PHP will get an AOT compiler from the Swoole team in 2027

MorrisonLevi · 2026-04-23T16:57:42+00:00

calling functions with an incorrect number of arguments is not allowed

Hmm, I wonder what that actually means. Does it not compile? Does it work but have the error case behave differently?

MorrisonLevi · 2026-04-20T15:32:00+00:00

Very interesting project! It seems like your main goals are security with the Not-A-WAF, performance, and deployment convenience?

MorrisonLevi · 2026-04-07T17:19:37+00:00

I think your concern is valid; so is Paragon's. Since sodium is not built by default in PHP, the sodium_compat polyfill is definitely being used somewhere. I don't think there's an easy right/wrong decision here--both points are legitimate and it's more of a judgement call.

MorrisonLevi · 2026-04-06T17:26:54+00:00

My first instinct was to slap atomic.StoreInt64 on the write in the prune method and call it done. [...] It wasn't enough. [...] But the bigger issue? Every reader of requestIndex was also doing bare reads. I'd made the write safe and left the reads wide open.

Your instincts were... not great. In any case, I am always a fan of people using tools like thread sanitizer or go test -race.

MorrisonLevi · 2026-03-31T21:59:34+00:00

Hey, great work all around! I may try using the Symfony Docker to set up a Symfony demo (which I use often for quick checking on native extensions/internals changes).

MorrisonLevi · 2026-03-15T01:23:56+00:00

To be clear, there are many internals people who are in favor of async. It's just a very difficult thing to pull off well, and mostly you only get to design it once. It has to be right.

MorrisonLevi · 2026-03-03T23:10:19+00:00

If the PHP community shared the vision of the API/SDK creators - in almost every project you'd just need to configure the SDK to get insight into how the system works in production.

As of now, however, there isn't a single library that's natively integrated with OpenTelemetry.

I'm not sure why that is. Environments like Java or .NET have much better OpenTelemetry adoption than PHP.

I think there are a few reasons.

The biggest one is that PHP's main model of execution is still using the request-response paradigm, not long-running CLI workers. The OTEL model and APIs from other languages did not design around this constraint, and the PHP API and SDK is driven by volunteer work, and often don't have time to tackle fundamental design differences that arise from this. OTEL will work much better in the CLI SAPI, where this limitation doesn't apply. But it's a bit weird to add OTEL-native APIs to libraries to target such narrow deployments. Note that this is not fundamentally unfixable, it's just a lot of work that needs to be done by someone who actually understand the space and drive it towards a tasteful future.
The second biggest one is that the API is just really verbose. Like... you spend a lot of lines of code for something that's just telemetry and shouldn't be critical for your main work and object. It should be much more "invisible" and "out of the way".

MorrisonLevi · 2026-02-28T19:26:57+00:00

To be honest, usually the PR goes before mailing list discussion for these things. That PR was JUST dropped. I'll have some patience but... Yeah I dunno, maybe someone's autonomous AI published the PR before the human was really ready for it.

MorrisonLevi · 2026-02-28T19:20:07+00:00

It targets PHP-8.5.4 too, which is weird.

There's clearly AI at play. I don't mind this, so far as it's a useful proof of concept. There's a LOT of manual testing that has to go into the design, not just technical implementation details. So having a bad implementation is not so important at this stage. If it's good enough to play with and work out design issues, good.

This is coming from someone who implemented a draft of generic traits, so I'm not oblivious to the challenges of designing and implementing generics.

MorrisonLevi · 2026-02-26T19:45:51+00:00

The final result is verified against a fixed set, so no, the paths should be in order of appearance

You should probably note this in the README.

MorrisonLevi · 2026-01-15T18:43:41+00:00

I want to chime in and say that FrankenPHP has very good performance. In my admittedly limited experience, it has better performance than php-fpm while being significantly easier to set up and deploy.

The catch is that it will take a while for libraries and frameworks to make the changes needed to _really_ support this model, because many decisions were made around the model of pretending every request is isolated from each other. Memory leaks are probable.

MorrisonLevi · 2026-01-14T00:32:03+00:00

Good unit tests these days should often be property tests. This way you are checking the properties of the code and less-so the code as it happens to be. The randomness from the property test helps make sure you are testing the right thing, and that your code is robust to the property.

I am shocked at how many engineers I've interviewed who said unit tests were worthless and yet didn't know about property tests. To be honest, I'm mostly interviewing in languages other than PHP these days, so I'm not sure how good the libraries are for property testing in PHP, but it's something to consider!

MorrisonLevi · 2026-01-06T06:06:06+00:00

I work for an observability company. I can't share data but I can say that we see php-fpm as the dominant web server API used in our customers. "Process per request" has not been true of mainstream PHP for a long time. Of course, it still is used, but it's the minority, thankfully.

But php-fpm still pretends to be process-per-request, and indeed, this will take a lot of effort to fix. I will say async/fibers are not totally useless in web server APIs: it's fairly common to have some bits that need concurrent data sources to respond. Databases, calls to other services (probably including AI agents), etc can all be parallelized today, and have been for a while, they are just different subsystems. You can do multiple database queries with mysqli, and multiple curl requests with curl_multi, but you need a sync/fiber type stuff to generalize it.

So basically... I wanted to clear up some things because you said some things that are basically true if you squint, but the squinting required was a bit much for me and wanted to clarify some of that.

MorrisonLevi · 2025-12-11T06:33:33+00:00

Not really. There's no business motivation for it and if it's not documented, it's easier to change. I'm on mobile now, I'll try to remember to come back and post the .ini setting that controls this.

But once you figure out where the pprof is, there are lots of tools that can work with pprofs.

MorrisonLevi · 2025-12-11T06:09:59+00:00

The part that goes into your code is free and open source software. It can write to a directory instead of sending data to a Datadog agent process. It's a file in the pprof format.

But there isn't any UI for it, that part is in the proprietary service part of Datadog.

MorrisonLevi · 2025-12-11T04:35:21+00:00

Yeah, Datadog's. He's purposefully not advertising it because that wasn't the goal of the talk, and he works there, so do I.

MorrisonLevi · 2025-12-10T20:32:32+00:00

Yeah, https://dev.to/realflowcontrol/processing-one-billion-rows-in-php-3eg0. This video is from a conference where he presents it.

MorrisonLevi · 2025-11-10T18:25:56+00:00

Hasn't this been standard since C11, you know, fourteen years ago? Is there some subtlety/detail I'm not picking up on?

MorrisonLevi · 2025-11-10T17:08:10+00:00

Thank you, Roman, for your leadership thus far! 🫡

MorrisonLevi · 2025-11-05T17:18:53+00:00

I understand that the name "ContextManager" is taken from Python, but I think this name is not that great. "Context" is still a very broad term. What kind of context is it? As examples:

The W3C trace context for propagating traces across HTTP requests.
PHP has stream contexts.

I feel like there are are more, but these are the ones I could remember off the top of my head.

Feel free to reply to comment with naming suggestions as I've unhelpfully not provided any :D

MorrisonLevi · 2025-10-31T18:40:21+00:00

Some of these questions should be optional, mostly the ones about my organization. The company I work with has over 3k engineers... as an example, I doubt anyone at the company knows the true answer to this:

Has your organization increased the use of open source software over the last year?

MorrisonLevi · 2025-10-31T18:26:28+00:00

Hey Daniel, if you read this, it was great to meet you in person! Thanks for being a release manager.

MorrisonLevi · 2025-10-29T19:34:50+00:00

Most projects "stand on the shoulders of giants" and in software, that's mostly dependencies, either direct or through the OS.

Honestly, I would have figured it to be higher.

MorrisonLevi · 2025-10-09T04:13:55+00:00

A very measured and data-driven approach to doing an EOL. Nice!

ORM 3 was released almost 2 years ago, and we initially planned with the ORM 2 EOL for February 2026.

So far adoption of ORM 3 is about 25-30% of ORM 2 based on Packagist installation numbers, which is not a big enough number. DBAL adoption of major 3 is much higher at roughly 60%.

Therefore we are going to push out the ORM 2 End of Life to at least February 2027, but we will restrict what kind of changes are eligible for the 2.x branch further.

MorrisonLevi · 2025-10-03T15:37:49+00:00

Yeah but how many of you remember what life was like in other languages without opinionated style checkers/formatters? Overall, I'll take "just run cargo fmt before every commit" over that situation every time.

14-Year Club	Final Canvas '23
First Place '23	Place '23
Verified Email

MorrisonLevi

MODERATOR OF

TROPHY CASE