notes | PHPT | |
---|---|---|
3 | 276 | |
1,260 | 37,320 | |
- | 0.5% | |
0.0 | 10.0 | |
almost 5 years ago | 1 day ago | |
C | ||
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
notes
-
GitHub will require 2FA by the end of 2023
This change would certainly have helped against the infamous "Gathering weak npm credentials" research[0] from 2017, but I think that most recent supply chain security issues (in NPM, at least) have been due to: 1) typosquatting, 2) developers deliberately adding malicious (or unwanted) code into their own packages, and 3) deep transitive dependencies on packages that have genuine bugs that lead to vulnerabilities.
It's not clear that this 2FA requirement would fix any of those problems, but it could one day allow package management tools to flag up when one developer has given/sold control of their package over to someone else who has less of a reputation and might be malicious, as was the case with the event-stream package.[1]
[0] https://github.com/ChALkeR/notes/blob/master/Gathering-weak-...
[1] https://www.eweek.com/security/node.js-event-stream-hack-exp...
-
Securities in NodeJs
According to one research, 14% of the Node Package Manager is affected with some or the other security issues. So, what is the cause of these security issues?
-
A series of unfortunate commits: notable software security stories
In 2015, Nikita Andreevich Skovoroda, a member of the Node.js Technical Steering Committee, performed a scan on GitHub search and npm. Afterwards, he was able to obtain over 100 passwords and nearly 200 tokens for accounts associated with a number of frequently installed packages.
PHPT
-
When traits conflict
In our latest story we show a couple of smart ways to get around some import conflicts in PHP.
-
PuTTY vulnerability vuln-p521-bias
The values [0, 15] represent 16 possible values, which is a power of 2.
The correct way to get an unbiased distribution from a sample of 2^x to a modulo that is not an even power of 2 is to use rejection sampling.
This is what RFC 6979 says to do https://datatracker.ietf.org/doc/html/rfc6979#section-3.2
But you can also see this technique in CSPRNG code; i.e. https://github.com/php/php-src/blob/d40726670fd2915dcd807673...
- Mengenal PHP: Pengertian, Sejarah, dan Keunggulan
-
Processing One Billion Rows in PHP!
I am running this code on MacOS on Apple Silicon hardware which is crashing when using the JIT in a ZTS build of PHP, so the 1m 35s result is without JIT, it might be even faster if I could use it
-
Top Paying Programming Technologies 2024
49. PHP - $58,899
-
Learning Rust: A clean start
A little about me; I'm a web developer and have been for around 5 years, though I'd dabbled for years. I have experience with Perl and PHP but my day to day is JavaScript/TypeScript be it through NodeJS or ReactJS. I want to learn Rust for no specific reason other than it's fun to learn new things.
-
WebSocket vs. HTTP communication protocols
Consider a web application where requests are handled through NGINX as the web server and PHP as the dynamic backend language. Let’s say something in the application logic results in a fatal error or process termination. This doesn’t affect NGINX’s ability to serve a response to the client, which would most likely be an HTTP 503 - Service Unavailable message.
-
Where do React Server Components fit in the history of web development?
In the beginning, I used a technology called CGI to develop server applications written in Perl. This technology was later replaced by Microsoft’s ASP (Active Server Pages) and then PHP. PHP, which you may already know, is still powering over 77% of all the websites as of the time of writing (ever heard of WordPress?).
-
Server side(Backend) programming languages
PHP
-
Shopware Changes since the 6.0 Dev Training Videos
As Shopware is mostly based on the Symfony framework, which is in turn based on the PHP language, we should also consider learning about the basics, which will also be useful for other frameworks apart from Shopware, like Symfonycasts, symfony.com, php.net.
What are some alternatives?
php-docker - Docker Official Image packaging for PHP
PHPUnit - The PHP Unit Testing framework.
totp - Time-Based One-Time Password Code Generator
Faker
DBUnit
ParaTest - :computer: Parallel testing for PHPUnit
Codeception - Full-stack testing PHP framework
Mockery - Mockery is a simple yet flexible PHP mock object framework for use in unit testing with PHPUnit, PHPSpec or any other testing framework. Its core goal is to offer a test double framework with a succinct API capable of clearly defining all possible object operations and interactions using a human readable Domain Specific Language (DSL).
CPython - The Python programming language
Alice - Expressive fixtures generator
src - Read-only git conversion of OpenBSD's official CVS src repository. Pull requests not accepted - send diffs to the tech@ mailing list.
MySQL - MySQL Server, the world's most popular open source database, and MySQL Cluster, a real-time, open source transactional database.