Podcasts about PHP

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone. Rootkits found in more than 400 ArchLinux User Repository packages. The US government requests Anthropic to remove Mythos and Fable. CISA responds to AI-driven attacks with new patching requirements. NPM to switch to more secure install defaults. Will it help. Our listeners react to last week's PHP commentary. June shows that AI has arrived for vulnerability discover Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit-biz zscaler.com/security adaptivesecurity.com

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone. Rootkits found in more than 400 ArchLinux User Repository packages. The US government requests Anthropic to remove Mythos and Fable. CISA responds to AI-driven attacks with new patching requirements. NPM to switch to more secure install defaults. Will it help. Our listeners react to last week's PHP commentary. June shows that AI has arrived for vulnerability discover Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit-biz zscaler.com/security adaptivesecurity.com

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone. Rootkits found in more than 400 ArchLinux User Repository packages. The US government requests Anthropic to remove Mythos and Fable. CISA responds to AI-driven attacks with new patching requirements. NPM to switch to more secure install defaults. Will it help. Our listeners react to last week's PHP commentary. June shows that AI has arrived for vulnerability discover Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit-biz zscaler.com/security adaptivesecurity.com

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone. Rootkits found in more than 400 ArchLinux User Repository packages. The US government requests Anthropic to remove Mythos and Fable. CISA responds to AI-driven attacks with new patching requirements. NPM to switch to more secure install defaults. Will it help. Our listeners react to last week's PHP commentary. June shows that AI has arrived for vulnerability discover Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit-biz zscaler.com/security adaptivesecurity.com

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone. Rootkits found in more than 400 ArchLinux User Repository packages. The US government requests Anthropic to remove Mythos and Fable. CISA responds to AI-driven attacks with new patching requirements. NPM to switch to more secure install defaults. Will it help. Our listeners react to last week's PHP commentary. June shows that AI has arrived for vulnerability discover Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit-biz zscaler.com/security adaptivesecurity.com

Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community.Show linksScheduler Attributes and Listener Discovery Control in Laravel 13.12.0Bulk Job Dispatching with Bus::bulk() in Laravel 13.13The PHP Foundation Launches an Ecosystem Security TeamAegis for Laravel: Scaffolding and Validation Helpers for Value ObjectsMalware Blocking and Dependency Policies in Composer 2.10Laracon AU 2026 Announces Full Speaker Lineup, Schedule, and WorkshopsShift + AI = Fully Automated Laravel UpgradesLaravel Cloud Adds Scale-to-Zero and Spending LimitsCommunity Laravel Extension for ZedDetect and Resolve Laravel Schema Drift with MigrAlignLaravel Fluent Validation: An Object-Oriented Rule BuilderManage Subscription Plans and Entitlements in Laravel with Laravel EntitlementsPlaya: Cookie-Based Temporary Players for LaravelTyped Objects for Eloquent with ExpressiveParsel: Parse PDFs, Office Documents, and Images in PHPIn-Memory Eloquent Models with TruffleAudit Laravel Apps for Security Issues with CheckpointAdvanced Eloquent Query Filtering with FilterableScheduler List: A Web Dashboard for Laravel's Scheduled TasksGenerate Short, URL-Safe IDs From Numbers With SqidsTutorials

PHP Podcast – June 11, 2026 Guest Hosts: Sara Golemon, Elizabeth Barron & Holly Schilling Eric and John are out this week — Sara, Elizabeth, and Holly take over. Here’s what they covered: PHPVerse Recap PHPVerse just wrapped up, and Elizabeth was there in Amsterdam. The format is unusual — all speakers are flown to one location, but the audience is entirely virtual. It was a class act: professional TV crew, studio lighting, and a makeup and hair team on site. Around 2,500–3,000 people watched the live stream. Everything was broadcast as one long block; individual talk segments and possibly the documentary trailer will be cut and released separately. The full stream is available now — the PHP documentary trailer (produced by Jet Breeze, covering 30+ years of PHP history) appears around the 2:24:30 mark. PHP Foundation 2026 Strategy Document Elizabeth and the PHP Foundation released their 2026 strategy document the same day as this recording. The foundation gathered community input across numerous conversations and conferences, synthesized it into findings, and has now published a plan for the rest of the year. Key themes: repositioning PHP’s public perception (which Elizabeth calls a solvable problem), creating six special interest groups, and launching an Onboarding Initiative to build a real on-ramp for new PHP developers. Elizabeth’s view is that the two things giving her the most hope for PHP’s future are the passion and expertise of the community, and how good the language itself has gotten. Visit thephp.foundation to read the full document. The Onboarding Initiative One of the six special interest groups the foundation is launching is specifically focused on bringing new developers into PHP. Goals include creating a true learning path (not just a reference manual that assumes existing knowledge), improving educational resources, and potentially working with the php.net website to improve the first-time experience. Holly made the point that PHP’s barrier to entry is genuinely lower than almost any other language — the Hello World program is 11 characters — but that story isn’t being told outside the PHP bubble. New developers are turning to JavaScript as a first language and running into minified spaghetti instead of something approachable. AI Writing PHP — And PHP as a Second Language Holly built the entire PHP Tek conference app backend in Laravel without writing a single line of code herself — AI-generated throughout, which she reviewed and approved. The code held up to peer review at the conference with only minor style nits. She ran it on PHP 8.3 and used modern standards throughout (one piece of feedback: stop using empty()). The consensus: AI models write good modern PHP because of the vast amount of open source PHP they were trained on. The caveat Sara raised is worth thinking about — how much of that training data is PHP 4-era code and WordPress 3 repositories? Either way, Holly’s case for PHP as a second language is strong: low ceremony, low boilerplate, readable syntax, and it’s a language where you can do something useful in minutes. PHP’s Reputation Problem (and Why It’s Fixable) The group dug into PHP’s perception gap — the mismatch between how good the language actually is and how it’s perceived outside the community. Holly’s experience as a mobile developer who recommends PHP to others: the pushback is immediate (“isn’t that slow?”, “isn’t that dead?”). The benchmarks don’t support that reputation — PHP outperforms Python on most comparable workloads — but data alone doesn’t shift perception. Elizabeth’s point is that this is primarily a storytelling and coordination problem, not a language problem, and that the foundation’s repositioning work is exactly aimed at closing that gap. The community has the passion. It just needs to tell the story outside its own bubble. PHP Polling API RFC Sara walked through the RFC for a new Polling API in PHP (wiki.php.net/rfc/poll_API). The short version: PHP currently has five or six different ways to do I/O multiplexing (watching multiple streams and acting on whichever one is ready first), and which one works depends on the OS, available extensions, and PHP version. The Polling API proposal creates a single, unified interface that abstracts all of that. The immediate beneficiaries are async frameworks like Amp PHP, ReactPHP, and Revolt, which currently have to maintain multiple backend implementations to cover different environments. The bigger picture: this is a building block on the path toward true async PHP, likely contributing to something more complete in PHP 9.0. Most app developers won’t use it directly — but the libraries they depend on will. RFCs are all listed at wiki.php.net/rfc. PHP.net: Do As We Say, Not As We Do Sara, who has contributed to php.net, copped to the state of the codebase: some of it dates to the PHP 3 era, there are functions.inc files, and it is very much “do as we say, not as we do.” The historical reason is that php.net used to rely on community-administered mirrors (r-synced servers running everything from PHP 5.1 to 5.6 simultaneously), so modernizing the code was impossible without controlling the runtime. That’s changed with CDN-based load balancing — they can now control what PHP version runs on php.net — and the code has been getting better. But it’s a slow process. PHP Podcasts Past, Present, and Future Holly asked about the PHP Town Hall podcast (Ben Edmonds and Phil Sturgeon), and the group did a quick tour of PHP podcast history. The PHP Roundtable — originally started by Sammy, taken over by Eric — has produced about three episodes. Sara and producer Joe are planning to take it off Eric’s hands and actually do it properly. And Elizabeth announced that the PHP Foundation is launching a new podcast: tentatively called PHP at Scale, hosted by Ben Marx, focused on telling the stories of organizations pushing PHP to its limits. No launch date yet, but there’s already a queue of interested guests. Next Week’s Show — Moved to Wednesday Sara will be on a boat off the coast of Galicia on Thursday, so next week’s episode is moving to Wednesday. Guests will include Paul Reinheimer and (hopefully) Sean Coase — two veterans from PHP’s podcasting past. Elizabeth is going to try to make it work around the Canadian Grand Prix. Mac Mini M4 for Local LLMs Holly picked up a refurbished Mac Mini M4 (16GB RAM, 512GB storage) specifically to run LLM models locally via Ollama. Apple Silicon is a solid choice for this because the unified memory architecture gives the neural cores access to far more RAM than a discrete GPU setup. Sara is waiting for the M5, which is reportedly not coming until fall — and is already resigned to spending too much on it when it lands. Links from the show: PHP Foundation — 2026 Strategy Document PHP RFC: Polling API PHP RFC Wiki — All RFCs Under Discussion Amp PHP — Async framework ReactPHP — Event-driven async PHP Revolt — Event loop for PHP php.net website source code (github.com/php/web-php) PHP Architect Discord Guest Hosts: Sara Golemon Based in Lisbon, Portugal PHP core contributor; code contributor via the Curl project (which means she technically has code on Mars) Elizabeth Barron Executive Director, PHP Foundation Based in Germany Holly Schilling Primary mobile developer; built the PHP Tek 2026 conference app Based near Chicago, IL Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Note: Next week’s show is on Wednesday (not Thursday) with guests Paul Reinheimer and Sean Coase. Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.11 appeared first on PHP Architect.

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

Not that I speak in respect of want: for I have learned, in whatsoever state I am, therewith to be content. I know both how to be abased, and I know how to abound: every where and in all things I am instructed both to be full and to be hungry, both to abound and to suffer need. I can do all things through Christ which strengtheneth me. (Php 4:11-13 KJV)

Ian and Aaron discuss hiring new employees, Ian claiming he's over AI coding, huge updates to Outro, going big or going home on Token Town, and more.Sponsored by Laracon AU, Honeybadger, Bento, Vask, and DropInBlog.Interested in sponsoring Mostly Technical?  Head to https://mostlytechnical.com/sponsor to learn more.Going to Laracon?  Sign up for the Mostly Technical Pre-Party!(00:00) - Down to the River (05:33) - Ian's Over AI Coding?! (13:45) - Aaron's Employee's First Week (21:42) - Marketing & Content (27:27) - Ian's Been Busy With Outro (37:41) - Slash Brag Update (41:06) - Ian Finally Hired Somebody! (47:00) - Token Town Update (55:28) - Horse Business (01:04:14) - Aaron Went Fishing (01:13:16) - Kids Sports Links:Texas Hill CountryToken Town w/ Josh PigfordKristen FoxenSEP IRACorey Haines Marketing Skills on GitHubBlockNoteIan's tweet about AI & coding fasterJoe Masilotti's post about deleting WebSockets

En este episodio celebramos un hito increíble: el 20º aniversario de Podcast Generator. Nos acompaña Alberto Betella para contarnos la historia de esta herramienta pionera que nació en la Universidad de Bérgamo en 2006 y que acabó convirtiéndose en la base tecnológica y el MVP de lo que hoy conocemos como RSS.com. A lo largo de la charla, exploramos cómo un proyecto Open Source basado en la simplicidad absoluta, llegando incluso a prescindir de base de datos para facilitar su uso, logró perdurar durante dos décadas en un sector que no ha dejado de evolucionar.Alberto nos detalla su proceso creativo, desde las primeras versiones alojadas en SourceForge hasta el uso actual de la inteligencia artificial para analizar y documentar 52 versiones de su propio código histórico. Conversamos sobre la filosofía del software libre, la influencia de figuras como Richard Stallman y la importancia de construir productos que resuelvan problemas reales de forma sencilla. Es una reflexión profunda sobre la arquitectura de software, la evolución del podcasting y el viaje de un desarrollador que ha visto cómo su "script de fin de semana" se transformaba en un referente global.Support the show

Può una bottiglia di vino comportarsi come un asset finanziario?In questa puntata di Pionieri del Tech parlo con Matteo Enna, CTO di Fine Wine Trading, una startup fintech nata come spin-off di Villa Sostaga che sta costruendo una piattaforma capace di gestire oltre 2 milioni di asset legati al mercato dei vini pregiati.Parliamo di microservizi, open source, WordPress, PHP, architetture data-intensive, integrazione con borse internazionali del vino, AI generativa e cultura engineering all'interno di una realtà nata lontano dai classici distretti tecnologici.Una conversazione che dimostra come innovazione, dati e software possano trasformare anche uno dei settori più tradizionali.Host: Alex PagnoniGuest: Matteo Enna (CTO, Fine Wine Trading)Capitoli00:00 Introduzione01:32 Da sviluppatore backend a CTO di una fintech del vino04:20 Open Source, WordPress e personal branding tecnico08:05 Come nasce Fine Wine Trading11:12 Costruire una cultura engineering-first in un hotel 5 stelle15:05 Oltre 2 milioni di asset tra vini, annate e lotti19:42 Il problema della normalizzazione dei dati23:10 API, borse internazionali e fonti di verità26:45 Perché scegliere i microservizi in una startup32:18 Debito tecnico, scalabilità e monostack PHP38:02 Dal B2C al B2B in pochi mesi42:11 AI generativa e sviluppo software in team lean47:06 Wiki aziendale come fonte di verità per le LLM51:34 Tool interni costruiti con l'AI55:27 I libri consigliati da Matteo Enna58:12 Conclusioni

Wie hat dir die Folge gefallen?Gut

Did you know there is a sacrifice in the Old Testament known as the fellowship offering? Tune in to see what Israel’s ancient act of worship teaches us about our acceptance with God, and how it leads to a very practical example of Christian fellowship today. Scriptures Referenced:Lev 3; Php 4:14-18 Visit PracticologyPodcast.com for more episodes.

What if your AI coding agent is quietly cheating on your tests — and how do you stop it? Julien Verlaguet, who built the type system Meta used to migrate tens of millions of PHP lines, is now building Skipper: a closed-loop coding agent designed to make AI-generated code verifiably correct, without human intervention.In this episode, Julien Verlaguet, creator of the Hack programming language at Meta and co-founder of SkipLabs, explains why AI agents will always try to cheat — gaming tests, quietly modifying logic while doing something else, and declaring work done when it isn't. He draws on his experience migrating Meta's PHP codebase to a statically typed system, drawing sharp parallels between convincing engineers to trust a new type checker and building systems that can trust an LLM. Julien makes the case for spec-driven development with validation layers at every step, where separate AI instances verify correctness and the code-writing agent is locked out of touching tests.He shares the story of an LLM that silently swapped a union for an intersection while splitting a file — a subtle bug that passed all tests — and why no human would ever have made that mistake. He then walks through how Skipper works: you write a spec, hand over control, and a compiler-like agent produces correct, runnable TypeScript without back-and-forth, backed by a sound incremental type system, reachability analysis, and a reactive runtime that applies diffs in milliseconds.He closes with a grounded take on how the developer role is shifting — not disappearing — toward the kind of design, integration, and oversight work that always mattered most.Key topics discussed:Why AI agents will always try to cheat on your testsThe union-vs-intersection bug an LLM introduced silentlySpec-driven development to keep LLMs on trackHow to separate the AI that verifies from the one that fixesSkipper: a compiler-like closed-loop coding agentSound, incremental TypeScript built for AI-speed iterationHot-reloading state without restarting — in millisecondsWhy developers are all becoming tech leadsTimestamps:(00:00:00) Trailer & Intro(00:02:34) How Did Julien Create the Hack Programming Language at Facebook?(00:05:53) Does Static Typing Make Your Code More Secure?(00:09:54) How Did You Convince Facebook Engineers to Adopt Hack at Scale?(00:17:15) How Can Engineers Overcome Skepticism Toward AI Coding Tools?(00:22:44) Should Junior Engineers Trust AI-Generated Code?(00:29:44) How Do You Build Reliable Guardrails for LLM-Generated Code?(00:42:15) What Validation Strategies Prevent AI Agents From Cheating on Tests?(00:45:54) What Is Skipper and How Does a Closed-Loop Coding Agent Work?(00:54:59) How Does Skipper Compare to Claude Code in Terms of Correctness?(00:58:27) How Do You Get Started With Skipper and What Does the Output Look Like?(01:04:50) How Will the Software Developer Role Change in an AI-First World?(01:09:06) 3 Tech Lead Wisdom_____Julien Verlaguet's BioJulien Verlaguet is a programming language designer and the Founder and CEO of SkipLabs. He is best known as the creator of Hack—the gradually typed language he built at Facebook that currently powers over 100 million lines of the company's production code. After creating the open-source reactive framework Skip, Julien founded SkipLabs in 2022. His company recently launched Skipper, a closed-loop coding agent that takes a single prompt from a developer and returns a running, validated service.Follow Julien:LinkedIn – linkedin.com/in/julien-verlaguet-b5710a20X – x.com/JulienVerlaguetSkipLabs - skiplabs.ioSkipper - skipperai.devSkipper's Discord – discord.gg/bsnXyw2F9PLike this episode?Show notes & transcript: techleadjournal.dev/episodes/260.Follow @techleadjournal on LinkedIn, Twitter, and Instagram.Buy me a coffee or become a patron.

From the Archives (September of 2025)Php 2:12  So then, my beloved, just as you have always obeyed, not as in my presence only, but now much more in my absence, work out your salvation with fear and trembling; Php 2:13  for it is God who is at work in you, both to will and to work for His good pleasure. 

Have you ever added a method to an enum and then wondered if you just turned it into something it was never meant to be?In the latest episode of the No Compromises podcast, we discuss where to draw the line when adding methods and logic to PHP enums.We trace the evolution from magic strings to constants to interfaces, and explain why enums were the missing piece PHP needed all along.We also cover when label methods and data structure helpers belong on an enum, why Eloquent queries cross a line, and how to avoid turning a simple enum into a bloated helper class.(00:00) - Why magic strings and constants fall short (01:43) - How PHP enums replaced interface constants (02:26) - What methods belong on an enum (06:58) - The rule for keeping enum methods focused (10:44) - Silly bit Join developers who think carefully about clean code decisions in the No Compromises community. 

Introducing Russell Aaron I didn't learn WordPress at a fancy college or career academy. I graduated from the University of YouTube. My internship was the Las Vegas WordPress Meetup and WordCamp Vegas. The rest I learned building mortgage company platforms, working for casinos, inside managed WordPress hosts, and at some of the best WordPress development and support shops on the planet. Show Notes For more on Russell, check out his website: https://russellenvy.com Transcript: Topher DeRosia: All right. Here we go. Hey folks. Russell Aaron: And three, two, one. Topher DeRosia: Hey folks. Welcome to Hallway Chats. I’m Topher, and I’m here with Russell Aaron. I assume I pronounced that right, because it’s not that hard, but you never know. Russell Aaron: You know, so many people call me Aaron. They’ll tag me and they go, “Thanks, Aaron.” And I’m like, “You know, it’s Russell, but it’s cool.” Topher DeRosia: Yeah, nice. All right. Well, I saw a post on LinkedIn the other day from you talking about podcasts having the same people on episodes all the time. I thought, “Oh, I gotta have that guy on my podcast.” Because then you can’t go on any other ever again, because then you’ll be that guy. Russell Aaron: Maybe. Topher DeRosia: So, I snooped a little. You live much closer to me than I expected. Have we met? Did we meet at a WordCamp? Russell Aaron: I think we met at WordCamp Ann Arbor one year. Topher DeRosia: Oh, okay. I went to a whole bunch of those. Russell Aaron: Yeah. I think I spoke 2018, something like that. Topher DeRosia: Yeah. I was probably there. Russell Aaron: Yeah. Topher DeRosia: All right. So tell me where you live, what you do, all that kind of stuff. Russell Aaron: I currently reside in Indianapolis, Indiana, and I am just freelancing as of right now. You know, I live in a pretty small town where it’s kind of old school WordPress, if you will. Anyone who is worth their salt keys will remember a day when websites were not responsive or a business has a cousin of a friend of a brother who builds websites and, “Hey, he’s working on it,” and three years later, there’s still no new website. I kind of live in a town where I’m kind of getting back to my grassroots, where I stay up late at night with my insomnia, and I will roll up to a business and I will say, “Your new website can look like this today. If you pay me this much money, I will install it today, and this is your new website.” And it’s got your updated menu, and it’s responsive, and it works on mobile, and we can connect it to AppPresser and make it an app and stuff like that. So I’m kind of reliving the glory days of what I remember WordPress to be. Topher DeRosia: I’m also freelancing right now, sort of by choice, sort of not by choice. Somebody I’m married to would rather I had regular pay and insurance. Russell Aaron: Heard that. Topher DeRosia: Are you in the same boat, or did you do this on purpose? Russell Aaron: I did this on purpose. I was not working for the man, but I was working with some people. I’m over the tiny little granular things that somebody can fire you over. Like they’re watching if your mouse moves or they’re watching if you haven’t logged in. There’s just no more trust, I feel like, in so many cases. And so I know that I can do things better on my own, and I’m going to. Topher DeRosia: I have to admit, I love the freelance life. It is pretty special. Russell Aaron: Right. It’s almost like… what’s that movie? The 40-Year-Old Virgin, where they are making a website and they’re like, “Hey, Spider-Man 3’s on in five minutes. Let’s go watch it.” Like they totally ignore their job and they just go watch this movie now. It’s kind of like that. Topher DeRosia: Yeah. Yeah. For me, it’s doing stuff with my wife. She has a day job, but it has kind of chaotic hours and not specific days of the week. And so I work when she does, which sometimes is Saturday and Sunday, and then I just don’t on Tuesday and Thursday. That’s pretty great. Russell Aaron: I’m kind of in the same boat. My wife has a wonderful job, and she is with a great group, and she does global advocacy. I mean, she just deals with people that are happy with the product, and she keeps them happy. She does lots of stuff like that. I’m kind of the same thing, where their company is now starting to get into AI, and they have so many questions, and I’m over here building things with AI and doing things like that. So I’m not exactly consulting, but my ideas are going into their company through my wife. Topher DeRosia: My wife works at a grocery store, and they have a cash machine they use in the back office that runs Linux. Russell Aaron: Oh, wow Topher DeRosia: And the IT guys had to come in and do some work on it, and she saw the screen and she’s like, “Oh, is that Linux?” And I’m like, “Who are you, and what do you know?” Super nerd. So what’s your company name? Do you have one, or is it just WP Pro Support? Russell Aaron: WP Pro Support. Topher DeRosia: WP Pro Support. Okay. Do you concentrate more on support, or do you build more? Russell Aaron: I have been doing support since 2011. I formed my very first support company, and I launched it the same day that Shane Sanderson launched Maintainn. My buddy, who you might know, John Hawkins, I was at the Vegas WordPress Meetup Group, and I had the idea in Vegas WordPress Meetup Group where there’s 70 people sitting right here behind me and they all want help. And I was like, “How do I do this?” So I built my first thing where I gave everybody free-for-life support, and they were my test group, if you will. And they helped me work out my bugs and tickets, and they helped me work out how I actually operate and do stuff like that. Then when I launched it, literally that day, John goes, “Wait, have you seen this?” And we had no idea about each other, but we literally launched them the same day. Fast forward three years down the road, I ended up working for Maintainn when it was owned by WebDevStudios. But everything I’ve done in WordPress has been support, whether I’ve worked for a mortgage company, a casino in Vegas, hosting with Liquid Web, doing stuff with NerdPress or AppPresser. Everything I’ve done is support. That’s really where my passion is because I remember what it’s like being a first timer. I think that there is a huge market potential here of people are always going to be new. I don’t care who you are. There’s always somebody new walking in the door, and there has to be a person who will sit down and say, “Come here, I’ll hold your hand.” And I am that person. I always try to look at WordPress from that lens is if a new person is looking at this today, are they going to be happy? Are they going to be confused? And I go from there. So currently today I’m transitioning away from support as we know it, where you write a ticket and then somebody on the other end is like, “Hey, I fixed your site,” or whatever. And I’m transitioning to a new product that I’m working on. So I’m going to be getting away from traditional support, but I’m still going to be doing things in the support space, if that makes sense. Topher DeRosia: Yeah, that makes sense. When I first got into WordPress, it was 2010, and custom post types were brand new. Russell Aaron: Right? Topher DeRosia: And I was out of my element with WordPress. I did not know what I was doing, but I did know PHP, and no one else knew post types yet. So when it comes to that, I was on an equal footing, and that was my way in. That was my leverage. I made a lot of money in the early days just building custom post types. Russell Aaron: Custom post types and single-posttype.php or whatever. Yeah. Topher DeRosia: So I was a competent PHP guy who didn’t know WordPress. And I feel like we’re in kind of the same transition space right now with AI, where we have tons of competent WordPressers who don’t really know AI yet. I think there’s a great space for that, teaching our friends, teaching everybody we’ve known for 10 years in WordPress. You know what I mean? Russell Aaron: I do. That’s one of the things that I really love about WordPress is that… let’s take the new 7.0 that just came out, I think it re-leveled the playing field. Before this came out, there were people that were ahead of others when it comes to patterns or blocks or the command palette and stuff like that. But now I think with this, we’re back to an even playing field because every… I mean, not exactly. There’s still some people who know AI a lot better than others, but you’re always five minutes ahead of somebody and five minutes behind somebody else. Topher DeRosia: Oh, yeah. Russell Aaron: But I do think that with 7.0, a new level playing field has come out. And now is the time to start learning, or you got to wait until 7.1 comes out where that new level playing field comes out. But that’s what I love about WordPress is that it continues to happen. Like you said, CPTs. I still love CPTs. I think they’re one of my favorite things. I look at all of these features, you know, page builders, another time when the playing field was leveled again. Now you learn page builders and then shortcodes and then this and then that. I think that’s the one gift that WordPress keeps giving is that you might be out of date six months from now, but then 7.1 comes out and you’re caught right back up. Topher DeRosia: Right. Yeah. And while you’re five minutes ahead, you quick do a WordCamp talk. Russell Aaron: Yes. Yeah. Topher DeRosia: For that long, you know more than other people, right? Russell Aaron: At least it’s on video, right? Topher DeRosia: Right. I was an expert for a minute and a half. Russell Aaron: That was my 15 minutes of fame. Topher DeRosia: What is your WordCamp life like these days? When was the last one you went to? Russell Aaron: The last one I went to was in Vegas, 2018. It was at the Plaza Hotel, which I worked at. When John was putting that together, in Vegas we had a wonderful space, and it was called The Innevation Center, and it was at a data facility called Switch. And they donated so much to us, and we are so grateful to them. And then they kind of had a change in their policy where they weren’t doing things, and then they overpriced how much it would cost to hold events and stuff like that. I was working at a hotel, and so we had this giant convention space, if you will. And so because I was able to pull some strings, we got a great, great discount, all food paid for. I mean, all of it. So that was my last WordCamp. The after party was on top of a pool deck, and there was pickleball courts, and there was a pool, and there was an open bar. I mean, it was rad. That was my last one. I have kids now. My kids are seven and eight and so my WordPress travels have slowed. No, I’m sorry. I take it back. WordCamp US last year was my last one, where we went scorched earth. That’s what I call it. I call it WordCamp scorched earth. Topher DeRosia: I was there for that one. I used to go to a lot every year. Go to- Russell Aaron: Five, six? Topher DeRosia: Five and 10. But since COVID, I think maybe just US every year. It’s weird to just go to one. Russell Aaron: It is. And just US, it’s almost like we used to have what I used to call regional events, where I lived in Vegas, I would hit up WordCamp Orange County, then I’d hit up San Diego, then we’d hit up LA, and then we’d make our way up to Portland, and then maybe if San Francisco did one, and then Phoenix. I did all my regional stuff. And then every once in a while I would venture… I mean, I love WordCamp Minneapolis. Love the people up there. Love so much about that event. Used to do that a lot. What’s the one in Ohio that I used to go to? Topher DeRosia: In the teens, there were five in Ohio. And being in Michigan, I used to just cruise down there. Russell Aaron: It’s a three-hour, three-and-a-half-hour drive, huh? Topher DeRosia: Yeah. Russell Aaron: About that. Yeah. Topher DeRosia: At the time, I was working for a company that was paying me to go to WordCamps. I had to make the case for each one, but it was a really simple case for all the Ohio ones because I didn’t need a plane ticket. I just drive over there. It’s like five in Ohio. There was Ann Arbor, there was Detroit, there was Grand Rapids, there was Chicago. I mean, there was almost 10 WordCamps within a three-hour drive of me. Russell Aaron: That’s beautiful. Topher DeRosia: It’s just not there anymore. Russell Aaron: I was very fortunate to work for companies like WebDevStudios, where I could tell them, “Hey, I got into WordCamp Minneapolis. I’m going to speak there.” And because I’m speaking there, they would reimburse me X amount of dollars for something, and then they would sponsor the WordCamp, and then they would make a thing out of it. I mean, I was very fortunate in being able to do that. Then I worked with a really great company called NerdPress, and they are a fantastic group of people that do the same thing. And then I ventured out into different straits, and it was very much different. I’ll say that much. Topher DeRosia: Yeah. Those are good times. Russell Aaron: It’s almost like… the way that I put it is it’s like we all graduated. We all did our four years of college, we all graduated, and now we went to our temp jobs or we went to our internships. Like the band broke up. Topher DeRosia: Yep. Yeah, it is a lot like that. I have seen generations of WordPressers. There was all the crew before 2010 that were downloading zip files and hacking themes to even get them to run. Then there was after 2010, and custom post types were new and stuff. And then there’s the whole Gutenberg generation that never experienced all that crazy theme stuff. Russell Aaron: I mean, you tell people that child themes were so new that people didn’t even grasp the concept of a child theme, and today it’s so baked in. It’s not even something that people think about. It’s just you install this and the child theme, and it’s a thing. But I remember writing those by hand. Topher DeRosia: Yeah. No kidding. Then to a certain extent, not even having child themes anymore because nothing is stored on the file system. Russell Aaron: I love it. I love it. In my very first WordCamp talk in Vegas 2012, I made a prediction that everything was powered by the theme. Everything used to… I mean, that’s as far as I go back is every template was the same. It was left column, right sidebar, header, and every page, whether you liked it or not, looked like a blog post. And it wasn’t full-width, responsive. I remember a lot of that. And then corporate themes came out, and then cupcake themes came out, then lawn company themes came out, and then the rise of Envato and stuff like that. That’s a good name for a band, The Rise of Envato. Topher DeRosia: I’d go see them. Russell Aaron: But all that stuff comes out. And then you look at it now and it’s like, that seems so far away. I still remember the day that I learned about child themes, and I’ve never forgotten that. And I think, coming back full circle, that’s why I stay in this beginner support space because I’m kind of keeping that nostalgia around, I guess. Topher DeRosia: Yeah. There’s a lot of joy in watching people’s eyes light up when they get it. Russell Aaron: That’s the best part is just telling people what’s possible. When they’re frustrated with something and you go, “Oh, hey, Gravity Forms can do that.” And they’re like, “Wait, what?” And I’m like, “Yeah.” And they can also do… And I just start naming stuff. And I show all 50 extensions that they have and they’re just like, “Wait, what?” And I’m like, “Yeah.” I’m like, “This starts getting radical when you’re into it.” Topher DeRosia: There’s something I miss from old WordPress that I don’t see in modern WordPress. It might not be a thing. And that is dramatic new styling with a theme the instant you install it. My wife is not a computer person and does not care about computers. She loves design stuff. There was a time we used Winamp. Russell Aaron: Wow. Topher DeRosia: And she loved getting skins for Winamp. And she would download 30 in a day and try them all out. And then when I set her up for the blog the first time and showed her the theme repo on .org, this is in 2011, she would literally spend a day just downloading theme after theme after theme. Russell Aaron: Same way. Topher DeRosia: And you just install it and poof, your site looks amazingly different. These days, I mean, you install something like Kadence or GeneratePress or Ollie or any of them, really, and it’s kind of a blank canvas. Russell Aaron: It’s very minimalist. It’s very minimalist. Topher DeRosia: I miss the ability to say, “I feel like making a change today,” and two minutes later, your site looks completely different because you’re using… Russell Aaron: Couldn’t agree more. Couldn’t agree more. I mean, I look back at old pictures from when I would host the meetup group in Vegas, and there’s pictures of me talking, and then on the screen behind me is my old site, and it was this old layout. I bought the theme from Envato because I was just fascinated with it. It was everything that I wanted it to look like. But same thing is now when you change your theme from this one to that one, that dark grunge kind of thing is gone, and now you’ve got this bootstrap-looking thing or whatever. I agree with you. I think that comes from my days of being in MySpace. That’s how I got started with all this. So you could change your MySpace template like that, and I think that’s where it comes from, at least for me. Topher DeRosia: I haven’t even looked into it. Can you make a Gutenberg-based blog theme that has a very striking look and just release it? And then, I don’t know, just release a whole bunch of them like in the old days? Theme shops had 35 themes for sale, and they all looked different because they were all totally different themes. Russell Aaron: I remember there was a day on Envato where it was the same theme, it was just rebranded. So it was like theme name 1.0, and it was called Atlas. And then it’s the same theme but in orange, and now it’s 1.2, and it’s called Dungeon or something. And then we have 1.3 again. Same theme, same framework, but each version was named something different. It made that developer look like they had five different products instead of just one over and over. Now you look at something like a page builder, and it’s like, “We’ve got 500 different templates in one thing.” I can’t do that. I think that’s too much for me. Topher DeRosia: It’s like the days of the CSS Zen Garden. Russell Aaron: Right. Topher DeRosia: HTML is the same, CSS changes. Before I used WordPress, I built my own blog system. Russell Aaron: Oh, wow. Topher DeRosia: It never got super advanced, but I used it for 10 years. One of the things you can do in your HTML is register alternate stylesheets. It’s the same tag, it’s just an alternate word in there. And then in Firefox, at least, you can go under “view Page Style”, and they would all be listed there, and you can just choose different themes. I figured out the JavaScript, even though I didn’t know JavaScript. I figured out the JavaScript to make a little dropdown box in my sidebar so my visitors could say, “Oh, I want to change my theme here.” I never figured out how to do that in WordPress because everything was so tied to style.css. I didn’t know how to make a different one be the main one. But that’s something else I miss in WordPress is the ability to just so dramatically and dynamically change your design because your content is structured so well. Russell Aaron: You know, not only that, but I really liked the websites where there was a demo, and then it gave you a basic username. The username was demo, the password was demo. But then the one thing I never figured out was how every 24 hours the site would just reset. So somebody can go in there and they could do whatever they wanted to do. They could create their own pages. They could create their own blog posts. And for 24 hours, there was a page called Russell’s Awesome. But then after 24 hours, it would just reset. I always thought that was so cool, but I could never figure out how to do that. Topher DeRosia: Oh, yeah. And everybody was editing all at the same time, within that 24-hour period. Russell Aaron: I have since restructured my website. I use the block theme from WebDevStudios. I kind of feel like that’s where I got my education from. I was somebody who kind of dabbled around in WordPress, and then when I went to go work with them for three years, they had a set of standards that I couldn’t even fathom to begin with. But then as we built things and I saw how their machine works, how their business revolves, I was like, “You know, for me, this is the way that I like to do things, is the way that they like to do things.” And so my new website… I mean, not new website, but it’s my new theme, I actually had AI build it for me. I had Claude. I was using… It’s by ThemeIsle. Neve. I was using Neve, one of my favorite themes. Love them. So I was using that, and then my site was kind of all over the place. It was an “I’ll teach you how to do this”. That’s kind of the main focus of my site is I will jump on a call with you, and whatever questions you have, I’ll sit here for five hours with you if you want. I will teach you and until you get it. But then I also had this section about band names that were just… earlier when we were talking about the rise of Envato, you know, like I would have a section on my blog where you could create a new band name and then I had all these random blog posts. And so my website was kind of like this potluck, if you will, just like this random stuff. And I was like, you know, I want to be doing something else. I think my website needs to change. And I have those old blog posts still, but they’re hidden. So now with my new theme, I had AI look at my old site and say, this is what I think we should do. I picked out some colors and over like five days, I had it build me five different HTML pages, like completely different, you know? And then I started giving AI and I said like, “Okay, I want to look like this.” And then I was like, well, okay, I like this and I like this, but I also like this from this other site.” So I started feeding it information and like when the HTML came out, I had 12 different templates. I had my blog posts, I had my archive, but I had everything built in HTML. And the cool thing about the WDS block theme is that it serves everything as an HTML page. So I literally just took AI and said, “Take these HTML pages, bake them into how this theme does it,” and bam, my site came up. I had it done in maybe two days. Topher DeRosia: Wow. Russell Aaron: And then after that, I had it take all of those HTML pages and create me patterns. So now I can go in, and when I go into my full site editor, I can go to patterns, I have all my homepage patterns, my blog patterns, I sliced everything up, and they’re all WordPress native blocks. So I can literally go in and change the coloring on any page I want instead of having to edit the HTML or anything. And now that I have that, I feel this sense of freedom where I’m not worrying about an update coming tomorrow, if my update is gonna break or I don’t have to read a changelog that is not specific anymore. I can’t stress how much I love not having to read changelogs or the lack of changelogs. I mean, I’m fully happy with how things have come out. And over time, I’m gonna keep fine-tuning it, but I’m pretty much where I’m at right now. With all of this new technology that’s come out, I’ve really kind of found my love again for WordPress. I was kind of in a slump where I just wasn’t really doing anything. Now I take my son and we’ll drive down to Louisville, Kentucky. He rides BMX. So while he’s racing, I will literally have Claude Code open on my computer and I will log into the Claude app on my phone and I can keep sitting there having the same conversation. So this new thing that I’m building, I can still do it while I’m sitting there watching him race or while I’m doing something else. I was just like, this is fantastic. And then my wife will drive home and I’ll just sit there and I talk into my phone, I literally put the microphone on and I’ll be like, “You know, I don’t like that. And here’s my thoughts about this.” And you know, my phone dictates all of that and then I send it to my computer through the app and it just keeps spinning things up. Then by the time I get home, I have a new version that I can demo or I have a new version that I can test. I mean, I am just so fascinated by it. Topher DeRosia: That’s cool. Were we at WebDev at the same time? Russel Aaron: I don’t think so. Topher DeRosia: I was there just over three years ago. Russel Aaron: I was there 2015 through 2018. Topher DeRosia: Oh, yeah. I came much later. I was only there for like two months. Russell Aaron: Oh, wow. Sometimes that’s the way it goes. Topher DeRosia: Yeah. They were gonna get a big contract that hired a bunch of people and two months later didn’t get the contract and let us all go. Russell Aaron: As much as I hate that, that also taught me that the people that do great work or the people that show up every day and are putting in more than they’re getting out, those are usually the people that stay in companies like that. That really changed my work ethic. I used to be somebody who wanted to be not lazy, but I didn’t wanna be pressed for time or having to go, go, go and having to be on all the time. Now, I’m the opposite. Now, I’m like, now that I’ve done that, I kind of earn for that stretch for a little bit. I mean, you were just saying that how you’ve transitioned to where you are. I was watching a Barstool Sports interview with a guy who runs a pizza shop in… it’s either New Jersey or New York. The guy’s only open Wednesday, Thursday, Friday, Saturday. And he’s only open nine to six or something like that. And he built that business… well, it’s been in his family for like 60 years or something. He has one of the last original pizza ovens ever. But anyways, the point is, is that he lives at the pizza place, that’s where his entire life is, but he built the business around his life. I’m doing the same thing where if I wanna literally go jump on my bike right now and go for a two-mile ride, I’m gonna go do that. And I don’t have to feel like, hey, you’re not logged in and we’re not tracking your mouse. Like what’s happening? How come you’re not on Slack? You know what I mean? I’m not tied down to that. And I can’t stress that enough of like, that is where I wanna be. Topher DeRosia: Yeah. Yeah, it is a good life. We are at about the time to wrap it up. Okay. So I’m gonna do that. Where do you hang out online? Russel Aaron: Where do I hang out online? Topher DeRosia: Are you in any common WordPress Slacks? Russel Aaron: I’m on the main WordPress Slack sometimes. I tend to watch more than I do involve anymore. A long time ago, I used to be very vocal and I used to be not afraid to walk in to a room guns blazing. With the big cultural shift that happened in WordPress, I tend to just sit back now and be more self-reserved. So I post on my website, russellenvy.com. I’m on LinkedIn. I’ve been utilizing Reddit a lot too. I think for me, Reddit is a place where I kind of disagree with the fact that you can hide behind a pseudonym, but I do like the brutal honesty that people will have because they are hiding behind something and they will say, dude, this flat out sucks. Or they’ll be like, Hey, this is great, but it would be cool if, or somebody can be like, “Hey, that already exists. You’re not doing anything new.” I do like that. Because it kind of not puts me in my place, but it shows me either how connected or disconnected I am to what I think I’m doing. And so Reddit is a very great place. I mean, everything is russellenvy.com except for Twitter or X, whatever you want to call it. Topher DeRosia: All right, cool. Russel Aaron: Where do you hang out at? Topher DeRosia: I am in probably 40 slacks, but the vast majority of them, I don’t look at. I’m there so that someone can ping me. I’m in a couple of slacks in India. Okay. I’m in the WordPress Italian community Slack. Russel Aaron: That’s interesting. Topher DeRosia: Post status make, of course there’s a hero press Slack. I have my own company Slack, my local meetup has a Slack. There’s just a lot of them. I wouldn’t say I’m super active on any of them. I just occasionally interact with somebody. I use my own company Slack to invite my clients in when we talk there. Russel Aaron: Right. Do you find yourself reading things more than, you know… from the outsider looking in, I post a lot and it looks like I post a lot… I mean, especially on LinkedIn, but I’m always consuming more than I’m posting. Do you find yourself doing that? Like where you’re… maybe not keeping up with the trades anymore, but like, you know… I used to read maybe 1,500 blog posts a week and then… what was that service where you could like save…? I used to have a service where you could save articles and then that way, late at night, I would just read, you know, maybe 10 or 15 of them a night. But now I look at things like Reddit where I see… I just look at somebody who’s going on there and asking for help. Again, it’s a standard WordPress person that, hey, I’m new to this, I don’t know how, and I’m looking at it and I’m just like, how can we make that better? That’s kind of where I’m at these days. Topher DeRosia: I don’t read a whole lot in Slack. It really is for my convenience. I’m pretty active with my RSS reader. I follow a lot of stuff. Russell Aaron: Oh, wow. Topher DeRosia: Because I don’t wanna go chase it all down all over the internet. So, you know, there’s that. I’m on LinkedIn a fair amount, Facebook a little bit. I’m on Mastodon and Blue Sky mostly just to post stuff. It’s funny, I have more followers… No, let me say it this way. Mastodon, I have the fewest followers, but the most engagement from those followers. Russell Aaron: Isn’t that interesting? Topher DeRosia: Yeah, I’ll post something and I’ll get some favorites or reposts or whatever. Blue Sky, I get almost nothing at all, despite the fact that I have like a thousand followers there. Russell Aaron: But Blue Sky is a community that is fast-moving. I almost compare it to anything Meta has, which is you can post today right now and in three minutes you’re 785 posts down. That’s what I really love about Reddit is that I posted something about this AI team that I’m building that I give away for free on GitHub, and so for like five days, I was the number two post on that subreddit. And the volume that I saw from that. I mean, Reddit really loves human writing. If you go in there, you post something that somewhat seemingly might suggest that you had AI do anything with it, they will just downvote it. But if you write original and you write from the heart and stuff, like your stuff skyrockets there. I’ve learned a lot from Reddit because of that. Topher DeRosia: That’s really cool. Russell Aaron: It’s interesting. Topher DeRosia: Yeah. All right, well, thanks for chatting with me. Russell Aaron: Thank you for the time. Topher DeRosia: And now you can’t be on anybody else’s podcast. Russell Aaron: I’m actually starting my own, sir. Topher DeRosia: Are you? All right. Russell Aaron: I have, like you said, the reason why we started this is because you saw something from me that says, “I’m tired of the indie circuit,” if you will. I put out a LinkedIn post, I don’t know, maybe a month ago at this point and I asked people if they wanted to be on a show. So I have WP Roundtable. I got that from Kyle Mahler, a person who I love in WordPress more than I can express. One of the best people on the planet, I feel like. I was thinking about starting that up again, because we don’t have WP Watercooler anymore. We don’t have anything like that. That’s kind of where I got my start from. But again, I also identify that that’s kind of the problem is that every Monday or Friday I was on a show and I was one of the people that you would see constantly. And so I was sitting there thinking and I was like, what doesn’t the space have? What kind of show do I wanna watch? Because I don’t watch shows when they come out, do you? Topher DeRosia: No. Russell Aaron: I always watch them maybe four weeks down the road at like 2:30 in the morning when I have nothing going on. And by that point, the information is almost stale. I mean, the way that anything works these days. And there’s a few that I might watch maybe within 48 hours of coming out, but at this point, there is something… a new idea that myself and… the guy’s actually an automatician. And so it’s actually kind of interesting because we don’t wanna say anything that would put him in a position to where he’s saying something bad about the company he works for, but I’m also the person where I get to say something to the person who works at Automattic to maybe incite some change. So we are working on something like that, but it’s not going to be an interview show. It is not going to be something where you tune it out or you put it on a 2.5 playback speed just to get through it. You know what I mean? And that’s really what the emphasis of my post was about is that so many of the interviews go that way. Topher DeRosia: Yeah. Are you familiar with wppodcasts.com? Russell Aaron: Yes. Topher DeRosia: Okay, good. So when you get it started up, submit it there. Russell Aaron: That’s a place. I’m very fascinated by Gary Vaynerchuk. Are you familiar with Gary V? Topher DeRosia: No. Russell Aaron: I watch something Gary V every day. That guy makes me feel like I’m lazy every single day, but he is also one of the people that says like, “Hey, you’re 40, you’re still just a baby.” A lot of people feel like I should be two kids, a house, marriage, this, that, and because I’m not, I’m behind the ball. And he’s one person that’s like, “Listen, you’re still a kid.” And he’s like, “You’re 40, I’m 40, and you have 10 years until you’re 50.” And even then you’re still so young to where you can generate something again and from 50 to 60, you can now do. That kind of mentality really moved me around. Why I bring that up is, I’m trying not to post on the same places that everybody else is. I wanna find that new venture. Substack is a great one. And they also have a way to release podcast episodes through them. So they can actually be your entire engine. So like you don’t have to host them on different places and stuff like that. So I’m looking for different plays like that. Topher DeRosia: All right, cool. Well, I look forward to hearing about it when it comes out. I’m sure you’ll post on LinkedIn. Russell Aaron: Yes, yeah. Topher DeRosia: All right. All right then, well, I will maybe find you on Slack or Reddit or someplace. Russell Aaron: Slack, Reddit, LinkedIn. Either way, please keep in touch. First of all, it’s great to see somebody familiar in the space. It’s great. I mean, just talking about the old days, I could sit here and do it forever. Topher DeRosia: All right, I’ll see ya. Russell Aaron: Have a good one. Topher DeRosia: All right, so that was the end of the podcast. If you could send me a headshot. And yep, that’s the one. Cool. And any links you want in the liner notes. Russell Aaron: Cool. Topher DeRosia: And two or three sentences about you and what you do and whatnot. Russell Aaron: Cool. I noticed that you… are you trying to revive Hallway Chats? Or is it something that when you just find something interesting, you’re like, hey, I’ll go do that. Topher DeRosia: That’s it right there. Russell Aaron: Okay. Sure, sure. Topher DeRosia: There was a time when it was a weekly podcast and now it’s a whenever I feel like it podcast. Russell Aaron: I love it. I think that’s the biggest reason why I’m trying to do something different is I really dislike watching a podcast. The first thing they do is they come on and they go, “Hey, welcome to WP whatever. Hey, sorry we didn’t post this week. I was bit…” If you are gonna say you’re gonna post every Wednesday at one, that’s on you. But I do not like when things start off with an apology. Like just get to it. Because I’m not watching it Wednesday at one. I mean, unless you’re Joe Rogan, or unless you are somebody who has a huge following that people will watch you live because it’s important. Otherwise, it’s just consumable stuff, you know? Topher DeRosia: Yeah. For years, I posted it Heropress weekly on Wednesday without fail. I would ignore my family to go get it done. Then I was talking to Morton Rand Hendrickson. You know him? Russell Aaron: Uh-huh. Topher DeRosia: Yeah, he’s a huge fan of Heropress. And I said to him, “Do you read every week?” He’s like, “Oh no, not at all.” He’s like, “Oh, I thought you really liked it.” And he said, “Oh, I love it. But I don’t have time to read every week.” Every few months I’ll get depressed about the WordPress community and I’ll go read 10 essays. And then one time I was at WordCamp Ann Arbor, probably the same one you were at and Josepha came to me and said that… she was kind of a sounding board for employees that come to her and said, “Listen, I’ve been working support all day and people suck and I’m depressed and I hate life.” And she would just listen for a while and then at the end they would say, “Okay, I’m gonna go read a bunch of Heropress and I’ll feel better.” And it really changed my perspective of what I was making. I wasn’t making a weekly publication. I was making an archive, a collection to be used as a tool, a library. Russell Aaron: I’m gonna say this poorly, but it’s almost like you are creating a support help hotline where it’s like, if you’re on the verge of blowing up your website, please call this number. We’ll talk you down from it. It’s almost like you’re building that. Topher DeRosia: That’s funny. Russell Aaron: That’s interesting. And then now you’re just selective about it or you’re so far- Topher DeRosia: I’m less aggressive about finding essayists and less insistent that they get it to me by a certain time. Like I would find somebody and say, listen, I need it by Sunday on this date. And they were like, “Okay.” And that worked for a while. Russell Aaron: Oh, before, before. Okay. Topher DeRosia: Yeah. But now I’ll find somebody… No, I don’t go looking as often. Russell Aaron: You’ll maybe find something that somebody wrote and you’ll be like, “Hey, are you interested in doing this?” Topher DeRosia: Yes. And I don’t find people as often. I used to find my people on Twitter and I’m not on there anymore. Russell Aaron: Like by personal choice? Topher DeRosia: Yeah. Russell Aaron: Okay. Topher DeRosia: I just left Twitter. Russell Aaron: Oh, wow. You feel like your life improved? Topher DeRosia: Yes and no. Russell Aaron: Okay. Topher DeRosia: I feel the loss of what Twitter was. And it’s not there anymore. It’s just gone. Russell Aaron: Especially around WordCamp and stuff like that. That used to have to be the place that you’d be on, you know? Topher DeRosia: The Twitter I loved doesn’t exist anymore. And so, yeah, I feel that loss. Russell Aaron: I need a t-shirt that says that. Topher DeRosia: Yeah. Wow. I’m in the process of making a printable store. Printable? Printful. Printful store. Russell Aaron: Cool. Topher DeRosia: With Woo, to make a video with. I need to make a bunch of products. Maybe I’ll make one of those. Russell Aaron: It’s interesting. Wow. You just flat-out left X. Do you feel like with Heropress, it was… and again, this is why I made that post, is that people almost see it like they can make the rounds. And it’s like, well, I haven’t gone there yet. And so they’re gonna submit something to you because they’re gonna get some press out of it. And it’s not so much what’s best for your brand or it’s not best for your website. They just see it as, well, I’m gonna get some exposure there. Do you feel like it used to be that? Topher DeRosia: No. I’ve gotten maybe two or three submissions ever like that. And a couple of them, I was able to say, “No, that’s not what we’re about. It’s this other thing, what Heropress is actually about.” And they’re like, “Oh, well, okay, that’d be great.” And they do that. And maybe one or two people have said, “I built this great company and everyone should come use my company.” Like, no, not so much. Russell Aaron: Interesting. Topher DeRosia: And that’s the end of it. Russell Aaron: I remember back in, I wanna say like 2013, people used to call each other out and be like, why are you giving the same speech at WordCamp Miami, WordCamp Minneapolis, WordCamp San Diego. And that’s kind of where I was at with that same LinkedIn post. It’s like, I really, really enjoy watching Matt Cromwell’s show, but the guy that he just had on also was on Jonathan Denwood and was also on this one. It was also on, I was like, I’ve already seen this. Maybe I get three more percent information that wasn’t in that last, or because Matt knows a little bit more about personal stuff in WordPress or building a business, he might have some more insight there, but it’s like, I’ve already heard this and I’m kind of already over it. And that’s kind of where I was at is you don’t have to just say, I’m gonna do this one and that’s it. But it’s almost like, you’re making yourself not… what’s the word. Not credible because you’re going around and saying the same thing and it’s just, you’re not doing anything different than a blog post could have done. Topher DeRosia: You know what I mean? I don’t feel too bad about repeating WordCamp talks because, especially at small camps, because a lot of people are just gonna go to their local camp and never go to another one. And unless they cruise.tv, they’re not gonna see it. I struggle a little bit with podcasts because I’ve been asked a lot over the last 10 years to come on a podcast and talk about the story of WordPress. And it’s the same story every time, you know? And so, I’ll try to mix it up a little bit, give different information that I’ve never given before, that sort of thing. But it is something I think about and struggle with a little bit. Russell Aaron: What do you struggle with about it? Topher DeRosia: I don’t wanna just say the same thing over and over again. You know, I don’t want people to go, oh, Topher’s on another podcast episode. Oh, I’ve heard this story. I don’t need to be on this episode. Fortunately, it’s been around long enough that I can give a brief synopsis of the beginning and talk about stuff that’s happened in the last couple of years. Russell Aaron: Right. Topher DeRosia: Which is gonna be really different from the podcast episode I was on in 2020. Russell Aaron: You know? Right. Topher DeRosia: It’s an interesting dilemma when you have one story to tell and everybody wants you to tell it. How do you deal with that? Russell Aaron: Well, I’ve noticed that too. It is like, you know, I’ll watch [Insert Famous Name Here], and they have a podcast, and they’re interviewing, again, [Insert Famous Name Here], and that person was also just on That Famous Name and That Famous Name. I actually saw somebody, it’s like almost a year ago, and they were just like, “Do you want me just to say this so your show has this speech in it or are you genuinely asking me?” Because, you know, like you want this story so you can post it on your social media. But I’ve already given that story 15 different times because they wanted it for their own, you know? And it’s almost going that way where I kind of respect it in a way because you don’t want to post other people’s content. But I also feel like I’m tired of saying the same shit over and over again. It’s interesting, man. Topher DeRosia: Yeah, that’s a dilemma. Russell Aaron: So you’re just like kicking back and… are you building something for you that you think is gonna scale or are you trying to get away from WordPress? That’s kind of where I’m at right now. Topher DeRosia: Yes and no. I have always wanted to… I’ve always been better with people than code. I’m a life coach. Russell Aaron: Yeah. I did not know that about you. Topher DeRosia: I love talking to the client more than coding. I love helping people learn things. And so those skills could be anywhere in WordPress, but also could be anywhere outside of WordPress. So I’m looking for those jobs and they are not out there. Russell Aaron: Right. Topher DeRosia: So here we are. Russell Aaron: I’m to the point now where my son, he’s eight, but he races BMX, like actual bikes and stuff. And so there’s a college here in Indianapolis and it’s one of the best cycling schools in the country. And there’s like five Olympians that practice every Tuesday and Thursday and they’re right in our back door. These are people that have a great social following, but they don’t post very well. They have a brand name, but they don’t have a website. So I’m noticing that every new space that I go into, it’s kind of like I get to jump back into WordPress again, where it’s like, hey, I just built a website for this BMX track in Louisville, Kentucky. It’s one of the best tracks in the country by everybody that has ever raced in a sport, they all vote that it’s one of the best, but they don’t have a website period. I just went through this where they have a guy, he’s their treasurer and he’s like, “Well, I’m an AI software guy.” And I’m like, “Well, how come you don’t have a website?” And he’s like, “Well…” And I’m like, “Listen, I submitted a new version of a we… literally, I uploaded it to my Russell website or to my Russell Envy site and I just put it in a sub-folder and I was like, “Your website could look like this today.” I was like, “For free. I don’t want anything from you. No free anything.” I was like, “I want to donate this to you because I want to grow the sport.” And the guy’s like, “I wanted to build it and React.” And I’m like, “Well, why didn’t you?” And the guy’s like, “Uh.” And I’m like, “I have free hosting for life from WPEngine.” And I was like, “I won’t charge you guys ever. I will host a site. I have free with AppPresser. I’ll build you guys an app where you guys can send push notifications.” And the guy’s like, “Well, I want to have a lot of control and say over it.” And I was just like, “All right, you know what?” And then I built my own. Now I own a domain all about their BMX track and now they’re calling me going, “We should have went with you.” I’m to the point now where I’m nice. And then it’s just like, “Dude, I’m 10,000 miles over you and I’m going to go this way.” Liquid Web did that to me. Liquid Web brought me in and they were like, “We’re going to…” I was supposed to be the OG stellar WP. They brought me in, I was hiring all my friends and I was bringing in people and we were building something. And then they called me and they were like, “Well, you can either be a level two support person or you could just not work here.” And I was like, “Well, I don’t work here anymore.” And they were like, “Well, wait, hang on.” And I literally hit “click” and I have never logged on since. Topher DeRosia: That’s funny. Russell Aaron: I’m in that same boat where, you know, I don’t have to work for you. You know what I mean? Like, fuck, I’m 40. I should be doing something on my own anyway. I kind of wish I had… what was WP 101? Sean did that for all those years. I wish I would have done that. Or every week, I should have had some YouTube about talking about something and maybe I could have monetized that, but I’m not behind the ball. I let the ball slip is what I feel like. Topher DeRosia: It’s not too late to start. I picked that up when Sean, quit and I’ve got a YouTube channel with a bunch of stuff on it. I published one today. Russell Aaron: Oh wow. It’s just interesting things that you think about, or is it like educational, like tutorials? Topher DeRosia: It’s educational tutorials, but stuff that I find interesting. Like today I made a desktop wallpaper for WordCamp Europe. Russell Aaron: Nice. Topher DeRosia: And I did it by going to their webpage in my browser and using the console to hack the HTML and CSS until it looked like a screen, a wallpaper. Russell Aaron: That’s fucking cool. Topher DeRosia: So I published it right before I’d started talking to you, like minutes before that. And it has three views. Russell Aaron: Woohoo. Topher DeRosia: But a couple of weeks ago I did one called fun and games in the terminal. And it’s how to play Tetris in the terminal and how to make a choo-choo train go across your screen when you type LS wrong. And it has 784 views right now. Russell Aaron: That’s awesome. Topher DeRosia: I did one on how to brighten a photo. I did a series. I’m working on a series called Topher learns how, or I talk to people who know how to do things that I really should know how to do, but don’t. I talked to Scott Kingsley Clark about pods, which has been around forever, but I’ve never used. I talked to Donata about Termageddon, because I know it’s important, but I have stayed away because I don’t understand and it’s scary. Russell Aaron: Termageddon. I’ve never heard that. Topher DeRosia: Oh. You know the little cookie consent things, privacy policies and whatnot? Russell Aaron: Yeah. Topher DeRosia: So when you sign up with term again, you pay a surprisingly low monthly fee and they have a human get on the phone with you and talk through your requirements of where you live, your legal stuff. Like, are you in Europe? Are you in California? Where are you? Where are your customers, your viewers? Then you drop in a short code for your privacy code and for the cookies and they keep them up to date based on how the laws change. So you don’t have to pay attention to, Oh, did California make some crazy new law about cookies? What do I need to do to update my site? It’s really, really great. So I did an interview with her. Russell Aaron: $12 a month or $119 a year. Topher DeRosia: Yeah. Russell Aaron: What is the point of having a privacy policy if you don’t pay extra for limiting your liability? Wow. That’s amazing. Topher DeRosia: It is. Russell Aaron: That’s someone just thinking outside the box. Topher DeRosia: Yeah. I have a couple of videos where I was given an account at a hosting company that I’ve never used and videoed logging in for the first time and getting to a website. Russell Aaron: Oh, wow. Just from first login to setting everything up to now you have something production. Wow. Topher DeRosia: Yeah. Specifically not reading the docs. Russell Aaron: Oh, just trying to brute force your way through it. Topher DeRosia: Yeah. Russell Aaron: That’s smart, dude. Topher DeRosia: It’s partly about… well, they may have wonderful docs. It may be super easy to do if you read all the docs. I don’t want to read the docs. Russell Aaron: Me neither. Topher DeRosia: Clickety clickety click, I have a website. So I did GreenGeeks. I did honesthosting.io. I did X cloud. So that’s the kind of stuff I’m doing. Russell Aaron: That’s interesting. That is something that, that Gary V talks about a lot is that it used to have to be where you are this WordPress brand and you do just this and all your videos could only be about that. Anytime you stepped outside the box, people were like, “Why am I watching this?” And today now we’re to finally to where my website would probably actually thrive is it’s so random. It’s just something out of my head and one thing can skyrocket and it’s like hitting the jackpot, you know? That’s interesting. Topher DeRosia: Another thing I did is I made a site called topher.how and because I realized I had never really made stuff in my own channel. I’ve been blogging for decades, making videos, WinningWP. I have over a hundred videos on WinningWP. Russell Aaron: WinningWP? Topher DeRosia: Yeah. Russell Aaron: Did you start that when Charlie Sheen started doing Winning? Topher DeRosia: No, no, no, no. But I was thinking, boy, I’d love to have all this stuff on my own website, but I don’t want to go find it all and copy paste posts. And then I realized nearly every place I’ve ever made content has RSS for their authors. Russell Aaron: Yeah. Topher DeRosia: And so I found the sites, found my author RSS feed and started piping them into WP all import. And now topher.how has all my content from the last 15 years on a dozen different sites, doesn’t more than a dozen different sites, all my videos, all my posts, everything on wordpress.tv, all that stuff. So it’s kind of a portfolio. Yeah, so you can go to topher.how and see all my stuff. Russell Aaron: That was actually one thing that I was really proud of was that my entire WordPress journey is documented on somebody else’s project. So, like you go to WPwatercooler and my resume, what is great about it is that it is not me who can edit those videos, it is not me who can master them. Those words are there. Those words are me. You want to know my qualifications in WordPress, there’s all my shit. For me, I was like, “That’s actually pretty sick. You know what I mean?” Topher DeRosia: Yeah. Russell Aaron: Wow. Topher.how. Oh, dude, do you know who Jeffrey Zinn is? Topher DeRosia: No. Russell Aaron: Oh God. Him and Brandon Dove they have Pixel Jar. Have you ever heard of Pixel Jar? Topher DeRosia: Maybe. Russell Aaron: They’re big West coasters. I’ll tell you that much. He just wrote me, “He literally just said, dude, how do you find the time to write so much on LinkedIn? I enjoy all your stuff, but mostly I’m blown away by the volume.” Topher DeRosia: Nice. Russell Aaron: I’m going to write him back and just tell him the truth. But you know, it’s all thought man. Interesting. Topher, I’ve had a lot of fun. Am I taking up your time? Topher DeRosia: I should get back to work. Russell Aaron: All right, sir. Have a good one. Topher DeRosia: All right. I’ll see ya. Russell Aaron: Bye. Topher DeRosia: Bye.

PHP Podcast – June 4, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: PHP Tek 2027 — New Dates, Bold New Format Mark your calendars: PHP Tek 2027 is happening April 27–29 in Chicago, and Eric and John are shaking things up. Rather than a straight three-day PHP conference, next year gets three tracks — two of which are familiar PHP-focused content, and a third specialty track that rotates each day: one day of JavaScript, one day of DevOps, and one day of Laravel. The Laravel track is specifically focused on how developers actually use the framework day-to-day, not a product pitch. Single-day passes will be available, so if you’re only coming for the DevOps or JS day, you’re covered. One important heads-up: there’s a big convention happening at a venue nearby in Rosemont, so the hotel block could sell out faster than usual. When they open reservations, don’t wait. Holly the Elephant Is Going Fast The PHP Architect conference elephant, named Holly, is now available at store.phparch.com, and demand has been remarkable. Eric woke up one morning to a flood of orders and genuinely couldn’t figure out what happened. The warning from last year applies here: people said they’d grab Tony later, and now Tony is gone forever. Holly ships June 17th for most orders, but if you’ve already ordered, it’s likely on its way. Get yours while you can. PHP Tek TV Is Doing Something Different This Year In past years, conference talk videos would get edited and uploaded weeks (or months) after the event. This year, John is doing things differently: the raw, unedited recordings are going up now, with timestamps in the description so you can jump straight to specific talks — some rooms recorded a seven-hour continuous feed and just left it running. The clean edited versions are still coming (a video editor friend in the UK is on it), but if you want to see a talk right now, the raw version is there. Audio quality varies by room, but it’s watchable. Immich — A Self-Hosted Google Photos That Actually Works John has been running Immich, a self-hosted photo management platform, in a Docker container for about a month and loves it. It does facial recognition, GPS tagging, and auto-uploads from his phone — essentially everything he cares about in Google Photos, without handing his photos to Google or Apple. He’s now planning to use it as the PHP Architect conference photo library, centralizing all the Tech photos in one browsable, shareable place. It’s fully open source, with no licensing cost, and an optional donation tier. If you’re sick of paying ever-increasing storage bills to big tech companies, this is worth a look. Ben Ramsey’s PHP Tek Homecoming Article Is Free to Read The May issue of PHP Architect magazine is now available to digital subscribers, and this month’s free article is Ben Ramsey’s piece on the PHP Tek homecoming experience. Eric reached out to Ben last minute and he delivered. If you’ve never subscribed, this is a low-barrier way to see what the magazine is like. Head to phparch.com, grab the free article, and if you like what you see, subscriptions are not expensive. John Is Resurrecting a Legacy Laravel App — With Claude’s Help John has been grinding away on a Laravel 6 app that was a passion project years ago and has now been revived as an actual client project. Using Claude to methodically baby-step through each version upgrade — starting with writing tests to establish a baseline — he’s worked up through the major Laravel versions. The turning point came when he hit the version where the old event sourcing package (Prooph) was clearly on its way out, and the decision was made to migrate to Verbs, Nuno Maduro’s Laravel-native event sourcing package. John’s now looking forward to it. He’s also accidentally been burning tokens on the company Anthropic account (not his personal account), which Eric caught live on air. They are going to talk about it after the show. Eric’s Mystery Side Project Is Almost Ready — If DNS Would Cooperate Eric teased a new side project last week and intended to reveal it this week, but he’s stuck waiting on DNS propagation. The domain was registered with DigitalOcean DNS already in use by a previous owner, so Eric moved it to Cloudflare — only to discover there may be a conflict because the previous owner was also on Cloudflare. The result: the name servers are stuck on old values. John’s live suggestion was to move it to Route 53, and Eric was immediately sold. The project is almost ready to show the world, DNS gods willing. Meta’s AI Support Bot Got Socially Engineered Eric shared a video demonstrating how someone prompt-injected Meta’s AI customer support bot into sending a verification code to an attacker-controlled email address — and then using that code to add the email to an account, enabling a full password reset and account takeover. The irony: Meta is the company behind Llama and has some of the deepest AI expertise on the planet, and they still shipped a support bot with permissions it shouldn’t have. Eric’s point was pointed: you can fire a human employee who gets social engineered, which creates accountability throughout the team. An AI has no such incentive structure. Crowbarring AI into account-modification workflows without appropriate guardrails is just asking for this. The PHP Foundation Now Publishes Board Meeting Minutes Eric discovered that the PHP Foundation has started publishing their board meeting minutes in a public GitHub repository. Nothing earth-shattering yet, but seeing who attended, what was discussed, and what decisions are being made gives the community a real window into how the foundation operates at scale. It also helps explain something Eric and John have always found interesting: why PHP stalled so hard between versions 5 and 7. There was no foundation, no financial backing, just volunteer hours. Now there’s a paid staff and governance structure — and the minutes show exactly how complex running something at PHP’s scale actually is. The PHP Foundation Has a Dedicated Security Team Now Speaking of the Foundation, it now has a dedicated security team — a sign of how seriously the supply chain attack problem has gotten. AI tools are being deployed by black hat actors to find vulnerabilities in open source projects at a scale that wasn’t possible before. PHP is not just another open source project; it underpins a massive slice of the web, and companies depend on it staying secure. Having a team specifically focused on this is the right call, even if it’s a sobering reminder of where the threat landscape is heading. Moat — Nuno’s GitHub Security Auditing Tool Nuno Maduro (of Laravel fame) quietly shipped a tool called Moat that audits your GitHub presence for security gaps. Install it globally via Brew or Composer, point it at your GitHub org, a specific repo, or even a specific branch, and it gives you a report on where your security posture could be improved. It’s read-only — it won’t change anything — and it’s explicit that it is not a security certification. Eric wants to use it to audit the PHP Architect organization’s repos, many of which haven’t been touched in years. Think of it as a fast, opinionated triage tool, not a replacement for a real security audit. Links from the show: PHP Tek 2027 — Chicago, April 27–29 PHP Architect Store — Holly the Elephant Immich — Self-Hosted Photo Management PHP Architect Magazine Verbs — Laravel Event Sourcing by Thunk Moat — GitHub Security Auditing by Nuno Maduro PHP Foundation on GitHub PHP Architect Discord Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.04 appeared first on PHP Architect.

Michael and Jake are joined by Jason "JMac" McCreary to talk the impact of AI on Laravel Shift and modern upgrade workflows, and his latest Fast Laravel course focused on edge caching and application performance.Jason shares how Laravel Shift has evolved alongside AI-assisted development, why recent Laravel releases have changed the upgrade landscape, and why he still believes there's value in keeping applications aligned with the latest framework conventions rather than simply running composer update. The conversation explores how AI tools are influencing developer workflows, the future of upgrade automation, and new ways Shift is integrating with agentic coding tools. The second half of the episode dives deep into Fast Laravel, Jason's course on making Laravel applications dramatically faster using Cloudflare edge caching. Drawing on decades of web development experience, he explains why page caching remains one of the most effective performance techniques available, how Laravel's default stateful behaviour can prevent effective caching, and the practical steps required to achieve cache rates approaching 99% on real-world applications.Show LinksLaravel ShiftShift AI SkillsFast LaravelSeparate `static` middlewareManaged queues on Laravel CloudLaravel Cloud

Ian and Aaron discuss Aaron's new employee, the latest on Outro, a surprise trip to Portland, and more.Sponsored by Laracon AU, Honeybadger, Bento, Vask, and DropInBlog.Interested in sponsoring Mostly Technical?  Head to https://mostlytechnical.com/sponsor to learn more.Going to Laracon?  Sign up for the Mostly Technical Pre-Party!(00:00) - Where Was Ian? (02:26) - Outro Update (12:32) - Kelsey Is Gone (22:11) - Is Cloudflare Up? (24:53) - Aaron's New Employee (40:10) - LaraProm Update (42:14) - A Little Technical (54:35) - Aaron Went To Portland (01:06:35) - Slash Brag Links:Brett AdcockManaged Queues on Laravel CloudOutro.fmTinySeedJason LengstorfWeb Dev ChallengeKelsey Hightower

Tim Berglund talks to Gunnar Morling (Confluent) about his career in open source Java and data infrastructure. Gunnar's first job: a student PHP developer in AMD's e-learning group. His challenge: building Hardwood, a fast, multi-threaded Parquet engine for Java with minimal dependencies.► The One Billion Row Challenge blog post: https://www.morling.dev/blog/one-billion-row-challenge/SEASON 2 Hosted by Tim Berglund, Adi Polak and Viktor Gamov Produced and Edited by Noelle Gallagher, Peter Furia and Nurie Mohamed Music by Coastal Kites Artwork by Phil Vo  

Today we are talking about AI, How to stay up to date with it, and if it will really take our jobs with guests Angie Byron & Amber Matz. We'll also cover AI Best Practices for Drupal as our module of the week. For show notes visit: https://www.talkingDrupal.com/555 Topics What Is AI Learners Club Amber Defines the Club Origin Story and DrupalCon AI Debate and Community Tensions Issue Queue Conduct and Moderation Thread Tone vs Substance AI Adoption Outside Drupal Conflict Mediation Playbook Maintainer Burnout and Flood Safe Space Learners Club How the Club Started Picking Topics and Demos AI Taking Our Jobs Future of Learners Club Resources Context Control Center AI Learners Club Initiative page Event calendar YouTube Playlist Session Recaps Next session (Claude Design) Slack: #ai-learners Most wanted topics What Angie's working on these days Guests Amber Matz - tugboatqa.com amber-himes-matz Angie Byron - ai_best_practices webchick Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Scott Falconer - managing-ai.com scott-falconer MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Do you want to start using AI tools for Drupal development, in the most efficient way possible? There's a composer plugin for that! Module name/project name: AI Best Practices for Drupal Brief history How old: created in Mar 2026 by Angie Byron (webchick), one, of today's guests, a long-time Drupalist, one-time Acquian, and a fellow Canadian Versions available: dev version only, which doesn't seem directly opinionated about what version of Drupal you're using, though it does have minimum versions of PHP and Symfony libraries that suggest Drupal 10 is functionally your minimum Maintainership It is officially seeking co-maintainers Test coverage Documentation - an in-depth README, or you can ask an AI model! (like I did for this segment) 54 open "Work Items" on Gitlab, so lots of active discussion already Module features and usage AI Best Practices for Drupal aims to be the opinionated starter experience for AI-assisted Drupal development You can think of it as a single Composer install that makes any AI coding agent "speak Drupal": following community standards, preferring contrib over custom code, and avoiding framework-naive mistakes. It replaces scattered, tool-specific CLAUDE.md files and Cursor rules that some Drupal developers currently maintain individually, with one canonical, community-governed package that works across Claude Code, Cursor, Copilot, and more. With contributions by a variety of Drupal luminaries including Marcus Johansson, Christoph Briedert, and Scott Falconer, it's the Drupal equivalent of Laravel Boost: stop explaining Drupal to your AI every session and just get writing code. After install or update, it will create an AGENTS.md file from a provided template if there isn't one already, or it will update a specifically marked "ai-best-practices" section of an existing file You will also have a directory of provided skills, and guidance for creating new Drupal agent skills Also included is a set of evals, meant to automatically identify when AI models go off course and provide feedback AI Best Practices for Drupal is meant to provide guidance that will be particularly useful for AI agents, so it's ideal for Drupal developers getting started with AI tools, or for AI developers who want to get started with Drupal

PHP Podcast – May 28, 2026 Hosts: Eric Van Johnson & John Congdon Links from the show: PHP barely avoided disaster – YouTube CVE-2026-45793: Anatomy of a 14-Hour PHP Supply-Chain Near-Miss · graycoreio/github-actions-magento2 · Discussion #261 · GitHub An Update on Composer & Packagist Supply Chain Security PHP Tek: A Homecoming by Ben Ramsey Tek Roundup – Roave Speaking at PHP Tek 2026! #tech – YouTube PHP Tek is behind us, the ballroom is cleaned up, and we’re back to talk about all of it. Here’s what we covered: RIP Archie Bot After a long fight to keep him alive, Eric has officially retired Archie — the Discord bot built on OpenClaw that handled team standups, monitored PHP Architect’s Twitter/X group for join requests, and did a surprising amount of background work for the consulting team. When Anthropic shut down the OpenClaw API, Eric tried every model and service he could find to bring Archie back to form, but nothing got him all the way there. After a month of “almost working,” the call was made. He’s dead. Eric hasn’t ruled out revisiting it eventually — maybe with Claude Cowork — but for now, the bot is gone and the starting-soon link in Discord is broken because of it. Reviving a Six-Year-Old Codebase A client PHP Architect Consulting worked with from 2018 to 2021 has come back. The project — a reimagining of their app — was killed off when COVID hit and the CEO couldn’t align with the team’s vision. The last commit was six years ago. Now the client wants to bring it back, and Eric is spending the next few days analyzing what it’ll take to get it running again. Outdated packages, an old PHP version, and the general entropy of time are all on the checklist. Eric has genuine affection for this codebase — it was one of the first projects where he felt like the team was truly operating as a team, not just as an extension of him. Now it’s time to dust it off. Partner Spotlight: PHP Score → Our CVEs The PHP Score sponsor read may be getting a refresh — the folks at Artisan Build, who built PHP Score, have a new product they’re excited about: ourCVEs.com. It monitors your codebase’s Composer and NPM packages — and optionally your servers via a lightweight agent — for exposure to open CVEs, and alerts you when something needs attention. Pricing is generous: free forever for open source projects, $17/month for solo devs, $83/month for teams (or $1,000/year), with server monitoring scaling at $1 per server above 50. Ed from Artisan Build was at PHP Tek and made a strong impression. Go check it out at ourcves.com. How PHP Barely Avoided a Supply Chain Disaster Brent Roose released a 22-minute video covering a near-miss in the PHP ecosystem involving GitHub and Composer. The short version: GitHub changed their token format and briefly released it before Composer was ready to handle it. Composer was logging the token when the format check failed — meaning GitHub tokens were ending up in CI logs. In GitHub Actions, depending on how your action is configured, that container (and its token) might stick around for a while, giving an attacker a window to act. An alert developer caught the issue, used Claude to help research it, then did responsible disclosure — contacting the Composer maintainers and reaching out to Taylor Otwell, Vincent Pontier, and others in the ecosystem to disable their actions until the fix was in place. Update your Composer. GitHub rolled back the new token format but won’t keep it rolled back forever. Packagist MFA and Account Security Following up on the supply chain theme: Nils and Igor (Composer/Packagist maintainers) released a blog post on what they’re doing to improve supply chain security. The immediate ask for anyone publishing packages is to enable MFA on your Packagist account — it’s not required yet, but it will be. Eric went to check his own account, found MFA was already on, but noticed his username was still “diegodev” and he was using an old email. While updating it, he noted that Packagist didn’t require him to re-authenticate or confirm the change via the old email — a gap worth flagging if you have popular packages and someone ever gets into your session. PHP Tek 2026 Recap — The Good PHP Tek 2026 in Chicago is done, and despite everything (see below), the team is proud of how it went. Some highlights: Holly (CodeLorax) built a conference mobile app from scratch, released on both Google Play and the Apple App Store within 24 hours of the conference opening. The app let attendees build their own schedule, detected conflicting talk selections, sent push notifications when talks moved rooms, and even included a vendor lead-scanning feature where vendors could scan attendee QR codes to capture contacts. It was a genuine game-changer for the event. Eric and John named the conference elephant after Holly in appreciation — she also changed a trailer tire during setup, which sealed the deal. Clayton Kendall sponsored and produced the conference shirts and bags on an extremely tight timeline — shirts two weeks out, bags just one week before the event. Both were a hit. Attendees at the conference were getting questions about the rainbow PHP Architect shirt in particular. A job fair ran for the first time, with four companies represented. One hiring manager showed up even though they already had 1,400 applicants — because they knew that conference attendees are exactly the kind of motivated, self-improving developers they want. Attendees got to ask questions directly, including the real-world stuff like remote vs. office. Eric would love feedback on how to make it better next year. JS Tech debuted as a fourth track alongside the three PHP tracks, bringing in fresh faces from the JavaScript community. Eric came away energized by the cross-pollination — different people, different approaches to similar problems. Ben Ramsey and James Tickham (Rove) both wrote great blog posts about the conference. Ben’s will be featured in the magazine. Diana Pham also put together a video recap. Links in the show notes. PHP Tek 2026 Recap — The Incident On Monday during final setup, a hotel employee had a medical incident while walking through the main ballroom — leaving a trail that required hazmat-suited cleanup crews and forced the team to quarantine the ballroom, the hallway leading to it, and the adjacent bathroom. The person is okay and was back at the hotel by Friday, which was a relief. But in the moment, nobody knew what was happening or how long the room would be unavailable. The team had to rebuild the entire conference footprint overnight. The keynote moved, the JS Tech track went into the quiet room, vendors moved to the atrium, and the hotel staff — to their enormous credit — cleared their own furniture and accommodated every ask without complaint. Attendees were equally patient; once they understood the situation, there was no drama, just “tell us where to go.” The incident also took out the streaming setup for day one, compounding an already-difficult start. The solution that eventually worked — plugging the Ethernet into a hub before the streaming equipment — wasn’t tried until day three. Eric is mad at himself for thinking of it and not doing it sooner. PHP Tek 2027 — Save the Date (TBD) Planning for next year is already underway. The current target is April 2027 — away from the May timing that caused Eric to miss two of his kid’s band performances this year. Nothing is locked yet, but they’re working through venue and date options and hope to have an announcement soon. Links from the show: ourCVEs.com — Daily security audit on autopilot PHPScore — Technical debt monitoring for PHP Brent Roose — “How PHP Barely Avoided Disaster” (YouTube) Packagist — Enable MFA on your account PHP Architect Discord PHP Architect Merch Store PHP Architect YouTube Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.05.28 appeared first on PHP Architect.

Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community.Show linksGenerate HTML Password Rules Attribute in Laravel 13.9.0Storage Cache Store in Laravel 13.10.0Scrollbar Styling and Container Size Utilities in Tailwind CSS v4.3.0Laravel Introduces First-Party Passkey Authentication SupportLaravel's AI SDK adds sub-agentsDHH Joins Laravel Live Denmark 2026 for Fireside Chat with Taylor OtwellManage Laravel Cloud Deployments Inside PhpStormMoat: A Security Review for Your GitHub AccountModel-Based Scheduling for Laravel with CadenceLarapanda: A Type-Safe Lightpanda Browser SDK for LaravelUse a Google Sheet as Your Laravel Database with the Google Sheets Database DriverDrag-and-Drop Sorting for Eloquent Models with Reorderable for LaravelPiper: Laravel-Style Array and String Helpers for PHP's Pipe OperatorSimple Feature Flags for Laravel with Laravel ToggleLaravel Paper: A Flat-File Eloquent DriverTutorialsLaravel MongoDB Full-Text Search tutorial: The Art of the RelevancyShip AI with Laravel: Real-Time Streaming Chat UI with Livewire

This show has been flagged as Explicit by the host. It is suggested reviewing the episode What did I do at work today? Part 3 Section 1 prior to listening Test driven development - a way of writing code that involves writing an automated unit-level test case that fails, then writing just enough code to make the test pass, then refactoring both the test code and the production code, then repeating with another new test case. - https://en.wikipedia.org/wiki/Test-driven_development Joplin - Joplin is an open source, cross platform note-taking app. - https://joplinapp.org/ PHP - A popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world. - https://www.php.net/ MySQL - MySQL is an open-source relational database management system. MariaDB is a community developed fork of MySQL, often installing the MySQL package on a Linux distribution will actually install MariaDB. - https://en.wikipedia.org/wiki/MySQL - https://mariadb.org/ - https://www.mysql.com/ Sublime Text - Cross platform text editor - https://www.sublimetext.com/ Nmap - Network Mapper is a free and open source utility for network discovery and security auditing - https://nmap.org/ Markdown Fenced code blocks - "A code fence is a sequence of at least three consecutive backtick characters (`) or tildes (~). (Tildes and backticks cannot be mixed.) A fenced code block begins with a code fence, preceded by up to three spaces of indentation. The line with the opening code fence may optionally contain some text following the code fence; this is trimmed of leading and trailing spaces or tabs and called the info string. ... Although this spec doesn't mandate any particular treatment of the info string, the first word is typically used to specify the language of the code block." ```ruby def foo(x) return 3 end ``` from CommonMark Spec at https://commonmark.org/ (CommonMark is a standard, interoperable and testable version of Markdown.) Writing to a Database with PHP The following PHP method is implemented within a database access class: function create_with_id($id, $name) { $born = time(); $id = mysqli_real_escape_string($this->db, $id); $name = mysqli_real_escape_string($this->db, $name); $sql = "INSERT INTO object (object_id, display_name_text, born, died) VALUES ($id, '$name', $born, 0); "; db_run_sql($this->db, $sql); } Note db_run_sql is a helper function defined elsewhere, not a built in function, and the property db is a previously initialized mysqli object. Provide feedback on this episode.

Aaron is joined this week by Jesse Hanley, founder of Bento, to talk about building a seven figure business, why he feels less stress now than he did when he started, migrating from Heroku to Planetscale, and more.Sponsored by InterNACHI, Honeybadger, Bento, Vask, and NativePHP UltraInterested in sponsoring Mostly Technical?  Head to https://mostlytechnical.com/sponsor to learn more.Going to Laracon?  Sign up for the Mostly Technical Pre-Party!(00:00) - 5 TB of Data (11:12) - Laravel Live Japan (15:46) - Seven Figure Business (24:32) - Advice for Indie Hackers (28:57) - Pick Better Problems (32:50) - Friends of Bento (42:33) - Heroku to Planetscale (01:15:02) - What's Next Links:Jesse HanleySpeedshopJesse's Database School episodeTatamiDragonflyRedisShakeLaravel Live JapanDaniel Coulbourne

While America is on holiday, we're giving you all something special to enjoy while you're (hopefully) with family and friends. Enjoy this special Holiday Edition of the PHP! And please, subscribe to our Patreon show today for even more exclusive content. See omnystudio.com/listener for privacy information.

Have you ever opened a file to make a quick change, only to find dozens of lines of commented-out code making it nearly impossible to understand what's actually running?In the latest episode of the No Compromises podcast, we discuss why keeping dead code around is slowing your whole team down.We make the case that commented-out or unused code creates real confusion when searching a codebase, whether you are a new developer, a consultant, or even an AI agent trying to understand what is actually in use.We also cover why Git is all the safety net you need, how Git bisect can recover deleted code you thought you might need someday, and why the fear of deleting code is almost always unfounded.(00:00) - Why commented-out code slows everyone down (02:03) - How dead code creates false search results (05:10) - Dead code costs you more with AI agents too (05:55) - How Git bisect helps you recover deleted code (10:08) - When commenting out code is actually fine (11:45) - Silly bit Join the conversation and share how your team handles dead code in our No Compromises community

Michael shares a behind-the-scenes look at organising Laracon AU 2026, including the new committee-based CFP review process, the tooling built to manage the talk submissions, and how AI-assisted workflows helped shape the final conference schedule. The conversation dives into balancing technical depth with audience engagement, designing conference cadence to avoid cognitive overload, and why advanced technical talks are so difficult to execute well.Jake and Michael also discuss the realities of crafting technical presentations, from simplifying code examples and avoiding "proof of expertise" syndrome, to using AI tools as collaborative thought partners when preparing talks. Along the way, they explore how conference organisers think about audience fit, production experience, practical takeaways, and keeping attendees engaged during deeply technical sessions.Show linksLaracon AUModel Context Protocol (MCP)Riff & Refine: Trust the Process

Ian and Aaron discuss finally recording Token Town, Ian finally shipping Outro, the benefits of working in public, what's coming next to Solo, and more.Sponsored by InterNACHI, Honeybadger, Bento, Vask, and NativePHP UltraInterested in sponsoring Mostly Technical?  Head to https://mostlytechnical.com/sponsor to learn more.Going to Laracon?  Sign up for the Mostly Technical Pre-Party!(00:00) - We Finally Recorded Token Town (07:43) - Outro Is Live! (21:43) - Working In Public Is Required (27:54) - What's Next For Outro (30:22) - What's New With Solo (43:59) - Free vs. Paid (55:20) - First Actual Resume (01:04:41) - Starting A Movement (01:12:36) - Everybody Loves Discord Links:Token TownOutroSyntaxSoloFasterAaron's page for TupleDerek Sivers's "Now" page

In the first-ever episode of Token Town Aaron & Ian break down pricing changes for Claude -p and the Agent SDK, a temporary 50% increase to Claude's limits, leaps in hacking ability, and more.Sponsored by Bento.Links:Claude pricing changes'Anthropic beats OpenAI on business adoption'Claude Code weekly limits are 50% higherSoloAmpSuperpowersMythos & cybersecurity

PHP Podcast – May 14, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: PHP Tek Is Four Days Away The countdown clock is basically ticking in real time — PHP Tek 2026 in Chicago is just four days and ten hours out as this episode begins. Eric flies Friday, John flies Saturday, and the team descends on the venue Sunday to get the trailer unloaded, the booth assembled, and everything tested before the conference kicks off. The conference magazines — ordered three weeks ago and still showing “printing” on Tuesday — pulled through at the last minute and are set to arrive at the venue tomorrow. That’s cutting it close, but it counts. Win a Free PHP Tek Ticket — Live on Air John put a full conference ticket up for grabs: DM him on any social platform, and he’d draw a winner on the live stream. The caveat? You had to be watching live — audio listeners are out of luck on this one. The lucky winner drawn on air was Jeffrey Davidson, who will now be at PHP Tek. Eric offered to even bring him to the team’s Saturday minor league baseball game if he flies in early enough. Jeffrey gets a hand-printed sticker name badge, but he’ll have a badge. New PHP Architect Conference Merch Fresh shirts are coming to the PHP Tek booth courtesy of Clayton Kendall, who is producing the apparel. The new design goes with a smaller logo placement — a more subtle, wearable-anywhere look compared to the big bold prints. If you’re headed to Chicago, swing by the PHP Architect table and see what’s there. Holly’s Conference App Gets a Vendor Mode The PHP Tek attendee app built by Holly (developed by CodeLorax) has been upgraded ahead of the conference. What started as a schedule browser with conflict detection and push notifications has now merged with a vendor lead scanning tool. Attendees can log in by scanning the QR code on their badge, and vendors can scan attendee badges to capture leads — all in a privacy-preserving way that doesn’t expose raw contact data. Eric’s wife Bek figured out the app entirely on her own without being told anything, which remains one of the best usability endorsements you can give. Something Big Is Happening in the PHP Community Eric teased something he can’t officially talk about yet — a community acquisition that’s still working through the legal and DNS transfer process. A new droplet has been created. Joe has already figured out what it is. Eric is too excited not to bring it up but too responsible to spill the details before it’s official. The plan is to announce after PHP Tek. If you want to know early, apparently getting Joe drunk at the conference is your best strategy. Grok AI Exploited via Morse Code in Bank Transactions A video from the Dave’s Garage YouTube channel surfaced a genuinely unsettling AI exploit: someone used a Grok-powered AI banking agent and embedded hidden instructions inside transaction memo fields — written in Morse code. The agent decoded the dots and dashes, interpreted them as instructions, and followed them, ultimately losing somewhere between $154,000 and $200,000 in crypto transfers. This is prompt injection in its most creative and alarming form yet. The attack surface for AI agents hooked into real financial systems is not theoretical — it’s happening. TanStack Hit by NPM Supply Chain Attack The TanStack ecosystem — the popular query, router, and table libraries — was hit by a supply chain attack via GitHub Actions cache poisoning. The attack vector was a forked pull request: a malicious fork can trigger GitHub Actions workflows and potentially inject poisoned artifacts into the build cache, which then get picked up by the legitimate package. Simon Hamp from NativePHP caught it and raised the alarm in the PHP Architect Discord. It’s a good reminder that the supply chain attack surface extends well beyond just what’s in your `composer.json` or `package.json` — your CI pipeline’s caching behavior matters too. PHP Tek Job Fair — Wednesday Afternoon There will be a job fair at PHP Tek this year, scheduled for Wednesday afternoon. At least one confirmed hiring manager will be there. If you’re looking for PHP work, or if you’re a company looking for PHP talent, this is worth planning around. Eric and John both see it as a natural fit for the conference — the PHP community is tight-knit enough that a job fair actually means something. Eric’s Birthday Spa Day in Palm Springs Eric’s wife Bek surprised him with a birthday spa day in Palm Springs. It was his first massage ever, and he paired it with a mineral soak in the natural springs. He came away thoroughly convinced — the combination of the mineral water and a proper massage left him feeling better than he expected, and he’s already thinking about going back. Beck planned the whole thing, and Eric was appropriately grateful. John’s First Couples Massage John has now also had his first couples massage, and it did not go quietly. He opted for deep tissue — which means the therapist was working hard — and his wife, in the room next door, was apparently convinced something was wrong based on the sounds coming through the wall. John described it as the kind of massage where you’re not entirely sure if you’re being helped or attacked, and the answer turns out to be both. He’d do it again. PHP Architect Becomes Padres Season Ticket Holders Eric and John are now official San Diego Padres season ticket holders — their first year in the program. As first-timers, they’re at the very bottom of the seniority ladder, which means they were among the last to pick seats. John blames Eric for not signing up years ago. There’s an upcoming Wednesday day game against the Dodgers with available tickets if anyone in San Diego wants them — reach out to John. Links from the show: PHP Tek 2026 — Chicago TanStack — Open Source Data Tools for the Web NativePHP — Simon Hamp’s Native App Framework for PHP PHP Architect Store PHP Architect Discord Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.05.14 appeared first on PHP Architect.

God's grace sets people free to be honest... honest with Him... honest with ourselves... and honest with others. And the reason is simple: I no longer have to be afraid. Because of Jesus Christ, I no longer have to lie, or blame, or deny, or hide, I can let God shine His light into the deepest recesses of my heart and show me the unvarnished truth about what's really there... without being afraid. Even when He points out things that are selfish, cruel, dishonest, fearful, proud or unforgiving, He doesn't leave me, or hate me or judge me. Instead He does the most amazing thing. He takes those vile motives and lays them on the shoulders of His beloved Son as though they had been His sins and then He punished Him instead of me. When I see what He's done it leaves me feeling two profound emotions at the same time: bitterly sorry and so grateful I hardly know what to say. It's all completely unfair and it makes no sense. There's nothing in my human experience that explains why He would still love me. When I face those ugly things inside of me I am dismayed by them but He doesn't react like that. Seeing me for who I really am He just draws closer and asks me to trust that He's doing a good work in me and will continue to perform it until I see Him face to face (Php 1:6). And the encounter itself leaves me different. I feel clean and light and stronger... and less afraid of being honest.  

Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community.Show linksInterruptible Jobs in Laravel 13.7.0Queue-Wide Inspection Methods in Laravel 13.8.0Laravel Installer Now Returns JSON When Running Inside an AI AgentPolyscope for Windows is Now AvailableA Free Shift to Check If Your App is Ready for Laravel CloudRedBerry to Host Georgia's First Laravel Meetup in TbilisiLaravel Schema Sentinel: Detect and Fix Database Schema DriftLaravel Idempotency: HTTP Idempotency Middleware for LaravelLaravel Web Push NotificationsChevere Workflow: A Declarative PHP Workflow Engine with Async Job ExecutionLaravel Shopper: A Headless E-Commerce Admin Panel for LaravelLaravel Brain: Visualize Your Application's Request LifecycleVerifiable Audit Logging with Laravel ChronicleLaravel ClickHouse: A Full-Featured ClickHouse Driver for LaravelGenerate Livewire Skeleton Placeholders Automatically with WirebonesAttach Addresses to Any Eloquent Model with Laravel AddressableTutorialsPersonalized Content Delivery System: Building an AI-powered recommendation engine with Laravel and MongoDBShip AI with Laravel: Search Entire PDFs with Zero Search Logic