On January 28, 2025 at 20:39

Today I learned that Twitter allows changing password without asking for the second factor. Anyone with access to a valid session can simply change the password and lock you out. Same with account email apparently.

They do have this additional toggle for password resets (if email access is compromised, for example) but that is also disabled by default.

On January 28, 2025 at 14:48

Did you know that ChatGPT is adding utm_source to every link in the response sources and citations? Make sure you're tracking that in your analytics!

On January 27, 2025 at 14:48

Created "Perf Bench" to generate all kinds of web performance tests. It is a single PHP file (inside Docker) that maps query args to feature flags. A helper script can generate all permutations of the supported feature flags which can then be used by any other benchmarking tool.

On January 22, 2025 at 10:47

Tested a bunch of Meshtastic antennas for 868MHz (EU) frequencies and only two of them are actually usable. That's very frustrating for users because they will never know the reality without testing.

On January 22, 2025 at 10:41

Just release version 0.10.0 of Controls for Contact Form 7 which enables native WordPress shortcodes in the form content.

On January 17, 2025 at 20:39

To catch the hardest bugs, your WordPress development environment should be:

1. a sub-directory multisite,
2. with WP core in a sub-directory,
3. with wp-contents at the root (outside of core)

What am I missing?

On January 17, 2025 at 14:48

Fonts create an immediate emotion. Some are classy and expensive while others are playful and fun. Good fonts are the ones you don't notice — they just add clarity to the message and brand.

I feel like Drupal could significantly improve the perception of their brand and value by updating the front stack.

On January 15, 2025 at 14:48

I just realized that with distributed WordPress packages and signing, all vendor code must be isolated to avoid one trusted vendor from publishing an update with another vendor's package content which would overwrite it.

On January 14, 2025 at 20:39

Responded to @kasparsd:

5. While this proposal addresses signing and trust, it does not solve directory name isolation for plugins and themes — that would require a separate solution entirely.

What do you think? Is this simple enough to encourage adoption? What could be improved?