HACKER Q&A
📣 morenatron

Is this Symfony PHP project garbage?


I am working on a new codebase as a frontend developer and the backend is in Symfony PHP. I haven't worked with Symfony before but this project seems to be poorly maintained. Help me get a grasp of whether or not this is normal or total garbage.

They are using really outdated dependencies. Symfony itself is in 5.4 and they have 368 deprecations and some critical vulnerabilities. The project is 10+ years old and there are no software tests at all. Everything is manually tested.

And I did a PHPStorm Error Inspection and it found 650+ Errors, 1,4k warnings and 140k+ weak warnings. 520 Errors are because of "Undefined symbols" though

The project seems to be poorly maintained to me and there are runtime errors and downtimes but the backend team always accuses the hosting service for the downtimes.

is this normal or not, that is the question


  👤 turtleyacht Accepted Answer ✓
It's sort of normal. Legacy software can be (re)defined as "what runs in production." It generates revenue but has accreted significant tech debt.

Not saying normal isn't dysfunctional--no tests at all is a little insane. At the same time, it enabled the business.

With better tooling now, of course some issues are more obvious. Maybe the codebase has its own patterns or way of doing things; some fixes might be more risky than others.


👤 RadixDLT
you should upgrade to symfony 6.4, which is the long term release

you can still use 5.4 up until 2026, but you need to update your packages

https://symfony.com/releases

this will show you how to upgrade: https://symfony.com/doc/6.4/setup/unstable_versions.html


👤 RadixDLT
the errors are most likely coming from the custom code, you might need to update those yourself

👤 brudgers
What is the business case for your time focused on the quality of Symfony? Assuming it is total garbage is not unreasonable as dealing with total garbage is a reasonable reason to pay you for working with Symfony.

The engineering question is "Is Symfony good enough?" There are money and staffing and personalities that go into the answer. For example insuring against security problems might easily be cheaper than the costs and risks of pursuing alternatives.

The ability to work in such contexts is why senior staff are senior staff. Good luck.