NoSQL injection attacks are in fact a real thing, and PHP is especially prone to them due to the way you can pass arrays in your query string. The defence against these is to turn off JavaScript execution on your Mongo server (or if you really need it, to never send user-generated data to it), and to check every field of user input to make sure it is a string (or other primitive if passed in as a JSON blob) and not an array.
I really enjoyed a talk about information architecture called Beyond the Polar Bear by Mike Atherton. It’s a great introduction to the subject as Mike discusses the mammoth task of reorganising the BBC’s web presence, and the impossibility of generating simple, canonical, user-readable URLs for every piece of content when working at that scale. And you’ll also learn what a polar bear and a barn owl have in common.
Composer 2.0 was released in October last year and it’s waaaaay faster than its predecessor. I’ve been installing a few projects recently and it’s so nice not to be twiddling my thumbs for too long while my packages are downloaded. I’m also surprised to see that the Symfony install time is way faster than Laravel, which I’ve always considered less “enterprisy”.