Jeśli jesteś właścicielem tej strony, możesz wyłączyć reklamę poniżej zmieniając pakiet na PRO lub VIP w panelu naszego hostingu już od 4zł!

Archive for Październik, 2016

Paragon Initiative: Guide to Automatic Security Updates For PHP Developers

Paragon Initiative: Guide to Automatic Security Updates For PHP Developers

On the Paragon Initiative blog they’ve posted a guide to handling automatic security updates for PHP developers, helping to prevent security-related issues by keeping your libraries up to date.

Most of the software security vulnerabilities known to man are preventable by careful development practices. [...] However, even if you’re trying to do everything right, eventually we all make mistakes and ship exploitable software.

[...] By making updates manual rather than automatic, you’re forcing your customers to take all the responsibility for making sure that your mistakes don’t hurt their business. Only a very small minority of your customers might prefer the responsibility of verifying and applying each update themselves. [...] Automatic security updates reduce the interval between points 2 and 3 from possibly infinite to nearly zero. That’s clearly a meaningful improvement over manual patch management.

The post then walks through the aspects of a secure automatic update system that includes offline cryptographic signatures, transport layer security and separation of privileges (who will perform the actual update). The author gets into a bit of detail for each item on the list, explaining how the system should be set up and some tools you can use to start working up the process in your own applications.

Source: http://www.phpdeveloper.org/news/24538

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Paragon Initiative: Guide to Automatic Security Updates For PHP Developers

Paragon Initiative: Guide to Automatic Security Updates For PHP Developers

On the Paragon Initiative blog they’ve posted a guide to handling automatic security updates for PHP developers, helping to prevent security-related issues by keeping your libraries up to date.

Most of the software security vulnerabilities known to man are preventable by careful development practices. [...] However, even if you’re trying to do everything right, eventually we all make mistakes and ship exploitable software.

[...] By making updates manual rather than automatic, you’re forcing your customers to take all the responsibility for making sure that your mistakes don’t hurt their business. Only a very small minority of your customers might prefer the responsibility of verifying and applying each update themselves. [...] Automatic security updates reduce the interval between points 2 and 3 from possibly infinite to nearly zero. That’s clearly a meaningful improvement over manual patch management.

The post then walks through the aspects of a secure automatic update system that includes offline cryptographic signatures, transport layer security and separation of privileges (who will perform the actual update). The author gets into a bit of detail for each item on the list, explaining how the system should be set up and some tools you can use to start working up the process in your own applications.

Source: http://www.phpdeveloper.org/news/24538

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

SitePoint PHP Blog: Is It Possible to Write and Run PHP Code on an iPad?

SitePoint PHP Blog: Is It Possible to Write and Run PHP Code on an iPad?

In this new tutorial from the SitePoint PHP blog Christopher Pitt once again takes on an unconventional question around the use of PHP: "is it possible to write/run PHP code on an iPad?"

I love the iPad. It’s a fantastic form factor for media consumption and gaming; and it also works well as an e-reader. The trouble is I don’t use it nearly as much as I could. Most of the time I’m consuming media (Netflix, Twitch, YouTube), I’m coding in parallel.

I can do that on my MacBook, but I’ve never been able to do that until now. [...] Today I’m going to show you how I code on an iPad. I won’t pretend it’s a perfect workflow (what workflow is?), but this is as exciting for me as the first time I used a laptop instead of a desktop.

He briefly covers some of the hardware you’ll need to get started including a good keyboard you’re comfortable with and a way to hook it up (either Bluetooth or manually via USB). He then gets into the software and mentions DraftCode and WorkingCopy as his tools of choice. He then helps you get started writing your first PHP script, using SQLite in-memory and using Working Copy to pull the latest code from your external source. Now that you’re comfortable with the setup, he shows you how to install a Laravel application and the changes you’ll need to make to get it up and running. Finally he shows the push of the code the remote source, updating the repository with these latest changes.

Source: http://www.phpdeveloper.org/news/24537

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

SitePoint PHP Blog: Is It Possible to Write and Run PHP Code on an iPad?

SitePoint PHP Blog: Is It Possible to Write and Run PHP Code on an iPad?

In this new tutorial from the SitePoint PHP blog Christopher Pitt once again takes on an unconventional question around the use of PHP: "is it possible to write/run PHP code on an iPad?"

I love the iPad. It’s a fantastic form factor for media consumption and gaming; and it also works well as an e-reader. The trouble is I don’t use it nearly as much as I could. Most of the time I’m consuming media (Netflix, Twitch, YouTube), I’m coding in parallel.

I can do that on my MacBook, but I’ve never been able to do that until now. [...] Today I’m going to show you how I code on an iPad. I won’t pretend it’s a perfect workflow (what workflow is?), but this is as exciting for me as the first time I used a laptop instead of a desktop.

He briefly covers some of the hardware you’ll need to get started including a good keyboard you’re comfortable with and a way to hook it up (either Bluetooth or manually via USB). He then gets into the software and mentions DraftCode and WorkingCopy as his tools of choice. He then helps you get started writing your first PHP script, using SQLite in-memory and using Working Copy to pull the latest code from your external source. Now that you’re comfortable with the setup, he shows you how to install a Laravel application and the changes you’ll need to make to get it up and running. Finally he shows the push of the code the remote source, updating the repository with these latest changes.

Source: http://www.phpdeveloper.org/news/24537

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Voices of the ElePHPant: Interview with Larry Garfield (#2)

Voices of the ElePHPant: Interview with Larry Garfield (#2)

The Voices of the ElePHPant has posted their latest interview with a member of the PHP community. In this latest show host Cal Evans interviews Larry Garfield, a well-known developer and member of the Drupal community.

Cal and Larry talk about Larry’s work on the PHP-FIG overhaul (PHP-FIG v3), how it changes the structure of the group and how it effects its members. He talks about the "member projects", the "core community" and what’s changing in the workflow related to these two groups. He also explains the new workflows the group’s work will follow and the move of the group to include a wider focus on the entire PHP community ecosystem. They also talk about Larry’s work at Platform.sh and what kind of services they offer.

You can listen to this latest episode either through the in-page audio player or by downloading the mp3 of the show directly. If you enjoy the interview, be sure to subscribe to their feed and follow them on Twiiter when new episodes are released.

Source: http://www.phpdeveloper.org/news/24536

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Voices of the ElePHPant: Interview with Larry Garfield (#2)

Voices of the ElePHPant: Interview with Larry Garfield (#2)

The Voices of the ElePHPant has posted their latest interview with a member of the PHP community. In this latest show host Cal Evans interviews Larry Garfield, a well-known developer and member of the Drupal community.

Cal and Larry talk about Larry’s work on the PHP-FIG overhaul (PHP-FIG v3), how it changes the structure of the group and how it effects its members. He talks about the "member projects", the "core community" and what’s changing in the workflow related to these two groups. He also explains the new workflows the group’s work will follow and the move of the group to include a wider focus on the entire PHP community ecosystem. They also talk about Larry’s work at Platform.sh and what kind of services they offer.

You can listen to this latest episode either through the in-page audio player or by downloading the mp3 of the show directly. If you enjoy the interview, be sure to subscribe to their feed and follow them on Twiiter when new episodes are released.

Source: http://www.phpdeveloper.org/news/24536

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Voices of the ElePHPant: Interview with Larry Garfield (#2)

Voices of the ElePHPant: Interview with Larry Garfield (#2)

The Voices of the ElePHPant has posted their latest interview with a member of the PHP community. In this latest show host Cal Evans interviews Larry Garfield, a well-known developer and member of the Drupal community.

Cal and Larry talk about Larry’s work on the PHP-FIG overhaul (PHP-FIG v3), how it changes the structure of the group and how it effects its members. He talks about the "member projects", the "core community" and what’s changing in the workflow related to these two groups. He also explains the new workflows the group’s work will follow and the move of the group to include a wider focus on the entire PHP community ecosystem. They also talk about Larry’s work at Platform.sh and what kind of services they offer.

You can listen to this latest episode either through the in-page audio player or by downloading the mp3 of the show directly. If you enjoy the interview, be sure to subscribe to their feed and follow them on Twiiter when new episodes are released.

Source: http://www.phpdeveloper.org/news/24536

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Voices of the ElePHPant: Interview with Larry Garfield (#2)

Voices of the ElePHPant: Interview with Larry Garfield (#2)

The Voices of the ElePHPant has posted their latest interview with a member of the PHP community. In this latest show host Cal Evans interviews Larry Garfield, a well-known developer and member of the Drupal community.

Cal and Larry talk about Larry’s work on the PHP-FIG overhaul (PHP-FIG v3), how it changes the structure of the group and how it effects its members. He talks about the "member projects", the "core community" and what’s changing in the workflow related to these two groups. He also explains the new workflows the group’s work will follow and the move of the group to include a wider focus on the entire PHP community ecosystem. They also talk about Larry’s work at Platform.sh and what kind of services they offer.

You can listen to this latest episode either through the in-page audio player or by downloading the mp3 of the show directly. If you enjoy the interview, be sure to subscribe to their feed and follow them on Twiiter when new episodes are released.

Source: http://www.phpdeveloper.org/news/24536

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Matthew Weier O’Phinney: Automating PHPUnit with Node

Matthew Weier O’Phinney: Automating PHPUnit with Node

Matthew Weier O’Phinney has a new post to his site today showing you how you can automate PHPUnit runs while doing local development with the help of a little Node.

I’ve been trying to automate everything this year. When working on OSS, this is usually as simple as setting up Travis CI; in some cases, even that becomes a little more involved, but remains possible.

But that’s continuous integration. What about continuous development? With continuous integration, every time I push to a branch associated with a pull request or on the origin repository, a build is triggered. [...] Ideally, I should also be testing locally. [...] I’d like to automate running these as part of my development process. I want continuous development cycles.

He then walks you through the automation setup he’s devised for his own local development, adding a few lines to his Composer configuration for scripts to run when "composer check" is called. This is where Node comes in: he uses Gulp (and a few dependencies) to watch the filesystem for changes. With that setup configured and working, he can then just run "gulp" and a Node process executes and watches for those changes. When an update is discovered, "composer check" is executed and a system notification is fired if an error pops up. He’s also created a package you can use to set this all up a bit simpler, only requiring a single command to execute.

Source: http://www.phpdeveloper.org/news/24535

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Matthew Weier O’Phinney: Automating PHPUnit with Node

Matthew Weier O’Phinney: Automating PHPUnit with Node

Matthew Weier O’Phinney has a new post to his site today showing you how you can automate PHPUnit runs while doing local development with the help of a little Node.

I’ve been trying to automate everything this year. When working on OSS, this is usually as simple as setting up Travis CI; in some cases, even that becomes a little more involved, but remains possible.

But that’s continuous integration. What about continuous development? With continuous integration, every time I push to a branch associated with a pull request or on the origin repository, a build is triggered. [...] Ideally, I should also be testing locally. [...] I’d like to automate running these as part of my development process. I want continuous development cycles.

He then walks you through the automation setup he’s devised for his own local development, adding a few lines to his Composer configuration for scripts to run when "composer check" is called. This is where Node comes in: he uses Gulp (and a few dependencies) to watch the filesystem for changes. With that setup configured and working, he can then just run "gulp" and a Node process executes and watches for those changes. When an update is discovered, "composer check" is executed and a system notification is fired if an error pops up. He’s also created a package you can use to set this all up a bit simpler, only requiring a single command to execute.

Source: http://www.phpdeveloper.org/news/24535

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>