Scheduled pipelines now available in Bitbucket Pipelines

BitBucket blog announces the support for scheduled Bitbucket Pipelines.  This is super cool and has been on the wishlist for a while now.  Here are a few examples of how this feature is useful:

  • Nightly builds that take longer to run
  • Daily or weekly deployments to a test environment
  • Data validation and backups
  • Load tests and tracking performance over time
  • Jobs and tasks that aren’t coupled to code changes

EU General Data Protection Regulation (GDPR)

Here are a few things to get you started with European Union General Data Protection Regulation (GDPR).  First is a little introduction:

After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. It will enter in force 20 days after its publication in the EU Official Journal and will be directly application in all members states two years after this date. Enforcement date: 25 May 2018 – at which time those organizations in non-compliance will face heavy fines.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

And now a few key points from the Frequently Asked Questions page:

Who does the GDPR affect?
The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

What are the penalties for non-compliance?
Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors — meaning ‘clouds’ will not be exempt from GDPR enforcement.

What constitutes personal data?
Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

Interesting, right? Have a nice day now.

CakePHP Events System

Events are a great way to separate the business logic of your application and make things simpler and, often, faster.  CakePHP framework introduced an events system in version 2.1, and since then it got much better.  The official documentation covers current implementation pretty well.  But in this post I wanted to link to a few articles that provide more of a historical perspective.

First, goes this blog post by Martin Bean from back in 2013.  It shows how things were initially.  Even with all the improvements in version 3, the first implementation was still pretty useful.

Second, comes this review of the CakePHP events system (still in version 2), and some profiling of this new functionality.  These guys looked at all the details and eventually suggested some improvements.

Their effort didn’t go unnoticed.  Mark Story, one of the lead developers of CakePHP framework, wrote this blog post, explaining the upcoming (at the time) changes to the events system in CakePHP version 3.

As a result CakePHP 3 event system is a much simpler and cleaner implementation.  Have a look at this guide for a quick introduction.

I’m sure this is not the end of the road, as no software is ever perfect.  But it’s a good place to be.

pre-commit – a framework for managingmulti-language git pre-commit hooks

From the pre-commit homepage:

Git hook scripts are useful for identifying simple issues before submission to code review. We run our hooks on every commit to automatically point out issues in code such as missing semicolons, trailing whitespace, and debug statements. By pointing these issues out before code review, this allows a code reviewer to focus on the architecture of a change while not wasting time with trivial style nitpicks.

As we created more libraries and projects we recognized that sharing our pre-commit hooks across projects is painful. We copied and pasted unwieldy bash scripts from project to project and had to manually change the hooks to work for different project structures.

[…]

We built pre-commit to solve our hook issues. It is a multi-language package manager for pre-commit hooks. You specify a list of hooks you want and pre-commit manages the installation and execution of any hook written in any language before every commit. pre-commit is specifically designed to not require root access.

Have a look at the list of all supported hooks. There’s plenty!

Secure Headers – a PHP library for easier management of browser security features

Modern browsers offer a variety of security mechanisms for web developers.  Unfortunately, some of these aren’t so easy to manage.  One needs a deep understanding of the functionality as well as theory behind.  Secure Headers is a library that makes all that work a lot easier for PHP developers.  Here are some of the features:

  • Add/remove and manage headers easily
  • Build a Content Security Policy, or combine multiple together
  • Content Security Policy analysis
  • Easy integeration with arbitrary frameworks (take a look at the HttpAdapter)
  • Protect incorrectly set cookies
  • Strict mode
  • Safe mode prevents accidental long-term self-DOS when using HSTS, or HPKP
  • Receive warnings about missing, or misconfigured security headers

Dephpugger – PHP debugger for the command line

DePHPugger is an easy to use debugger for PHP, which works from the command line and can also be integrated with any IDE or editor.  Here is a GIF screencast that demonstrates the functionality:

There are more demos in the project’s GitHub repository. You can also read this article and watch this video.

Browser screenshots with PHP and Google Chrome 59+

The release of Google Chrome 59 brought some really cool features.  One of them in particular was all over the technology news – headless mode.  Being able to run the browser engine without the graphical interface, and having control from the command line and API has many benefits.

One of the benefits is being able to take web page screenshots.  “Easily convert webpages to images using PHP” is one of the many blogs and articles that explain how to do it, using your preferred programming language (or mine in this case).  Browsershot is a very simple PHP library, which you can install with Composer and start using straight away.

I’ve tried it out and it works pretty well.  The screenshot above has been taken by the following script:

<?php 
require_once 'vendor/autoload.php';
use Spatie\Browsershot\Browsershot;

Browsershot::url('http://mamchenkov.net')
  ->windowSize(1600,900)
  ->save('screenshot.png');