smartbooster / core-bundle
Bundle grouping all vendor, generic utils and services that we use on each project
Installs: 1 024
Dependents: 1
Suggesters: 0
Security: 0
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 3
Type:symfony-bundle
Requires
- php: ^8.1
- doctrine/doctrine-fixtures-bundle: ^3.4
- doctrine/orm: ^2.13
- egulias/email-validator: ^3.0|^4.0
- nelmio/security-bundle: ^2.8 || ^3.0
- sentry/sentry-symfony: ^4.9
- symfony/apache-pack: ^1.0
- symfony/form: ^5.4|^6.2
- symfony/framework-bundle: ^5.4|^6.2
- theofidry/alice-data-fixtures: ^1.5
Requires (Dev)
- smartbooster/standard-bundle: ^1.0
- symfony/flex: ^2
- symfony/phpunit-bridge: ^5.4|^6.2
- symfony/runtime: ^5.4|^6.2
- symfony/twig-bundle: ^5.4|^6.2
README
Bundle grouping all vendor, generic utils and services that we use on each project
What's inside !
- Config IniOverrideConfig service to easily override php.ini options
- Monitoring routes for uptime tracking, phpinfo debugging and more
- DataFixtures abstract helper
- Query functions to extends Doctrine DQL capacity
- SentryCallback with special CleverCloud dedicated behavior
- Utils for Array, Date, Math, Regex and String
- Validator constraints for EmailChain, Modulo, Password and more
Installation
composer require smartbooster/core-bundle
Enable Monitoring routes
To enable the monitoring routes, add the following codes to your config/routes.yaml file :
_smart_core: resource: . type: smart_core # We recommand to restrict thoses routes on a secure subdomain host: "admin.%domain%"
The path ^/anonymous must have PUBLIC_ACCESS in the project security.yaml config for the probe route to be accessible without user
# security.yaml access_control: - { path: ^/anonymous, roles: PUBLIC_ACCESS }
Extra DQL functions
Add the following code to your config/packages/doctrine.yaml according to your missing functions needs:
doctrine: # ... orm: # ... dql: string_functions: group_concat: Smart\CoreBundle\Query\MySQL\GroupConcat
Sentry configuration
To use our SentryCallback add the following to your config/packages/sentry.yaml :
when@prod: sentry: dsn: '%env(SENTRY_DSN)%' options: environment: '%env(ENVIRONMENT)%' before_send: 'sentry.callback.before_send' integrations: - 'Sentry\Integration\IgnoreErrorsIntegration' register_error_listener: false services: Sentry\Integration\IgnoreErrorsIntegration: arguments: $options: ignore_exceptions: - 'Symfony\Component\Security\Core\Exception\AccessDeniedException' sentry.callback.before_send: class: 'Smart\CoreBundle\Sentry\SentryCallback' factory: [ '@Smart\CoreBundle\Sentry\SentryCallback', 'getBeforeSend' ]
Nelmio Security recommendations
We recommand to setup a Content Security Policy in addition to the config generated by the nelmio security recipe:
nelmio_security: # ... # Content Security Policy csp: enabled: true hosts: [] content_types: [] enforce: # see full description below level1_fallback: true # only send directives supported by the browser, defaults to false # this is a port of https://github.com/twitter/secureheaders/blob/83a564a235c8be1a8a3901373dbc769da32f6ed7/lib/secure_headers/headers/policy_management.rb#L97 browser_adaptive: enabled: true script-src: - 'self' - 'unsafe-inline' - 'https://maps.googleapis.com' block-all-mixed-content: true # defaults to false, blocks HTTP content over HTTPS transport
Contributing
Pull requests are welcome.
Thanks to everyone who has contributed already.
This project is supported by SmartBooster