github

All my posts about github.

Automatically reject packages with known security vulnerabilities

Dec 29th 2014

This package ensures that your application doesn't have installed dependencies with known security vulnerabilities.
...

The checks are only executed when adding a new dependency via composer require or when running composer update: deploying an application with a valid composer.lock and via composer install won't trigger any security versions checking.

https://github.com/Roave/SecurityAdvisories

Awesome idea! It works by leveraging the "conflict"-property in the composer.json-file of the package.

A HTML5 rich text editor

Dec 17th 2014

Squire is an HTML5 rich text editor, which provides powerful cross-browser normalisation, whilst being supremely lightweight and flexible.
...

Unlike other HTML5 rich text editors, Squire was written as a component for writing documents (emails, essays, etc.), not doing wysiwyg websites. If you are looking for support for inserting form controls or flash components or the like, you'll need to look elsewhere.

http://neilj.github.io/Squire/

Join 9,500+ smart developers

Get my monthly newsletter with what I learn from running Spatie, building Oh Dear, and maintaining 300+ open source packages. Practical takes on Laravel, PHP, and AI that you can actually use.

No spam. Unsubscribe anytime. You can also follow me on X.

Scan a https-site for mixed content

Dec 16th 2014

Last week Bramus presented a cool mixed content scanner on his blog. Just for fun/as an excercise I made my own version.

The core scanner is mostly a copy of Bramus' code but there are a few noticeable differences. My version:

can be installed via composer
uses the Symfony console component
uses Guzzle instead of naked curl
can write the scanresults as json to a file

You can install the scanner with this command: ``` composer global require spatie/mixed-content-scanner ```

You'll find the instructions how to use it on github.

Nginx HTTP server boilerplate configs

Dec 11th 2014

Nginx Server Configs is a collection of configuration snippets that can help your server improve the web site's performance and security, while also ensuring that resources are served with the correct content-type and are accessible, if needed, even cross-domain.

https://github.com/h5bp/server-configs-nginx

Scan your HTTPS-enabled website for mixed content

Dec 10th 2014

With my recent move to HTTPS I wasn’t sure if there were any pages left on my site that had Mixed Content or not. To check this I wrote a little PHP CLI app to scan an HTTPS website for Mixed Content. The script starts crawling at a given URL, and processes the page.

https://www.bram.us/2014/12/10/mixed-content-scan-scan-your-https-enabled-website-for-mixed-content/

Nice!

Anti-spam packages

Dec 8th 2014

Here's a great Laravel package if you want to use the no CAPTCHA reCATCHA that was introduced by Google last week:

https://github.com/anhskohbo/no-captcha

Personally I'd go for a honeypot before resorting to a recaptcha because a honeypot is invisible for users. Here's a good package by Maksim Surguy if you want to go that route:

https://github.com/msurguy/Honeypot

Select boxes on steroids

Dec 4th 2014

Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results.

http://ivaynberg.github.io/select2/

Mousetrap

Nov 30th 2014

Mousetrap is a simple library for handling keyboard shortcuts in Javascript.

https://github.com/ccampbell/mousetrap

28 articles and 60 curated links about github.