Skip to main content

· One min read

Yarn doesn't have the ability to fix the problems it finds in a security audit (like npm does). There is a workaround that I found on a github thread though:

npm install
npm audit fix --force # breaking changes
rm yarn.lock
yarn import
yarn audit
rm package-lock.json

It's not pretty but it does the job.

· One min read

I recently update to Symfony 4.4 and had to work through a few deprecations. Some were straight forward, some were not. This Twig one was not:

The "twig.exception_controller" configuration key has been deprecated in Symfony 4.4, set it to "null" and use "framework.error_controller" configuration key instead.

This was resolved by adding the following to config/packages/twig.yaml:

exception_controller: null

· 3 min read

Akamai's new Sandbox can be run on local development environments, so you can test changes in development with production like CDN settings. This allows you to more quickly identify issues before rolling out to production.

· One min read

PHP CodeSniffer in our Jenkins CI was always one of the slowest tasks as it ran across our whole code base. LB Denker from Etsy wrote a good piece of software called CSRunner which looked to solve this problem by only running phpcs on files that had changed in the last 7 days (or so). It is written as a PHP script that was run from Jenkins.

I took this idea and adapted it to run in Ant. Instead of looking at files changed in x days, it looks at the checkstyle report from the last run and gets a list of files with problems. It merges this with any files that have changed since the last build. In theory it should bring the run time down (assuming you have a low number of files with problems).

build.xml

I'm open to any ideas on how to improve this as I'm not that experienced with Ant.

· One min read

I have been trying to migrate everything in MySQL to use INNODB (death to all MyISAM), but was unsure of how much data was being stored in each storage engine. You can use the following query to give a total usage for all engines:

SELECT ENGINE, CONCAT(FORMAT(RIBPS/POWER(1024,pw),2),SUBSTR(' KMGT',pw+1,1)) `Usage` FROM
(
    SELECT ENGINE,RIBPS,FLOOR(LOG(RIBPS)/LOG(1024)) pw
    FROM
    (
        SELECT ENGINE, SUM(data_length+index_length) RIBPS
		FROM information_schema.tables AAA
		GROUP BY ENGINE
		HAVING RIBPS != 0
    ) AA
) A;

Now I have that information I can adjust my INNODB buffers and reduce MyISAM caches

· One min read

I started playing around with using xtrabackup (or more specifically innobackupex) to backup MySQL. Most of our tables are now innodb so it didn't make sense to keep dumping everything out via mysqldump.

I had a clone of our master db server in our virtual environment that I was trying to restore the backup onto, but it was taking hours (using innobackupex -copy-back /backup/). I figured that the IO on my virtual servers was just crap and I'd have to grin and bear it. There doesn't seem to be much around about restoring using innobackupex, even the command options are limited for restores so I thought -copy-back was the only way.

It seems that if your backup is on the same filesystem as where it's going to end up then it's a lot faster to use the -move-back option. This changed my restore time from hours to seconds.

e.g.

innobackupex -move-back /backup/

· One min read

All the cool kids are doing it, so I'm playing around with enabling SSL by default with HSTS. Thanks to CloudFlare and StartSSL it's been mostly without a hiccup.

· One min read

I just a quick survey of the top 500 sites in NZ (based on Alexa data) and I was disappointed to see that only two NZ based sites (excluding Google, Microsoft, Facebook etc) supported IPv6, geekzone.co.nz and nzsale.co.nz (Geekzone implemented its IPv6 via Cloudflare and NZ Sale through Akamai).

Come on people, it's 2014. There's no excuse not to support IPv6, especially with two RIRs on their last /8 and APNIC with ~13.5 million addresses remaining. What's really worrying is that some of the major ISPS (Telecom, Vodafone, Orcon) don't even have IPv6 on their public facing websites. I'd guess that their residential customers won't be seeing IPv6 on their connections anytime soon and that CGN is a real possibility.