MySQL High Availability at GitHub

Shlomi Noach, GitHub’s Senior Infrastructure Engineer, shares some details on both the current and future high availability setup of MySQL databases at GitHub.

This is probably way too far out for most people using MySQL for their web applications.  But it does highlight the technical complexity of running high load web applications, and how some of the issues can be solved or worked around.

Pretty fascinating stuff there … 

Advanced web security topics

Advanced web security topics” blog post goes over a variety of ways that a web application can get p0wned.  Some of these include:

  • Cross-site scripting (XSS)
  • Mime-type attacks
  • A variety of injections – SQL, JavaScript, HTTP
  • URL indexing
  • Click-jacking
  • … and more.

git merge vs. git rebase

There’s a lot of confusion between git merge and git rebase even among seasoned users of git.  “An Introduction to Git Merge and Git Rebase: What They Do and When to Use Them” is a great article explaining the pros and cons of each, and when and why using each of this is better.

While I understand it a lot better now, I still much prefer the merge approach.  It’s simpler and less dangerous, and maintains the full history.  This might get noisy at times, but works as a last resort when trying to understand what was going through the developer’s head when he was working on a piece of code.

WordPress 5.0

WordPress 5.0 has been released today.  It is by far the largest update to the system since … since I can remember.  In fact, to some, it might look like a completely different system, thanks to a totally new editing experience – Gutenberg.

I have already upgraded this blog to the new version, and I’m writing this post with the new editor.  It is awesome!  It’ll take some getting used, but not because it’s difficult, rather because I’ve been using WordPress for too long.

I also can’t wait to see what all the creative people will come up with in their themes and plugins, pushing WordPress websites to the new high.

Great work and huge thanks to everyone involved!

12 Best API Monitoring Tools for Your Business

12 Best API Monitoring Tools for Your Business” lists a bunch of services that are useful for the monitoring of your API.  Read the whole thing for more details.  Here’s the list of the services covered:

PHP: Countries and currencies

Many software projects deal with the lists of countries and currencies.  Some of the most common tasks include country an currency dropdowns, country flags next to the IP, or pre-filling country codes in phone numbers.

All of that information is of course standardized and you often just need a library or two to provide and use it.  And there are many of those.  We’ve been mainly using these two:

Today, however, I came across a better option – antonioribeiro/countries, which is a collection of country and currency information for Laravel PHP framework.  Laravel is not required though.  This library provides way more information and in a much more flexible way.  It includes:

  • 266 countries (with more codes, common names, official names, and more)
  • 256 currencies
  • 1,570 flags
  • 248 geometry maps
  • 248 topology maps
  • 4,526 states
  • 7,376 cities
  • and a lot more!

Practical Cryptography for Developers

Practical Cryptography for Developers” is a free book (with GitHub repository) by Svetlin Nakov, which aims at teaching developers some of the most practical concepts of cryptography.  The book covers hashing functions, random generators, symmetric and asymmetric keys, digital signatures, and more.  Each chapter is rich with diagrams, illustrations, code samples, as well as exercises.

Avoid complex arrays in PHP

Now that PHP 7+ sorted out a whole bunch of problems with type-hinting of parameters, return values, variables and properties, we turn our attention to somewhat deeper issues.

Array is a native citizen in PHP.  Arrays are very convenient and are widely used.  However, if you stop and think about the times where you had to figure out somebody else’s code, I’m pretty sure complex arrays will come to mind at some point.

I’ve recently came across two completely independent blog posts which talk exactly about this particular area of problems:

Both are explaining the issues very well and make valid points.  As far as solutions and better ways go, apart from the approaches mentioned in these blog posts, I also remembered a recent blog post from which I linked to the data transfer object library, that solves exactly that.

RoadRunner – high-performance PHP application server, load-balancer and process manager

RoadRunner is a high-performance PHP application server, load-balancer and process manager, written in Goland.  It sounds like an excellent replacement for the built-in PHP server, and even more than that – it’s production-ready.  And it works on Windows too.

RoadRunner is an open source (MIT licensed) high-performance PHP application server, load balancer and process manager. It supports running as a service with the ability to extend its functionality on a per-project basis.

RoadRunner includes PSR-7/PSR-17 compatible HTTP and HTTP/2 server and can be used to replace classic Nginx+FPM setup with much greater performance and flexibility.

VivaGraphJS – Graph drawing library for JavaScript

VivaGraphJS is a graph drawing library for JavaScript.  It’s a lot prettier than the results of GraphViz dot.  Or at least, it’s easier to get fancy things out of it.  It also ties a lot easier into the web development in general and your DOM document in particular.