In February, a colleague and I got the chance to attend the PHPUK conference 2025. Throughout the day, we attended talks from various contributors to the PHP community. The conference had two tracks, which allowed us to split up and cover as much as possible with plenty of breaks to discuss what we’ve learnt about.

Before splitting into separate tracks, Daniel Terhorst-North gave a talk on behaviour driven development (BDD) and the 20 years of history behind it. He showed how even though it was started by one person, the community has kept it going.

The next speaker I listened to was Wim Godden who spoke about deploying software at both small and large scales and automating the processes behind it as much as possible. He showed a real-world example of deploying software to rental lockers for a Belgium based company. They used a tool called Ansible to remotely connect to each computer and run tasks for setting up the computer, installing software, and running the company’s software that operates the lockers. This talk felt especially relevant to the Short Courses Platform I am currently working on, since we are also using Ansible to deploy the website onto multiple servers and update it when required.

After a quick break and discussion about the talks we’d listened to, I attended a talk about how large codebases can be compared to onions from Katy Ereira. She explained how large systems can be broken down into smaller, more understandable parts and comparing them to different parts of an onion to help understand their function.

Nils Adermann gave a talk on securing software supply chains. When most people add a library to their codebase, they don’t always think about the security of the library itself, and especially not the dependencies required by it. However, a dependency of a dependency of a library used for something as simple as logging messages could have a security vulnerability that affects the whole codebase. Nils talked about ways to protect against that using tools like GitHub Dependabot or Conductor, which Private Packagist is currently developing. He also revealed how many widely used and often open source libraries receive extremely little funding, which can make it difficult finding volunteers to maintain security.

Over lunch, we discussed the speakers we had listened to and spoke to other attendees of the conference.

Next was a talk from Gina Banyard about discovering edge cases in the PHP language. As a PHP core maintainer, they had an interesting perspective on how bugs are diagnosed and discussions about the expected functionality. Some examples of recently addressed bugs were demonstrated, along with how PHP now handles them.

After the final break, I attended a talk about OpenAPI from Lorna Mitchell, which discussed what the OpenAPI specification is and how it can benefit both developers and users of APIs. The specification assists developers in designing APIs and creating extensive documentation for them through a schema written in either JSON or YAML. Since it is language agnostic, it can be applied to any API.

The conference provided some interesting perspectives and ideas that I will be sharing with other colleagues and may encourage us to consider in current or future projects. Many of the talks were not just relevant to PHP, so can be applied to other projects such as the short courses platform, which already uses Ansible for deployment.

Information about all the speakers and recordings of the talks can be found on the PHPUK Conference website

PHPUK Conference 2025 / Ed Green Blog by is licensed under a