making tests parallizable in GH-11814
ext/pcntl: Remove useless call to
zend.hfor certain headers in GH-12166
pdo_stmt_construct()to use newer FCI/FCC API in GH-12142
MessageFormatter::formatMessage()fails in a579fa807c
zend_error_noreturnfor E_ERROR consistently in 692cea5cbc
zend_separate_if_call_and_writefor FUNC_ARGs in 748adf18fc
xfailmbstring test on Windows 32-bit in 6b74f1f745
PHP_FLOAT_DIGconstant in 58657ff26a
PHP_FLOAT_DIGconstant in 2fad7cdd60
ZEND_ADD_ARRAY_ELEMENT" in 643c4ba417
XSLTProcessor::transformToDocreturn value with SimpleXML in 2a7f23e9b9
xml_parse_into_struct()twice in 30f26b587a
ext/dom(PHP 8.4) in 8a812c3fda
ext/dom(<= PHP 8.3) in da6097ffc8
php_sxe_count_elements_helper()by using non-destructive iterator reset in 8f9626c0f7
php_sxe_reset_iterator_no_clear_iter_data()to avoid having to store and restore iterator data in 550ec29821
php_sxe_get_first_node()by avoiding unwrapping iterator data in GH-12194
instruction()function is not supported in 107443b311
zend_resultas return for properties in
--with-zlib-dirconfigure option in a8e1b1018d
zend_language_parser.hpatch in GH-12178
value == ZEND_LONG_MINan unexpected branch in 9e66bc9b97
fractional == 0.5an unexpected branch in 865535267b
round(): Validate the rounding mode in GH-12252
actions/checkout@v4(8.3+) in 99cd81cd0a
socket_export_stream()with wrong protocol in b5da98b972
We are incredibly grateful for the commitment and dedication of all contributors. Stay tuned for next month's roundup as we continue to make PHP better together.
At PHP Foundation, we support, promote, and advance the PHP language. We financially support six part-time PHP core developers to contribute to the PHP project. You can help support PHP Foundation at OpenCollective or via GitHub Sponsors.
A big thanks to all our sponsors — PHP Foundation is all of us!
Follow us on Twitter @ThePHPF to get the latest updates from the Foundation.
PHP Roundup is prepared by Ayesh Karunaratne from PHP.Watch, a source for PHP News, Articles, Upcoming Changes, and more.