SymfonyLive Paris 2025: key developments and future perspectives for the Symfony framework

Beyond the commemorations, this edition showcased an ecosystem more vibrant, mature, and innovative than ever before. Let’s look back at two days full of insights, technical reflections, and exciting perspectives.

An inspiring keynote: experimenting, simplifying and preparing Symphony framework's future

Right from the start, the much-anticipated keynote by Symfony framework creator Fabien Potencier set the tone. It wasn’t just about reflecting on two decades of evolution, but about stress-testing today’s developer experience through real-world experiments — to expose limits and define future improvements.

Titled “Symfony : 20 years of evolution towards simplicity”, his talk traced the framework’s developer experience journey from its 2014 foundations to today.

Basing his approach on the principle:

Community > DX > Doc > Code

Fabien showcased two experimental projects, each challenging the framework’s foundations through minimalism or configuration freedom:

• Symfony Hello explores whether a fully functional (HTTP and CLI) Symfony app can be condensed into a single PHP file — while still retaining the power and extensibility of the framework. Although not intended for production, the project demonstrates that Symfony framework can be radically simplified, making it ideal for learning or demos.
• Symfony Solo, aims to show that one can bypass Symfony Flex — and its conventions — while still leveraging all of Symfony’s features. It's particularly suitable for personal projects, POCs, or cases requiring a more lightweight, free-form architecture.

Though experimental, these efforts shine a light on Symfony framework’s adaptability across diverse use cases without betraying its core philosophy. They also lay the groundwork for a broader discussion about the framework’s future: more modular, more progressive, more accessible.

Fabien concluded with a thought-provoking comment on the growing role of LLMs (Large Language Models) in development assistance — comparing them to “interns you can overwork without guilt.” He reminded the audience that these models are fuelled by the community’s contributions — documentation, GitHub issues, pull requests — reinforcing the idea that the community remains the living heart of Symfony’s evolution.

Symfony Mapper: towards explicit and typed object mapping

In his presentation, Antoine Bluchet (Lead Developer – Les Tilleuls) revisited the numerous reflections — initiated as early as 2015 by the community — around object mapping management within the Symfony framework. From these successive ideas has now emerged a dedicated component, currently being integrated into the framework: Symfony Mapper.

The objective is clear: to provide a reliable, explicit, and typed mechanism to perform object mapping, whether it involves DTOs, entities, or other business representations. The aim is to move away from implicit, sometimes repurposed approaches (such as the use of the Serializer or PropertyAccess), in favour of code that is more readable, testable, and predictable.

This component embodies a coherent evolution in the Symfony framework’s trajectory: less magic, more clarity. It should therefore make maintenance easier, improve code robustness, and contribute to a better separation of responsibilities within the application layers.

Finally, it is worth noting that its integration into API Platform is already underway, reflecting a desire for greater coherence and enhanced readability across the ecosystem.

Modern authentication: the era of passkeys and webauthn integration in Symphony framework

During his talk, Rémi Janot (CTO – Vasco) delivered a presentation that was both structured and enlightening on the evolution of web authentication mechanisms, and on the concrete implementation of passkeys in a Symfony application.

His presentation began with a progressive historical overview, initially focused on the password — a central authentication mechanism now widely called into question. He outlined its structural limitations and the main attack vectors: password reuse, phishing, interception, brute-force attacks, and the exfiltration of compromised databases.

In response to these threats, the ecosystem has seen the emergence of strengthening mechanisms such as two-factor authentication (2FA) and multi-factor authentication (MFA). While these have helped to improve access security, they remain burdensome for users and do not completely eliminate human-related risks.

It is within this evolutionary context that passkey technology has emerged, backed by major web players (Apple, Google, Microsoft) and based on the WebAuthn specification — a standardised JavaScript API designed to enable strong, passwordless authentication using cryptographic keys that are generated and stored locally. These keys can be protected by a biometric factor, making authentication both smoother for the user and much more difficult to compromise.

Rémi then presented a concrete implementation within the Symfony framework, relying on existing components, particularly the Security component. He demonstrated how to integrate WebAuthn into an application: from registering a passkey on the user’s side to validating it during authentication — all while strictly adhering to established standards.

This talk helped to demystify a technology sometimes perceived as complex, while showing that it is now fully accessible to Symfony developers. It also highlighted the strategic importance of this transition: towards a passwordless web that is more secure, more modern, and more seamless for end users.

API Platform 4: a redesigned architecture for clarity and modularity

Mathias Arlaud (Co-founder – COO, baksla.sh) gave an overview of the evolution of API Platform, from its early days to the recently released version 4. By retracing the key stages of this progression, he illustrated how the project — initially conceived as a layer to simplify REST API creation — has gradually evolved into a true pillar of the PHP ecosystem, now adopted in both Symfony and Laravel projects.

At the core of this new version, several structural choices reflect a clear architectural maturation, in line with directions mentioned in other SymfonyLive talks, notably those by Antoine Bluchet and Jérôme Vieilledent.

One of the major changes lies in the systematic promotion of DTOs as exposed objects, replacing the direct exposure of Doctrine entities. This clear separation allows:

• a clean decoupling of the persistence model from its API representation, avoiding conflicts between business logic and exposure constraints;
• the replacement of complex and sometimes unmanageable serialization groups with more explicit and maintainable structures;
• the possibility to offer multiple views of the same business object, without falling into the proliferation of normalizers or implicit configurations.

This approach, already adopted in many production projects, anticipates greater coherence between application layers. The upcoming arrival of the Mapper component is expected to eliminate the need to write custom providers and processors, thereby reducing friction between business structure and API layer.

Delivered by an experienced and passionate speaker, the talk confirmed that API Platform 4 represents a decisive step towards a more explicit, modular, and sustainable data exposure, aligned with modern web development standards.

Case study: business flexibility and application security

Florian Bogey (Lead Developer – GL events) presented a case study focused on the challenges encountered in the context of a white-label application, where each client has features that can be activated on demand and a tailored functional scope.

In this type of architecture, standard roles (ROLE_ADMIN, ROLE_USER, etc.) quickly become insufficient to meet business needs. The team therefore combined several approaches:

• A clear structure of roles and permissions, enhanced with Voters capable of making dynamic decisions based on the context (client, user, application state).
• The implementation of advanced feature flipping, relying on a flag-type library: features are enabled or disabled depending on the client or environment, and injected during the application bootstrap via a “brand” identifier.
• A clear separation between permissions, functional scope, and visibility, avoiding duplicated business logic and deeply nested if/else conditions.

This setup allows a single codebase to be maintained, while ensuring differentiated behaviour per client. The talk highlighted the necessary trade-offs between security, personalisation, and maintainability within a well-managed Symfony environment.

Asynchronous processing and reak-time notification

In a structured technical demonstration, Grégoire Pineau (Core Contributor & DevOps – Jolicode) showed how to combine Symfony Messenger and Mercure to perform heavy background processing while delivering smooth feedback to the end user.

Using a common example — importing CSV files — he first highlighted the limitations of synchronous processing: increased server load, degraded user experience, and uncontrolled response times.

He then detailed a solution based on:

• Messenger, to process the file asynchronously in a message queue, delegating the task to a worker.
• Mercure, to send a real-time notification to the user (via SSE – Server-Sent Event) when the processing is complete, without requiring client-side polling.

The demonstration clearly illustrated a standardisable pattern in modern applications: decoupling the frontend from the business logic while maintaining a reactive interface. This approach is especially suitable for applications where certain business operations are lengthy or resource-intensive, such as report generation, document conversion, or large-scale import/export.

An alternative approach to traditional front-end

Damien Alexandre (Co-founder – Jolicode) delivered a presentation focused on HTMX, a minimalist JavaScript library that introduces interactivity into web applications without the need for a heavy front-end framework. His goal: to demonstrate that it is possible to build dynamic, reactive, and modern interfaces while maintaining a traditional backend architecture based on the Symfony framework and Twig.

The talk opened with a perspective on the “SPA syndrome”: the systematic adoption of frameworks like React or Vue for any interactive need — at the cost of increased complexity, long build cycles, more expensive maintenance, and duplicated logic between frontend and backend. In response, Damien proposed a more lightweight approach: restoring HTML as the primary rendering and interaction layer with the server.

With HTMX, any HTML element can become interactive via attributes (hx-get, hx-post, hx-target, etc.), allowing, for example:

• to send an Ajax request in response to a user action;
• to dynamically insert an HTML fragment returned by the server;
• to update a page section without a full reload.

Damien illustrated this approach with several concrete examples:

• interactive forms (cascading field updates, partial validation, live previews);
• dynamic pagination or sorting, implemented without writing custom JavaScript;
• Twig components that can be rendered on-demand via HTTP calls, easily integrated into existing workflows.

He also highlighted several secondary benefits of this approach:

• a significant reduction in JavaScript bundle size;
• SEO compatibility and support for older browsers;
• smooth integration with existing Symfony ecosystem tools (UX, Twig, Turbo, Live Components).

The goal isn’t to completely eliminate JavaScript, but to adopt a progressive strategy, reserving advanced front-end tools for cases where they’re truly necessary. A pragmatic approach aimed at teams wishing to restore simplicity in their front layer — without compromising the user experience.

FrankenPHP: a new foundation for running PHP applications

In his talk, Kévin Dunglas (CEO – Les Tilleuls) revisited the foundations of FrankenPHP, a modern application server written in Go, designed to offer an efficient alternative to PHP-FPM while introducing advanced features previously unseen in the PHP ecosystem.

After highlighting the strengths of the Symfony framework in production — notably its precompiled cache system (var/cache), which optimises the startup of the service container, router, and template engine — he pointed out the limitations of this approach in development environments. Each time a source file (controller, configuration, template...) is modified, part of the cache must be regenerated, which can slow down development cycles and degrade the developer experience.

This is precisely where FrankenPHP provides a significant improvement. Among its key features:

• Worker mode, which avoids the complete restart of the PHP engine between requests, thereby retaining part of the application state in memory (autoload, compiled cache, etc.);
• Native support for hot reload, via a system of watchers that monitor project files and automatically trigger cache rebuilding or a worker restart if needed..

Combined, these two features enable near-instant response times to changes, reducing the perceived latency between a developer’s action and the resulting effect in the browser.

FrankenPHP is not limited to development environments: its compatibility with modern standards (HTTP/3, Brotli compression, native TLS…), its ability to run Laravel or Symfony applications without complex configuration, and its support for long-running processes make it a viable production solution — already adopted by several hosting providers such as Scalingo and Clever Cloud.

This presentation highlighted a frequently overlooked concern in projects: performance and comfort during development. In this respect, FrankenPHP positions itself as both a productivity booster and an optimisation tool, and could very well redefine the way PHP applications are executed in the years to come.

Conclusion: a mature and ever-evolving ecosystem

SymfonyLive Paris 2025 offered a clear snapshot of an ecosystem that is both solid and in motion. Far from resting on its laurels, the community continues to evolve its tools and practices, with particular attention paid to readability, modularity, and the quality of the developer experience.

The topics covered — whether the Symfony Mapper component, API Platform 4’s new developments, the thoughtful use of HTMX, or the new perspectives introduced by FrankenPHP — all reflect a shared ambition: to adapt the Symfony framework to today’s realities without breaking away from its core principles.

What stands out above all is a coherent and collective approach, shaped by real-world feedback, concrete experiments, and a well-established culture of technical knowledge sharing.

At SQLI, we leave this edition with new tools to explore, ideas to test, and a renewed motivation to continue making web development a profession that is demanding, structured, and truly inspiring.

Noura Abdelkader, Expert Lead – Development and Technical Expertise
Michael Thieulin, Technical Expert