* Add GitHub Releases modal to backoffice
Shows release notes (fetched from the GitHub API, cached for an hour,
Markdown rendered via league/commonmark) from a top-right nav button
available whether logged in or out, with the current version shown in
the modal header. Also clears cache.app on container start so the
release cache can't carry stale data across redeploys of the
var/ Docker volume.
* Render release notes markdown via twig/markdown-extra instead of manual CommonMark
twig/extra-bundle already wires the markdown filter to league/commonmark
automatically once twig/markdown-extra is installed, so the service no
longer needs to instantiate and call CommonMarkConverter itself.
* Explicitly disallow unsafe link protocols in rendered markdown
twig/extra-bundle's default (allow_unsafe_links: true) permits
javascript:/vbscript:/file:/data: URLs in rendered links, kept for
backwards compatibility. Disable it explicitly since we now render
release note markdown through this filter.
* Autolink bare URLs in rendered release notes
The Twig CommonMark converter only registers CommonMarkCoreExtension by
default, which doesn't turn bare URLs into clickable links (unlike
GitHub's own renderer). Register CommonMark's AutolinkExtension via the
twig.markdown.league_extension tag so PR/compare URLs in release notes
render as actual hyperlinks instead of plain text.
* Address review feedback on GitHubReleasesService and tests
- Extract the cache callback into a named fetchReleases() method instead
of an inline closure with all the fetch/parse logic.
- Simplify the User-Agent header to just "TijdVoorDeTest".
- Add a 5s HTTP timeout so a slow GitHub API can't block the request.
- Cache HTTP failures for only 60s instead of the full hour, so a brief
GitHub outage doesn't suppress releases for as long.
- Replace deprecated word-wrap with overflow-wrap in release-notes CSS.
- Extract duplicated mock setup in ReleasesControllerTest into a helper.
- Reword the "could not load" translation ("Kan" instead of "Kon").
* Address second round of CodeRabbit feedback
- Escape raw HTML embedded in release-note markdown instead of passing
it through, via twig_extra.commonmark.html_input: escape.
- Don't cache GitHub API failures at all (set $save = false in the
cache callback) instead of caching them for a short TTL, so the very
next request retries immediately.
- Sort releases by published_at descending before mapping, so the
first entry (used for the current-version badge and default-expanded
accordion item) is guaranteed to be the newest regardless of the
order GitHub's API happens to return.
Tijd voor de test
PHP/Symfony application for WIDM-style quiz management. Built with FrankenPHP, PostgreSQL, and Docker.
Disclaimer: This is an unofficial, non-commercial, open-source fan project. It is not affiliated with, endorsed by, or associated with Wie is de Mol? (produced by IDTV, broadcast by AVROTROS/NPO) or De Mol (produced by Woestijnvis, broadcast by Play/De Vijver Media). Wie is de Mol? and De Mol are trademarks of their respective rights holders. No copyright infringement is intended.
Requirements
- Docker
- Just (
brew install just)
Local development
just up # Start PHP + PostgreSQL containers
just migrate # Run pending database migrations
just fixtures # Load dev fixtures (truncates first)
just up first runs just init, which generates a .env.local (gitignored)
with a unique COMPOSE_PROJECT_NAME, image tag and free host ports for this
checkout, so multiple worktrees/clones can run at the same time without their
containers, volumes, images or ports colliding. Run just ports to see the
ports assigned to the current checkout — the app is served at
https://localhost:<HTTPS_PORT> (self-signed cert — run just trust-cert on
macOS to trust it).
Useful commands
just shell # Shell inside the running PHP container
just shell-run # Shell in a fresh one-off container
just stop # Stop containers (keep volumes)
just down # Stop and remove containers
just clean # Nuclear: remove containers + volumes + generated files
just exec <cmd> # Run any command inside the PHP container
Environment
Copy .env and override locally via .env.local (not committed):
| Variable | Description |
|---|---|
APP_SECRET |
Symfony app secret |
DATABASE_URL |
PostgreSQL DSN (auto-set in Docker) |
SENTRY_DSN |
Sentry error tracking |
DEFAULT_URI |
Base URL for CLI-generated links |
Testing
just test # Full PHPUnit suite
just test tests/Path/To/TestFile.php # Single file
just test --coverage-html var/coverage # HTML coverage report
just reload-tests # Drop/recreate test DB + migrate + test fixtures
Tests use a separate database configured via .env.test. The DAMA
Doctrine bundle wraps each test in a transaction that is rolled back after.
just reload-tests loads the --group=test fixtures; just fixtures
loads the dev group and is unrelated to the test database.
Code quality
All checks run in CI and must pass before merging.
just fix-cs # Auto-fix PHP-CS-Fixer + Twig-CS-Fixer
just phpstan # PHPStan static analysis (level 8)
just rector # Apply Rector modernizations
just rector --dry-run # Preview Rector changes without applying
Database
just migrate # Run pending migrations
just fixtures # Load dev fixtures
bin/console make:migration # Generate a new migration (inside container)
Migrations live in migrations/ (namespace DoctrineMigrations). Test
fixtures are in src/DataFixtures/ loaded with --group=test.
Translations
just translations # Extract/update nl translation strings into translations/
Contributing
- Create a branch from
main— use a prefix likefeat/,fix/, ordocs/. - Open a pull request; CI must pass before merging.
- Install the pre-commit hook (see below) to catch issues before pushing.
Pre-commit hook
A pre-commit hook lives in .githooks/pre-commit. Install it once after cloning:
just install-hooks
On every commit it runs automatically, only on staged files:
| Staged file type | Tools run |
|---|---|
.php |
Rector → PHP-CS-Fixer (auto-fix + re-stage), then PHPStan (blocks on errors) |
.twig |
Twig-CS-Fixer (auto-fix + re-stage) |
| Other (docs, config, …) | Nothing — commit proceeds immediately |
If the PHP container is not running, the hook falls back to
docker compose run --rm so checks still execute. PHPUnit is not
run in the hook; CI covers that.
Deployment
Docker images are published to ghcr.io/marijndoeve/tijdvoordetest
for each tagged release.
First-time setup
- Copy
compose.yamlandcompose.prod.yamlto your server. - Create a
.env.prod.localfile with the required variables (see below). - Start the stack — migrations run automatically on container start:
IMAGE_TAG=latest docker compose -f compose.yaml -f compose.prod.yaml up -d
Updating to a new version
IMAGE_TAG=<tag> docker compose -f compose.yaml -f compose.prod.yaml pull
IMAGE_TAG=<tag> docker compose -f compose.yaml -f compose.prod.yaml up -d
Required environment variables
| Variable | Description |
|---|---|
IMAGE_TAG |
Image tag to run (e.g. 1.2.3 or latest) |
APP_SECRET |
Random secret string for Symfony |
CADDY_MERCURE_JWT_SECRET |
JWT secret for the Mercure hub |
POSTGRES_PASSWORD |
PostgreSQL password |
MAILER_DSN |
Mailer transport DSN |
MAILER_SENDER |
From address for emails |
SENTRY_DSN |
Sentry project DSN (optional) |
The compose.prod.yaml configures Traefik labels for TLS termination at
tijdvoordetest.nl. Adjust the traefik labels in that file if you're
hosting on a different domain or using a different reverse proxy.