mglaman.dev – January 5th, 2024
Hey there! Happy New Year 🥳
Here's your weekly newsletter from me, Matt Glaman!
Was this forwarded to you? You can subscribe here!
My latest blog post
I've been using Dependabot heavily on my projects (public and private repositories) hosted on GitHub. I walk through my configuration and some of the settings I use.
My Dependabot configuration for Drupal (and other PHP projects)
I use GitHub to host my repositories, such as this website. To keep my dependencies up-to-date, I leverage Dependabot. The product has matured a lot over the past few years. Before, it was a standalone service and then acquired by GitHub. It did not support dependencies managed by Composer. It was pretty spammy and very noisy. However, it has drastically improved over the past few years.
Tips & tricks
Automate the boring things like dependency updates. If you're on GitHub, leverage Dependabot to keep your dependencies current. That way, you're not caught performing bulk updates at once or running blindly with composer update. Especially as we prepare for Drupal 11 this year.
Interesting links
- Working with the new Idempotency Keys RFC
* Idempotency is important with API operations to prevent requests from being processed multiple times, such as a POST, PATCH, or DELETE request on a resource. An RFC has been opened to define and
Idempotency-KeyHTTP header! Currently, idempotency key usage is bespoke across every API – sometimes a custom header, sometimes part of the request payload.
- Proposing a Drupal 7 security team
* Klaus Purer has proposed a community-backed Drupal 7 security team. Check out the website at https://www.d7security.org/
- PHP Session Locking: How To Prevent Sessions Blocking in PHP requests
* This was a fun read. The last time I managed PHP sessions was in 2011, before I started using WordPress and Drupal for my projects. I think many folks take for granted what Drupal provides by leveraging the database for sessions (or allowing it to be swapped for other backends like Redis).
If you enjoyed this, could you forward it to a friend?
Do you have suggestions or ideas for future blog posts and newsletters? Let me know!