Use a global .gitignore file to ignore commonly ignored files

Accidentally committing sensitive information to a GitHub repository can have costly effects. This tweet of someone committing their AWS private keys in an .env file by accident, surfaced only a couple days ago. I’m sure something like this has happened to so many people already. It’s easy to commit a file that you do wish […]

Decouple from WordPress databases by using repositories

A quick and easy way to decouple your code from WordPress logic, is by using repositories. Repositories are standardized ways to get and put data in a data store, usually databases. WordPress introduces a couple functions to interact with various database tables (get_post_meta(), get_option(), etc.) that are commonly used inside plugin and theme files, that […]

Class constructors should only setup the object

It’s common practice in the larger PHP world, but something the WordPress ecosystem has yet to catch up on. All too often, I see WordPress plugins and themes setup actions, filters and use other WordPress specific functions in class constructors. This leads to a class that is directly coupled to WordPress logic.

Mozart monkey patches WordPress’ lack of dependency management

A first proof of concept version of Mozart is now available for public testing. Mozart is a command line tool for wrapping PHP packages inside your own namespace. This is the least bad solution for solving most dependency management issues inside the WordPress ecosystem. The fundamental lack of dependency management support inside the WordPress ecosystem […]

Analytics spammers now use legit websites as referrals

Sigh. Where do I start on this? Everyone who owns a website these days and has some sort of analytics tool active has seen the lifehacĸer and ɢoogle domain spam (note the weird characters). For the last couple months, the amount of spam like this has been growing slowly but steady. Annoying, yes, but also very easy to […]