I was recently asked to code review a friend’s first Laravel app, and when I cloned the repository from GitHub I immediately noticed a few big, red flags. Many of these were common mistakes, so I thought I’d take a moment to discuss how we can safely handle credentials and/or sensitive information in our Laravel applications.
At times, it’s helpful to be able to create a secure, private family blog for sharing updates with close friends and family without posting to more public social media channels.
There are any number of reasons you might do this: sharing updates about a new child, a new city, or — in our family’s case — a new adventure.
If you’ve spent much time on GitHub, you’ve probably come across repositories with green badges that look like this:
A lot of repositories will have these badges/shields, as they indicate that the last run of the Continuous Integration (CI) pipeline for this repository “passed” (e.g. everything is working as expected).
Now, Continuous Integration can mean a lot of things: maybe the project has a wealth of well-written tests that are all passing, or the simply that coding standards are all up-to-par. No matter the coverage level, this green badge indicates to potential users of your code that it satisfies the quality checks you’ve put in place.
Better yet, once we have a Continuous Integration pipeline in place, we can make it a prerequisite for pull requests to be merged. If you’re tired of PRs that don’t respect your project’s coding standards, ignore PHP compatibility rules, or otherwise produce lots of overhead, automating the high-level testing can save you lots of time.
As a software developer, it’s incredibly common to browse a codebase and find that the functionality that was advertised doesn’t really exist.
Maybe the function or class method is there, but where there should be some brilliant logic, instead there’s a comment to the effect of “TODO: actually implement this.”
It’s frustrating, especially if you know that the developer who wrote that comment is long-gone, but what can you do? The nature of the industry is that we’re hopping between projects (or jobs) almost constantly; how can anyone remember all of the “when I get time, I need to get back to that” demands on them?
In the same vein as my idea for a Social Media Analyzer tool, my interest in politics also brought up another question: why isn’t there an easy way to see who — at a local level — is supporting different candidates?
Legally, political campaigns have to disclose who their donors are. After all, money often buys influence, and an elected officials’ constituents have the right to know for whom their representative might be working.
Naturally, there are all kinds of sneaky ways to get around these rules (search “dark money” for more on that topic), but at the local-level it’s good to know who has the ear of your local representative.
In the state of Ohio, we have a rather simple system where raw campaign contribution data is available for downloading and searching, but there isn’t an easy way to see (for instance) what counties are supporting which candidates.
A few years ago, I wrote a blog post with an idea for a “Be Your Own Barista” bar at coffee shops and hotels. I don’t know whether or not anyone picked it up and ran with it or not (if so, please let me know!), but thought process behind that post was essentially “hey, I have an idea but no means/interest in taking it to fruition.”
Today, I have a personal Trello board filled with ideas. A lot of them are potential software libraries or products, but I occasionally dip outside of the realm of programming.
The problem is that I don’t have time to do them all.
Of the major social networks, Twitter is about the only place I regularly participate. It’s far from perfect (and I’ve become quite skilled at the ol’ report-and-block maneuver), but for me, Twitter is that right combination of breaking news, tech discussions, and comedy (safe to say we could all do without the white supremacists and bots on the service, of course).
My employer, Liquid Web, is a Platinum Sponsor of WordCamp US this weekend, and we’ll have a few different hashtags we’ll be promoting. While I’m not directly in sales/marketing, I still wanted to find a way to stay on top of both WordCamp US and Liquid Web-related posts.
There are certainly tools out there for monitoring multiple hashtags, but I was hoping to find a native way within either Tweetbot or (shudder) the official Twitter app. Unfortunately, neither seem to [directly] offer this feature natively.
Early in my career, I stumbled upon this regular expressions cheat sheet by Dave Child in one of those “10 cheat sheets every developer should have”-type round-up articles.
I had been using regular expressions for several years before I first noticed that other developers were struggling. Patterns that seemed natural to me were complex ciphers to my peers, and an audible groan would echo through the office whenever a solution that leveraged regular expressions was proposed.
Here’s the rub: regular expressions don’t have to be that hard. They certainly require a bit of getting used to and some practice, but regex patterns are tremendously useful when validating data, searching files, or even filtering tweets.