First EU-FOSSA Hackathon about security, PHP, Symfony and API Platform

  |   |  5 minutes  |  1055 words
First EU-FOSSA Hackathon about security, PHP, Symfony and API Platform
Image by Michael Cullum.

During the first weekend of April 2019, a hackathon was held in Silverquare Triomphe venue in Brussels.

The organizer, the European Commission, and a community of carefully selected developers participated to a hackathon in an amazing place.

The goal of having such an amount of skills contained in one single place, is to participate to the EU-FOSSA hackathon that the European Commission organised and funded.

Nicolas Grekas, Fabien Potencier and Mario Campolargo

Nicolas Grekas, Fabien Potencier and Mario Campolargo

The event

EU-FOSSA stands for EU-Free and Open Source Software Auditing project, a project which is managed by the European Commission’s Directorate General for Informatics, the DIGIT.

The EU-FOSSA project is organising in parallel a bug bounty for the PHP Symfony software. Hackers can get rewards of up to EUR 15.000 for critical bugs they find. There is even a 20% bonus added to the prize if the hackers provide a fix for the bug they report.

While the security was the focus during this weekend, API Platform and Symfony framework was the main topic of this first successful hackathon.

The European Commission pulled out all the stops for this event, every participant received a very nice welcome gift composed of (take a breath):

  • A Raspberry Pi version 3B,
  • A case for it (the best one I’ve seen so far)
  • A very nice PHP elephant - thanks Nicolas Grekas !
  • 2 t-shirts
  • A few badges and stickers for swag
Welcome pack, photo by Robert Czarny

Welcome pack, photo by Robert Czarny

The participants

During two days, participants coming mostly from Europe, Morocco, Russia and even US and Cuba, were having a complete programme with meetings, goals and tasks.

Those 50 selected developers were personally invited a month before the event and most of them were PHP heads, driving the PHP world and shaking the trends since a couple of years.

I will take the opportunity to personally thanks all the organizers, it was perfect. I was and I am glad to be part of this.

Needless to say that I was extremely happy to have a talk with people that I knew for years, as a Github or Slack pseudonyms, or even through composer install command logs!

Group photo, photo by Michael Cullum

Group photo, photo by Michael Cullum

The goals

Basically, the task was to browse the Symfony’s issue queue, pickup an issue, then ensure that the issue gets fixed and closed. Often, those issues are linked to a pull request, so knowing the Symfony framework and obviously PHP was a must during these two days.

On my side, I worked on 4 issues. I closed 1 issue and submitted one PR. I started a second one but I wasn’t able to reproduce the reported issue, so the issue was closed. I started a third one but I couldn’t reproduce what was reported, then the original reporter replied and we closed the issue. The last one was the same.

Each issue being worked during the hackathon was tagged with the tag: “⭐ EUFOSSA Hackathon”, have a look at how much issue were taken care of.

The first issue I worked on was quite controversial because apparently it came back quite a few times and nobody never agreed on how to fix it. But after some back and forth discussions with Hamza Amrouche, Nicolas Grekas, Fabien Potencier and Grégoire Pineau, we finally agreed on something.

Then, Nicolas G. and Fabien P. made the review and the PR was merged, in less than an hour.

To be honest, I rarely seen such a reactivity in Open Source, I like it very much.

The venue

Silversquare Triomphe is situated near the new Chirec hospital, near the ULB, and at 900 meters away from the Etterbeek station.

It’s the old Levis (clothes) building, a huge building where all the floors were completely “refactored” to become a co-working place.

The place has been designed by Lionel Jadot, a belgian interior designer.

I was feeling quite at home it the building, it was warm, cosy and welcoming.

Despite the fact that the floor was pretty busy and what I particularly liked is the fact that it was very quiet, conducive for working. Sound isolation panels were everywhere, properly integrated in the decoration, completely part of it.

As I was with my colleagues: Vitor Da Costa, Diogo Vargas and last but not least, my wingman Robert Czarny, we started to work in a booth, surrounded by cork wood barks.

Perfectly balanced and focused, as it should be.

Perfectly balanced and focused, as it should be.

Then some of us moved on the sofa placed on the stairs. Sounds weird ? Check the photos album :-)

We couldn’t find the time to feel hungry and didn’t feel the need to go out for anything, we had very good meals and drinks, it was awesome.

Yummy food!

Yummy food!

The numbers

On Sunday late afternoon, we were invited to a meeting, the last one, for the closing remarks.

In less than 48 hours, around 80 issues were closed and around 80 PRs were merged.

In less than 48 hours, we achieved around 2 months of work. Can you imagine?

Symfony’s hackathon insight

Symfony’s hackathon insight

Working on something through Github, emails or even chat is great, but hackathon is definitely more efficient.

Despite the fact that it requires a lot of energy, every single person that was there was quite pleased, a lot of smiles, a lot of good energy and vibes in the whole building.

The outcome

This is the first hackathon since quite a long time, I was usually doing hackathons during Drupalcon.

This first hackathon will be remembered as my first entry in the Symfony world where my first PR was merged, hopefully not the last.

Then, I had the chance to talk with Fabien in my car, while I was driving back to my home, as I was passing by the station, I gave him a lift.

I asked him a couple of questions regarding the new Symfony’s HttpClient and the adoption of PSRs. It was quite an interesting discussion.

Monday morning

I came to work with a bright smile on my face, exhausted but my motivation batteries charged to the maximum, I can’t wait to work with this amazing framework again and with this very nice community.

Thanks and see you probably to the next one!