A cross-site scripting (XSS) vulnerability was found in the PHP League's CommonMark library (
league/commonmark) versions 0.15.6 through 0.18.x before 0.18.1. It allows remote attackers to insert unsafe URLs into
<a> tags (even if
false) by adding an encoded newline character in the middle (e.g., writing
I'm pleased to share that my PHP 7 Upgrade Guide ebook has been featured in the Ultimate Programmer Super Stack bundle! This is a hand-curated collection of 25+ premium ecourses, bestselling ebooks, and bonus resources that will help new programmers:
This month I released updates for a few of my open-source projects including league/commonmark, league/html-to-markdown, and colinodell/json5.
Prevent Composer from updating your Symfony components to unsupported versions with the
After using phpbrew to manage my local PHP versions for a while, I got tired of re-compiling PHP after every release and decided to install multiple PHP versions side-by-side with Ondřej Surý's PPA. One of the features I missed from
phpbrew was the ability to run a command like
phpbrew use php-7.2.8 to automatically change the
php command to that version, so I ended up implementing this feature myself using symlinks and shell aliases.
As you may know, Git is not a single application, but rather a toolkit containing many small programs and scripts that can manipulate the repository. This makes it trivial to chain those components into more-powerful, custom commands which can be defined as git aliases.
Here are some of the more-useful aliases I use on a daily basis:
I recently upgraded my system from Ubuntu 16.04 with Unity to Ubuntu 17.10 with Gnome Shell 3. One of the "features" I found annoying was that my IDE PhpStorm was not popping to the front and receiving focus whenever breakpoints were hit. I eventually figured out a solution and wanted to document it in case others were also searching for a solution.
I first confirmed that "Focus application on breakpoint" was indeed enabled in my settings:
Back in November I released colinodell/json5 - a JSON5 parser for PHP. It's essentially a drop-in replacement for PHP's
json_decode() function, but it allows things like comments, trailing commas, and more.
Fast forward to this weekend when I received the following bug report from a user named Antonio: