Month: August 2016

Git Workflow Basics

git workflow

Git Workflow Basics” is yet another take on the git workflow.   This subject has been covered in a variety of ways before (here, here, and here, for example), but I think it’s super important for every developer to understand, so if all the other attempts left you puzzled and confused, have a look at this one.  It’s pretty straight forward.

One thing in particular that I would like to emphasize:

And hey: remember to review your own pull request before asking for reviews of your teammates. You’ll spot a lot of small things you didn’t notice (style issues, typos, etc) and will allow your colleagues to focus on what really matters.

101 Most Common Interview Questions with Pass or Fail Answers

Following the recent post “10 Favorite Job Interview Questions for Linux System Administrators“, here is a more generic, but a much more comprehensive resource – “101 Most Common Interview Questions with Pass or Fail Answers“.  It’s not as technical, but it provides a good summary of common interview questions, from the generic ones like “Why do you want to leave your current company”, through brainteasers like “How many gas stations are there in the United States?”, to stress and communication ones like “What did you do when you had a boss you didn’t get along with?”.  The good thing is that you’ll find not only the questions, but also the suggestions on how to answer them.

Altogether, it’s a great resource to go through before your next interview.  Most of these questions are very common, no matter which position you are applying to.

FotoJet – online photo editor

FotoJet

FotoJet is yet another online photo editor.  Like many others it provides a simplified user interface for manipulating images.  Two things in particular that I liked about this service are collages and social media banners.

Collage editing makes it really simple to combine multiple images into one (see the screenshot above).  Social media banners greatly simplifies the creation of images that can be used for Facebook, Twitter, Tumblr, and YouTube channel headers.  No more searching for the appropriate dimensions, image sizes, and the like!

PHP backdoors

PHP backdoors repository is a collection of obfuscated and deobfuscated PHP backdoors. (For educational or testing purposes only, obviously.)  These provide a great insight into what kind of functionality the attackers are looking for when they exploit your application.  Most of these rotate around file system operations, executing commands, and sending emails.

One of the things from those files that I haven’t seen before is FOPO – Free Online PHP Obfuscator tool.

The Twelve-Factor App

I first heard about the twelve-factor app a couple of years ago, in Berlin, during the International PHP conference.  It was the basis for David Zulke (of Heroku fame) talk on the best practices for the modern day PHP applications.

The twelve-factor app is a methodology for building software-as-a-service apps that:

  • Use declarative formats for setup automation, to minimize time and cost for new developers joining the project;
  • Have a clean contract with the underlying operating system, offering maximum portability between execution environments;
  • Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration;
  • Minimize divergence between development and production, enabling continuous deployment for maximum agility;
  • And can scale up without significant changes to tooling, architecture, or development practices.

The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).

Here are the 12 factors, each one covered in detail on the site:

  1. Codebase: one codebase tracked in revision control, many deploys.
  2. Dependencies: explicitly declare and isolate dependencies.
  3. Config: store config in the environment.
  4. Backing services: treat backing services as attached resources.
  5. Build, release, run: strictly separate build and run stages.
  6. Processes: execute the app as one or more stateless processes.
  7. Port binding: export services via port binding.
  8. Concurrency: scale out via the process model.
  9. Disposability: maximize robustness with fast startup and graceful shutdown.
  10. Dev/prod parity: keep development, staging, and production as similar as possible.
  11. Logs: treat logs as event streams.
  12. Admin processes: run admin/management tasks as one-off processes.

These seem simple and straightforward, but in reality not always as easy to follow.  Regardless, these are a good goal to aim at.