This is the fourth issue of the TYPO3 Reading List. The list covers topics about the TYPO3 community, development, security and business topics. Read on for this handcrafted list of links 🙂 

Let’s start with the community topics:

Community

TYPO3 8.6 released

On valentines day the last sprint release before the LTS version was released. There are lots of new features available: Here is the official announcement.

I also wrote an blogpost about this release, where I picked out 12 main changes in TYPO3 8.6.

New Platform for making decisions

Since a couple of weeks, there is a new platform for preparing decisions for TYPO3 core related topics: https://decisions.typo3.org. The news article on typo3.org explains the details:

New platform for taking decisions for the core team

New certification available: TYPO3 CMS Certified Consultant

The next certification for TYPO3 was finished by the certification team. Now you can become a TYPO3 certified consultant. The questions, when, where and how to get certified, are answered here:

https://typo3.org/news/article/introduction-to-the-typo3-consultant-certification/

Partner Program Survey Results

As some / many / most of you may know, there is a TYPO3 partner program at the horizon. Susanne Moog (@psychomieze) writes on typo3.com about the results of an survey, where TYPO3 Association members were asked:

https://typo3.com/more/blog/partner-program-pre-launch-survey-results

Development

Extension dependencies revisited

More and more installations of TYPO3 are composer based. Helmut Hummel (@helhum) takes an in depth look to the question how to set the dependencies in the composer.json of your extension correctly: TYPO3 Extension dependencies revisited

Best Practices for Extbase

Oli Klee (@oliklee) published an ebook about Best Practices for Extbase. The over 20 pages are full of tips and tricks you should use in your daily work. It can be downloaded at github: https://github.com/oliverklee/workshop-handouts/blob/master/extbase-best-practices/extbase-best-practices.pdf

Pitfalls of Git branching models

“Git Flow” was one of the first git branching models available and became quite popular since then. Jussi Judin (@B4rr0) is writing about his critics and proposes another workflow. Interesting are also the discussions at the end of the post:

https://barro.github.io/2016/02/a-succesful-git-branching-model-considered-harmful/

Security

TYPO3 security updates

Besides the major release 8.6 also a security update of TYPO3 was published on February 28th. The official news are available on typo3.org

If you want to read more about the issues, you can head over to the security bulletins, which reveal more details on these issues:

https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-002/

https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-003/

Cloudflare

Cloudflare found a html parser bug in its software which was able to disclose certain private data. Some of it was also available via search engines. A very detailed analysis of the whole incident was published on the blog of cloudflare.

As the leaked data can contain very sensitive information like HTTP headers, chunks of POST data (perhaps containing passwords), JSON for API calls, URI parameters, cookies and other sensitive information used for authentication (such as API keys and OAuth tokens), some recommend to change their passwords at services using Cloudflare. If you want to know, if you are affetected, you can check a list of sites on Github: https://github.com/pirate/sites-using-cloudflare

Business

Funding open source development

If you develop TYPO3 extensions (or open source software in general), you still have to fund your and your families life. The new initiative “Coders care”, around Petra and Jo Hasenau, tries to find solutions for this. They just kickstarted a website and released two blog posts about this topic

Final words

Last but not least: I can really recommend all the articles, I wrote in the last months 🙂 . The complete list for february is available here. If you want to go back further in history: the posts of january are also listed in the archive.

I hope, that one or more recommendations have been interesting for you. If so or if you know somebody, who could profit from it, please share this post via your favorite social network. For convenience I added some share buttons at the end of this page.

If you have any recommendations of news or blog posts, that might be helpful for others, don’t hesitate to drop me a note via the contact form, slack, twitter or e-mail.

Credits
I found the blog post image on pixabay (https://pixabay.com/en/glasses-read-learn-book-text-272399/). It was published by Hans (https://pixabay.com/en/users/Hans-2/) under the CC0 public domain license. It was modified by myself using pablo on buffer (https://pablo.buffer.com/#).