Via “Improving the output of PHPUnit” I’ve learned about PHPUnit Emoji Result Printer.  Obviously, this sounds like fun, but I’m also sure there is some really smart way of using this.
Too bad I couldn’t try it on one of our work projects just yet, as this requires PHPUnit 6+, while we are still on PHPUnit 5.7. Â But we’ll get there.
And then, after all that bashing of PHP being ugly and unpredictable, here comes this:
System.out.println(1 + 2 + " = " + 1 + 2); // Output: 3 = 12
I understand why this happens, and how to work around it. Â But I wasn’t expecting something as … simple … from the oh magestic Java.
Public APIs is a collective list of free JSON APIs for use in web development.  You can find there web services for all kind of data – anything from weather and currency exchange, through government database, to random snippets like GIF images, Lorem Ipsum text, and quotes.
“Rest APIs are REST-in-Peace APIs. Long Live GraphQL.” is yet another look at REST vs. GraphQL for the API implementation.
I’m involved with developing quite a bit of REST APIs at work, but for now we are just trying to buy us some time. Â I want to take a really long and good look at GraphQL, but I don’t think this will happen this year. Â In the meantime, if you have any good GraphQL resources, please do send them my way.
“Passwords Evolved: Authentication Guidance for the Modern Era” is a good collection of guidelines and concerns for password management in the modern day.
Here’s the bigger picture of what all this guidance from governments and tech companies alike is recognising: security is increasingly about a composition of controls which when combined, improve the overall security posture of a service. What you’ll see across this post is a collection of recommendations which all help contribute to a more robust solution by virtue of complimenting one and other. That may mean that individual recommendations such as dropping complexity requirements look odd, but when you consider the way humans tended to deal with that (they’d just choose bad passwords with a combination of character types) alongside guidance such as blocking previously breached passwords, things start to make a lot more sense.
Now there’s just one more thing: as good as all this guidance is, practically implementing it can be somewhat trickier.