The Laravel-Lang supply chain attack ran silently at autoload time and stole SSH keys, AWS tokens, and .env files from developer machines - not databases. Wrote up what actually happened and the composer workflow I changed after it (composer audit, jack raise-to-installed, exact version pinning).
dev.to/tegos/composer-update-is-not-safe-anymore-2bcf
new podcast: urgent php with @brendt_gd and me.. now on spotify, apple podcasts, and more.. listen here: urgent-php.transistor.fm
I recently remembered this PHP feature and realized many developers have never seen it.
The `!` in `DateTime::createFromFormat()` changes more than you'd expect.
π
jetbrains office is actually insane?? youtube.com/shorts/2CWtqMLJP2o?si=dsWKeJuZUG5p0LIF
