Directory of RSS feeds
Statistics

RSS feeds in the directory: 2798

Added today: 0

Added yesterday: 0

Hi-Tech / Internet

RMCreative.ru Blog

News and ideas of the web-design

Found 45 items

How well tested is your code? 100% code coverage does not guarantee that a properly verified all the cases. This metric only shows that when you run the tests run the whole code. fortunately, there are invented in the seventies, the way to find out how good the tests. It's called "mutation testing". the Idea is: Take the code and tests for it. Leave the test as is, but slightly change the code. For example, the model in one condition && to ||. This change is called mutation, and the resulting code mutant. If the tests with changed code are fell, then the condition is tested true. The mutant is "killed". If passed, the tests, though, and cover them 100%, "mutant ran away." Ideally, the test should kill all the mutants. the quality of the test or MSI...

Last year in the package cebe/markdown, markdown translated to HTML, opened a ticket that processing skips XSS. I thought the isolated case of misunderstanding, but no. It turned out that more and CVE started, so just in case: Markdown is not required to be safe. The idea is it allowed to use HTML, which automatically means that there is also XSS can shove. If you use markdown for user input, don't forget to run the output of a sanitizer, like HTML Purifier. Config for it in the event cebe/markdown can be.

Holes in Wordpress find often, and update it lazily. Fortunately, automating updates is easy enough. Set WP-CLI to run as wp. Create a small shell script update_wordpress.sh: cd /var/www/put_do_wordpress/www/ sudo -u www-data wp core update sudo -u www-data wp theme update --all sudo -u www-data wp plugin update --all Run once a week. crontab-e: 0 0 * * 0 /polniy_put/update_wordpress.sh > /polneyut/update_wordpress.log 2>&1 UPD: this eliminates the need to update via wp-cron, so it can be disabled via wp-config.php: define('AUTOMATIC_UPDATER_DISABLED', true);

DevConf this year encouraging the rapid processing of the video. Posted my report "Theory of programming: the package principles and metrics." let's Talk about how to objectively choose the packages for your project, and how to structure your code into packages. the bundle metrics have long been known, but he was not paying enough attention. Perhaps because it is somewhat formal, but maybe just because all the good gradually forgotten. Packet metrics allow you to formally assess the suitability of a third-party package to use in your project or package, how it will affect overall stability. the Batch principles originally articulated by Robert Martin in addition to SOLID, showing the way to reach the optimal balance maintainability and flexibility. Look

DevConf Before visiting Badoo, met a former colleague for Skyeng. They have all the same driving. One of the most interesting companies with PHP in Moscow. On DevConf told about a batch of metrics Robert Martin. The report came in and, I hope, will live because the slides though and informative, but not all, and the answers to the questions tied it all with Yii 3. to See the slides at slides.rmcreative.ru/2019/devconf-packages. As it happens almost every DevConf, the atmosphere was cozy and conducive to conversation. Get better acquainted with the guys from the team MediaTen specializing in Yii 2. Talked again with the soldiers MediaSoft. Got to see old friends. thanks to the Organizers for the opportunity and to spend time. In the intervals worked on Yii...

Despite the fact that the conference specifically for this year, I almost did not targeted them much. Oddly enough, they do not interfere with Yii, and Vice versa. On the conferences to collect great ideas and get motivation and feedback and often goes to focus and implement something useful. 20, 21 and 22 June I will be in Moscow. 20th plan to visit friends in Badoo, other days will be at DevConf. Tell a new experimental report about the creation and selection of packages. on 24 and 25 June will move to Novosibirsk on Highload++. Perhaps I will carry one of the halls, but I hope not. Want to hear what helped you to choose and socialize. on 29 and 30 June at the Smolensk Tabtabus talk about mistakes Yii and what are we going to do with them. If you're at a...

As planned, visited Serbia at the conference of the PHP Serbia. Told about Yii and its vision for the development of PHP and its ecosystem frameworks. As usual, the slides can be found on slides.rmcreative.ru. Serbia almost did not look, but I enjoyed the conference: Excellent opening. All spoke English, which was very convenient for speakers and numerous visitors from Serbia. I wonder, will it happen in Russia? A good set of reports. About half, however, was not about PHP and not about development. Good is to be prevented. Questions moderated through a special application slido is questions from the audience. On the one hand is good because you can choose interesting, with another — not very. Are seen asking the question. With moderation there were a...

In Moscow on may 17 held a conference PHP Russia. Organize the conference, I was not the first time, before that was two YiiConf, technical section of the REEF and participation in programme committees of RIT and Highload. As in past times, your strength I do not overestimate and do together with all those who is able to find room to make good food, sell tickets and do all the paperwork for accountants. This time did together with Antico Oleg Bunin. I was pleased with. Worked well. the First step was to form a program Committee. Those who select reports, organizing some additional things at the conference itself and improves the reports, together with the speakers. I tried to make the PC a heterogeneous and, at the same time, strong. It includes: Kirill...

As planned, the conference called for it.is Saint HighLoad++ and the Strike. On Saint HighLoad++ was as a member of the program Committee. HighLoad out is not the same as the main in Moscow. The conference itself turned out less, but communicating more. I'm starting to think that this correlates. On it.is told about errors, which we correct in Yii 3.0, and the fact that they are, in General, is not so rare and in projects, not in the frameworks. The conference surprised. First, it is not less UWDC. Secondly, it is surprisingly good for a conference that makes one company. Third, the 20-minute reports. Had to break habits and to chase several times the report before I missed. the Strike was a variation of the report about errors Yii. But, in contrast to...

Last post of the week backendsecret. Business mistakes, career backups, Telesto, bugs and useful things. the Realities of the business the business (this is especially pronounced in food companies) all about money. If more crooked solution is cheaper and don't hurt in the long run, it will do. it is just a very effective strategy. Normal business always thinks of money. Developers often do not want to understand and fight for pretty inefficient solution. Understanding "of the curve" business and developers at odds. for Example, beautiful is when golang, microservices, Kubernetes, auto-scaling on AWS, 100% coverage for unit-tests, at the front, Angular and interaction through the grpc. And the fact that we had the online shop with 10 purchases of the day to...

Continue to publish interesting of weeks backendsecret. This time about open Source and design. About OpenSource open Source — not a freebie, and joint development. OpenSource important not to demetiliruetsa. As elsewhere, the negative reviews published, but the positive is almost never. The larger the project, the more negativity. "Why do you need Yii, if there is X" ask me the moment when I started to use it. anyway, I've heard all about your OpenSource. And "product of Satan" and "this bullshit not working" and "it is sick". Sometimes I don't care for such comments because I know that the framework helps many people, but sometimes the mood is what bothers. But over the years somehow got used... If an OpenSource-library is an open issue, it doesn't mean...

And another part written in a week backend secret. This time about motivation and burnout. About the motivation strange As it may sound, do cool IT motivates me things are much more sharply written fiction. Especially science fiction. I keep a list read. About burnout Burnout in our profession is not a joke. To get out of coming after his condition extremely difficult. Easier to avoid. Relax. Engaged. And what to do to get out? to do More themselves. To reflect on the significance of the work and translate it from the "there's nothing more important" to "important, but not deadly". I'm not a psychologist, I'm not sure what helped once will help me others. On the contrary. If it became really bad, should go to the experts in this area and not to experiment...

Continue to publish interesting of weeks backendsecret. About security Too many backend developers are not aware of the basics of security or not consider it important. As a result, holes are everywhere, and serious. Sometimes I think I could consultati on this subject, but then you realize that you know about security is not enough. most Often to advanced-tech business in practice does not reach. Score on the security so often that almost any project plenty of trivial XSS. Attacking your system always follow the path of least resistance: first test trivial technical things. Next less trivial. If technically everything is expensive and difficult to undertake for people. People are vulnerable almost always. About education Received in five years at the...

This year I tried a new led account @backendsecret on Twitter. The channel is issued every week to the new participant. The idea itself is amusing because one person is a good idea to give didn't work, but if change turns out. as for Twitter to find anything after a week, I will be portions to publish the most interesting. Questions about Yii are There any prospects for Yii or to go to other frameworks? Is. Version 3.0 is in active development. now How many active developers do framework? On fulltime zero, as usual. And about 20 active and under 1000 send something from time to time. // actually I now do almost Yii fulltime it will be Difficult to go with yii2 ? no And Yes. Not like from 1.1 to 2.0, but seriously fix the app will need (if it is about...

I'm keenly interested in editors for the web. In 2016, in the process of remaking yiiframework.com I felt CodeMirror. Recently started to use Visual Studio Code and they marveled at something on the Electron can fit to work (it is worth remembering zataplivaet sometimes the client is Slack), started to look at the code and found the JavaScript itself-the editor is a separate project that you can use on pages. Weighs more than CodeMirror, but the plus documentation, speed of large text, API, and extensibility. You can, for example, to make it a diff editor or markdown editor with code highlighting in blocks. Try