A cross-site scripting (XSS) vulnerability was found in the PHP League's CommonMark library (
league/commonmark) versions 0.15.6 through 0.18.x before 0.18.1. It allows remote attackers to insert unsafe URLs into
<a> tags (even if
false) by adding an encoded newline character in the middle (e.g., writing
I'm pleased to share that my PHP 7 Upgrade Guide ebook has been featured in the Ultimate Programmer Super Stack bundle! This is a hand-curated collection of 25+ premium ecourses, bestselling ebooks, and bonus resources that will help new programmers:
This month I released updates for a few of my open-source projects including league/commonmark, league/html-to-markdown, and colinodell/json5.
Prevent Composer from updating your Symfony components to unsupported versions with the
Have you ever botched a deployment and taken a site offline? I have—more times then I’d like to admit. What if we could completely automate the deployment process, make it lightning fast, remove most of the risk, and do it all without custom bash scripts? Better yet, what if we could use the same deployment process locally or trigger it via CI?
Releasing open-source libraries involves much more than sharing your GitHub URL with the world. There are many considerations and steps involved, especially if you want your project to be successful and long-lived.
After using phpbrew to manage my local PHP versions for a while, I got tired of re-compiling PHP after every release and decided to install multiple PHP versions side-by-side with Ondřej Surý's PPA. One of the features I missed from
phpbrew was the ability to run a command like
phpbrew use php-7.2.8 to automatically change the
php command to that version, so I ended up implementing this feature myself using symlinks and shell aliases.
Web Developers Central NJ Meetup
Software bugs are inevitable; some are especially difficult to track down, causing you to waste countless hours before throwing your hands up in defeat. It doesn't have to be this way! The mental fatigue and wasted time can be avoided by using strategies like identifying the most-appropriate tool, taking a logical & objective approach, challenging assumptions, listening to variables, isolating the code path, and reinforcing code with automated tests.
I recently upgraded my system from Ubuntu 16.04 with Unity to Ubuntu 17.10 with Gnome Shell 3. One of the "features" I found annoying was that my IDE PhpStorm was not popping to the front and receiving focus whenever breakpoints were hit. I eventually figured out a solution and wanted to document it in case others were also searching for a solution.
I first confirmed that "Focus application on breakpoint" was indeed enabled in my settings: