orcaqubits/php-modern
dist/cursor/magento2-commerce/skills/php-modern/SKILL.md
Write modern PHP 8.x code — typed properties, enums, readonly classes, match expressions, named arguments, union/intersection types, fibers, attributes, and constructor promotion. Use when writing PHP for Magento or any PHP 8.x project.
$ install --global
skillsauthnpx skillsauth add orcaqubits/agentic-commerce-claude-plugins php-modernInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 9, 2026, 7:02 AM311.4s1 file scanned
SKILL.md
- name:
- php-modern
- description:
- >
Modern PHP 8.x Development
Before writing code
Fetch live docs: Web-search site:php.net manual migration for the latest PHP migration guide and new features. Check https://www.php.net/releases/ for current supported versions.
PHP 8.0 Features
Constructor Property Promotion
Declare and assign properties directly in the constructor signature — eliminates boilerplate. Heavily used in Magento service classes.
Named Arguments
Call functions with parameter names: array_slice(array: $arr, offset: 2). Improves readability for functions with many parameters.
Match Expressions
Type-safe switch replacement that returns a value. No fall-through, strict comparison. Better than switch for value mapping.
Union Types
int|string in parameter and return types. Allows multiple type declarations.
Nullsafe Operator
$obj?->method()?->property — short-circuits to null if any part is null. Replaces nested null checks.
Attributes
Native metadata annotations: #[Route('/path')], #[Override]. Replace docblock annotations with first-class language support.
PHP 8.1 Features
Enums
First-class enumerations — backed (string/int) and unit enums. Perfect for status codes, types, categories. Use backed enums for database/API values.
Readonly Properties
public readonly string $name — can only be set once (usually in constructor). Enforces immutability.
Fibers
Lightweight concurrency primitives — PHP-level coroutines. Foundation for async frameworks. Limited direct usage in Magento.
Intersection Types
TypeA&TypeB — value must satisfy ALL types. Useful for ensuring a parameter implements multiple interfaces.
First-class Callable Syntax
strlen(...) creates a Closure from a function. Cleaner than Closure::fromCallable('strlen').
PHP 8.2 Features
Readonly Classes
readonly class Dto { ... } — all properties are implicitly readonly. Perfect for Data Transfer Objects and value objects.
Deprecated: Dynamic Properties
Creating properties not declared in the class is deprecated. Magento core addressed this throughout — always declare properties.
Standalone Types
true, false, null as standalone types in declarations.
Constants in Traits
Traits can now define constants.
PHP 8.3 Features
Typed Class Constants
const string NAME = 'value'; — type-safe constants. Strengthens contract enforcement.
#[\Override] Attribute
Documents that a method intentionally overrides a parent method. Compiler error if the parent method doesn't exist.
json_validate() Function
Validate JSON without decoding — faster than json_decode + error check.
Dynamic Class Constant Fetch
$class::{$constant} — dynamic constant access.
PHP 8.4 Features
Property Hooks
Define get/set behavior directly on properties:
public string $name {
set => strtolower($value);
get => ucfirst($this->name);
}
Asymmetric Visibility
public private(set) string $name — readable publicly, writable only privately.
PHP for Magento Specifically
Type Safety
- Use strict types:
declare(strict_types=1);in all files - Type all parameters, return types, and properties
- Use union types for nullable:
?stringorstring|null
Value Objects
Use readonly classes for DTOs and value objects — common in service layers.
Enums for Status Codes
Replace string/int constants with backed enums for order statuses, product types, etc.
Constructor Promotion in Magento
Magento uses constructor injection extensively — promotion reduces boilerplate significantly.
Best Practices
- Always use
declare(strict_types=1); - Type everything: parameters, returns, properties, constants
- Use readonly for immutable data
- Use enums instead of string/int constants
- Use match instead of switch for value mapping
- Use named arguments for clarity with many-parameter functions
- Use
#[\Override]when overriding parent methods - Follow PSR-12 coding style
Fetch php.net docs for exact syntax and behavior of new features before using them.
Related Skills
orcaqubits/spree-headless-storefront
development
VerifiedTrustedCommunity
Build with Spree's headless Next.js storefront — the official `spree/storefront` repo (Next.js 16 App Router with Server Actions and Turbopack, React 19 Server Components, Tailwind CSS 4, TypeScript 5, `@spree/sdk`, Sentry), server-only auth (httpOnly JWT cookies + publishable key), MeiliSearch faceted catalog, one-page checkout with Apple/Google Pay/Klarna/Affirm/SEPA, multi-region market routing, GA4 + JSON-LD SEO, and Vercel/Docker deployment. Use when forking or customizing the storefront, or evaluating headless adoption.
27SKILL.mdUpdated May 14, 2026
orcaqubits/spree-extensions
tools
VerifiedTrustedCommunity
Build Spree extensions as Rails engines — gem scaffolding, `bin/rails g spree:extension`, mounting routes/migrations/assets, the modern `prepend` decorator pattern (`*_decorator.rb` with `self.prepended(base)`), generators (`spree:model_decorator`, `spree:controller_decorator`), the four customization surfaces in preference order (Events > Webhooks > Dependencies > Decorators), Spree::Dependencies for swapping service objects, gem release/versioning, and the deprecated Deface engine. Use when building a reusable Spree extension or adding non-trivial customization to an app.
27SKILL.mdUpdated May 14, 2026
orcaqubits/spree-events-webhooks
development
VerifiedTrustedCommunity
Build with Spree's event bus and Webhooks 2.0 — `Spree::Events` publication, `Spree::Subscriber` DSL with `subscribes_to` and `on`, wildcard matching, lifecycle events (`{model}.created/.updated/.deleted` via `publishes_lifecycle_events`), the canonical event catalog (order.*, payment.*, shipment.*, product.*), Webhooks 2.0 endpoints, HMAC-SHA256 signing (`X-Spree-Webhook-Signature`), exponential-backoff retries, and Sidekiq job orchestration. Use when wiring event-driven business logic, building webhook consumers, or replacing ActiveSupport callback chains.
27SKILL.mdUpdated May 14, 2026
orcaqubits/spree-dev-patterns
tools
VerifiedTrustedCommunity
Cross-cutting Spree development patterns — the customization preference hierarchy (Events > Webhooks > Dependencies > Decorators), `Spree::Dependencies` service-object swapping, the `_decorator.rb` + `prepend` + `self.prepended` idiom, idempotent subscribers and webhook receivers, multi-store scoping discipline, prefixed IDs, calculator polymorphism (shipping/promotion/tax share the base), service-object composition with `dry-monads` or simple results, why to avoid `class_eval` reopening and Deface, and Spree-on-Rails idioms (Hotwire/Turbo Stimulus, ActiveStorage, Action Cable, Sidekiq). Use when designing the architecture of a Spree extension or solving cross-cutting concerns.
27SKILL.mdUpdated May 14, 2026