The PHP Podcast 2026.04.30
🎙️ PHP Podcast – April 30, 2026
Hosts: Eric Van Johnson & John Congdon
Another fun episode of the PHP Podcast! Here’s what we covered:
🚁 The Drone Slayer Strikes
Eric and John wrapped up a Padres game at beautiful Petco Park in downtown San Diego — and things got weird on the way out. A rogue drone started buzzing around a busy intersection, lingering on a guy on a scooter, before making a fateful attempt to fly in front of Eric’s car. It did not make it. The controller came running out, Eric kept driving, and John has already dubbed him “the drone slayer.” Eric still hasn’t looked at whether his wife’s car got scratched, which feels like the bravest choice of all.
⚾ Baseball Week Never Ends
The reason today’s episode started an hour early? Baseball. John’s week was wall-to-wall: a Tuesday night little league game, the Padres game with Eric on Wednesday, practice Thursday night, the playoff draft reveal Friday, a little league game Saturday, and another Padres game Sunday. Eric pointed out John was wearing his own last name on a jersey to a Padres game, which opened up a whole sidebar on why anyone buys a $200 jersey with a player’s name on it when players change teams every two years anyway.
🏥 Walking Pneumonia and the Power of the Right Antibiotic
John’s week was also scrambled because his son had been diagnosed with regular pneumonia — but after not getting better, a second doctor visit revealed it was actually atypical (walking) pneumonia, which requires a completely different antibiotic. Once on the correct medication, his son bounced back almost immediately. The kid had been pushing himself trying to feel well enough for sixth grade camp, but there’s really no faking it with the wrong treatment.
🤖 The Archie Situation — AI Standups Gone Sideways
Eric has had a rough stretch after Anthropic shut down OpenClaw, the platform that powered their internal Discord bot Archie (a.k.a. Alfred). Archie had been running daily team standups, generating weekly summaries, letting team members tag it with updates throughout the day, and even setting reminders. Everyone got spoiled by it. Since then, attempts to migrate to Ollama — both locally and through the web service — have been plagued by slow response times and dropped messages. Eric is close to pulling the plug and going back to the old manual method, and he’s not happy about it.
🔧 Claude SSH’d Into Eric’s Server and Fixed Everything
For weeks, Eric had been fighting a broken Postiz Docker container — a self-hosted social media scheduling tool he uses to post across platforms. After updates broke it and multiple attempts at a fresh install still left it broken, he dropped the problem in Claude’s lap and explained the whole situation. Claude asked for permission to SSH into the remote server on Eric’s Tailscale network, and Eric said sure. Thirty minutes later, Claude had identified the culprit — a Temporal workflow engine losing its configuration on restart — wrote a fix script, configured the service to reconfigure properly on boot, and even set up a cron job to restart the container on reboot. Eric’s still trying to find that chat to review exactly what it did, but the service is running.
🌐 GitHub is Getting Hammered by AI Agents
GitHub has had a rough patch of outages, and the numbers tell the story: 20 million new repos per month, 1.4 billion commits, 90 million pull requests — with a dramatic spike right at the start of 2026. Part of the culprit? AI agents being unleashed on codebases to automatically open pull requests from backlog tickets. Eric has a client doing exactly this, and while it sounds impressive from the owner’s perspective (“look at all this work getting done!”), the developers on the ground report that a high percentage of those AI-generated PRs require significant human correction before they’re anywhere close to mergeable. The comparison to Reddit’s early explosion — and the one engineer who basically didn’t sleep for two years — felt pretty apt.
🔐 The GitHub Security Vulnerability Nobody Talked About
As if the outages weren’t enough, GitHub quietly disclosed a serious security vulnerability: a specially crafted git push — using malformed options in the push metadata — could allow arbitrary code execution on GitHub’s own servers. Eric had to dig to find the blog post because GitHub was not exactly shouting about it. To their credit, they state that their investigation found no evidence the vulnerability was ever exploited in the wild. But knowing that a specific sequence of bytes in a git push could have handed someone the keys to GitHub’s servers is genuinely unsettling.
👻 The Creator of Ghosty Is Leaving GitHub
Mitchell Hashimoto — creator of the Ghostty terminal and formerly of HashiCorp — announced he’s leaving GitHub, where he’s been a user since 2008 (user #1299). This comes shortly after the Zig programming language made the same move, also citing reliability concerns. Eric was mildly skeptical of the “announcing I’m leaving” genre of posts, pointing out that GitHub doesn’t especially need your permission to stop using it. Notably, Hashimoto’s post doesn’t say what he plans to use instead. John joined GitHub in 2009, which led to a fun live expedition through his commit history — turns out he got serious about coding right around July 2013, roughly when DiegoDev landed its first client.
🛡️ Update Composer. Like, Right Now.
PHP developers tend to set Composer up and forget about it — but there’s been a serious security vulnerability patched in a recent release that you absolutely want. The fix is simple: just run composer self-update. It updates in place and keeps a rollback copy in case anything breaks. While you’re at it, if you have global Composer packages installed, run composer global update to catch those too. Eric noted that Composer should really warn you when you’re significantly behind versions, the way Claude Code does. Until it does, just make a habit of it.
🐧 Linux Kernel Exploit — Patch Your Servers
A CVE was shared in the phparch Discord that affects Ubuntu, Amazon Linux, and Red Hat: a Linux kernel exploit that lets an attacker gain root access with a remarkably small payload — around 732 bytes targeting setuid. It’s a good reminder that the old sysadmin badge of honor (“my server has 5-year uptime, never rebooted”) is the wrong mentality now. With tools like Terraform and infrastructure-as-code, spinning up a freshly patched machine is the move. Keep your operating systems current, especially Linux servers running in production.
📱 Holly Built a PHP Tek App — And It’s Already Good
Community member Holly built a native attendee app for PHP Tek, available now in beta on iOS (via TestFlight) and Android. You can browse the schedule, select the talks you want to attend, and it’ll warn you if two of your picks are in conflict — a “merge conflict,” as Eric put it. Best of all, it sends push notifications when sessions you’ve favorited get moved or rescheduled, which happens constantly at tech conferences. Eric’s wife installed it without being told anything about it and figured it out on her own — about as good a usability test as you can get. The app is built natively in Swift and Kotlin. Be kind to Holly — this is a gift to the community.
🐘 PHP Tek in 19 Days + New PHP Architect Merch
PHP Tek is nearly here — 19 days out in Chicago. A brand new PHP Architect elephant is coming (tentatively named Holly, after a live-stream vote). Eric also walked through new merch at store.phparch.com: a v-neck version of the classic rainbow PHP Architect shirt, and his personal labor of love — the “I have standards, specifically PSR 0, 1” tee — which he admits has sold exactly zero copies. If the hotel room block is sold out by the time you read this, reach out to the team directly and they’ll see what they can do.
Links from the show:
-
- Postiz — Open Source Social Media Scheduling
- GitHub Security Advisory: Remote Code Execution via Git Push Options
- PHP Tek 2026 — Chicago
- PHP Architect Store
- PHP Architect Discord
- An update on GitHub availability
- Migrating from GitHub to Codeberg
- Ghostty Is Leaving GitHub
- Securing the git push pipeline: Responding to a critical remote code execution vulnerability
- Composer 2.9.6 fixes Perforce Driver Command Injection Vulnerabilities (CVE-2026-40261, CVE-2026-40176)
- Copy Fail: 732 Bytes to Root on Every Major Linux Distribution.
Host:
Eric Van Johnson
- X: @shocm
- Mastodon: @eric@phparch.social
- Bluesky: @ericvanjohnson.bsky.social
- PHPArch.me: @eric
John Congdon
- X: @johncongdon
- Mastodon: @john@phparch.social
- Bluesky: @johncongdon.bsky.social
- PHPArch.me: @john
Streams:
📬 Connect & Hire
Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review.
Partner
This podcast is made a little better thanks to our partners
Infrastructure Management, Simplified
Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease.
https://displace.tech/
Put Your Technical Debt on Autopay with PHPScore
Cut code review time & bugs in half instantly with CodeRabbit.
Music Provided by Epidemic Sound
https://www.epidemicsound.com/
🎯 Join Us Live Next Week
Got feedback? Join us on Discord at discord.phparch.com
Listen
Podcast (episodes): Play in new window | Download | Subscribe
Transcript
[06:38] Ah wrong side broken it’s all broken, hi eric i am eric you are eric the the uh oh shit what are they called what did i kill yesterday what did i vanquish yesterday droid droid yeah it’s a droid right it was a droid i vanquished it a droid?
[07:05] What are you talking about? I’m the only guy in the world that can drive over and kill. Oh, that’s right. I forgot about that. No, no, no, not a droid. It was a quadcopter. Yeah, what was this called? I thought they were…
[07:23] You got me screwed up by calling it a droid.
[07:27] Drone. Drone. Drone. That’s the word I was thinking. I’m the drone slayer.
[07:35] Hello everybody welcome to the show that’ll be a fun story yes that’s john in case you’re wondering what we’re talking about we’ll tell you in a second but you’re listening to the php podcast the official podcast php architect where we produce a magazine we do a bunch of extended learning we uh we have a conference coming up here in a few weeks 19 days night not a few weeks We have a consulting group, which we’re trying to get out there a little bit more. I know you all listen to the podcast, so you know this. You know we’re actually PHP programmers, developers, and we have a whole company full of developers who take on client work. So get the word out there. Let people know. Um because apparently people don’t know uh and we can augment teams i was gonna say the same thing if you would like us to augment your team and help out we’re available even do like architectural sanity checks you know whatever you need
[08:38] you let us know you’re not going potty now, you are not going okay okay i’ve started the podcast i’ll stay here my god this dog. Um all those things uh so yeah uh if you’re listening to the audio podcast right now you need to join us for the live show we record every thursday typically around three o’clock but today we’re doing a little early we’ll get into that a little bit later as well why are you whining lay down while he’s talking to his dog join us on youtube youtube.com slash php arch and join us in our discord well before you get there while you’re at the youtube link first drop a little like thumbs up and subscribe we’d appreciate that yes then come hang out with us in discord over at discord.phparch.com be part of the conversation yes yes joe the drone was done,
[09:40] um joe in our discord jeffrey how’s it going my friend good to see you okay so what are we talking about john and i went to a baseball game yesterday oh man i should have pulled up your your little x the the rare time you actually actually post let me pull that up so everybody i do that because i i forgot to put the picture on it initially so you can get up on the big screen with those pictures. And I don’t know if we never got up there because I didn’t include the picture in the initial post. I went back and edited it and added it. So that must be why. Let’s try to get us on the Jumbotron. Oh, hell no. Hell no. So John and I went to a Padres game. Why is the thing not changing? Wow, that was laggy as hell. John and I went to a Padres game yesterday. Oh, and I forgot to bring you the laptop I said I was going to bring you. Whoops. Yeah, that’s fine. Actually works out because I’m using it. I had a good time.
[10:39] So if you’re not familiar with the San Diego Padres baseball stadium Petco, it’s in downtown like you can literally see the downtown buildings you can walk to like the main like party street market street where everybody goes you know friday nights and and drinks and eat um so it’s literally like downtown uh it’s a beautiful stadium really love the downtown aspect of it because like you can come in from multiple directions and traffic doesn’t get so gnarly like in the checkbook anyways i’m getting ahead of myself we go to leave yesterday um and we’re heading out and we’re stopped at this intersection downtown so people are walking across the street and you know san diego is not a huge city but it is a city like especially the downtown area it is a city it’s just like a mini downtown city so there are people walking around and all of a sudden this like little drone comes flying in front of us and you know we’re sitting in
[11:40] our car and uh this drone comes flying i’m like what the hell and then it kind of starts lingering on this guy who’s on a scooter next to us so john’s like oh i think that’s his droid or drone i’m like oh okay well yeah whatever and then i noticed that guy starts looking around I’m like, what the hell is going on? I’m like, no, I don’t think that’s his. And so, uh, I was actually thinking it was a guy that had just walked across the street because you can, yeah. Yeah. Cause, because it’s usually like you can set in an action camera shot. You just have to follow you wherever you’re going so i thought oh yeah i i totally thought that’s what it was at first yeah but then he turned he got to the other side he stopped and he turned and then he’s looking at it like what the hell’s going on like and this thing is like june probably like five feet off the ground i mean it’s not high in the sky and it’s this busy traffic intersection,
[12:36] cars are going by it like barely missing it because it’s like flying out in the middle of the intersection and coming back and doing all this like weird stuff and it’s like all right whatever. So Arlae turns green. And like I said, by this time, it’s like over to our left, lingering on this guy on a scooter. And our light turns green. And so we start going. And then I see out of the corner of my eye, it starts to try to fly in front of us. It does not make it.
[13:07] There was like a grunt outside too, right? Yeah. Yeah. Like you hear it. And then I look in the mirror and I see this little drone bouncing. Like falling on the ground there. I saw the guy who was controlling it. Oh, did you? Yeah, because he came running out. And John, I still haven’t checked to see if it scratched the car. I was just going to ask you if you looked when you got home. I can’t because it’s a nice car. It’s the wife’s car. She lets me drive it every now and then. I do enjoy driving it. So I need to go. I mean, not like we can do anything. I guess I can open an insurance claim or something. But yeah, it was just the weirdest thing. And it’s like, all right, well, I don’t know what I’m going to do. I’m not going to stop. You know, it’s like we’re downtown. Traffic’s moving. You have got to chill. Chill.
[14:00] We’re downtown. Traffic’s moving. So, yeah, it was just like this bonkers little thing that happened. So why are we here, John? Because I have my Thursdays, I have a very regimented schedule. I have meetings till 11 and then I sleep till three. Why am I up? Well, first of all, we didn’t get a picture of the back of my jersey. That’s my little league jersey that I wear to my games. It has my name on the back of it. And then I realized it’s kind of weird wearing your own last name to a Padres game. So this is the thing, right? Like as I’ve gotten older, so I’ve played for many years. I’ve had my name on jerseys many times, but.
[14:47] I won’t buy a jersey with somebody’s name on it, much less my name. But, like, you know, like, people, like, buy them, like, with, like, players’ names on it. Like, you know, Machado. It’s like, all right. I mean, if that’s your husband or that’s your boyfriend, okay, you’re wearing his jersey. But, like, why am I going to wear that jersey? Like, I’m not going to wear that jersey. You’re supporting that player. No. And see, that’s the thing.
[15:14] Teams, this is not just baseball. Teams hope you buy those. Because players change teams. When they change teams, you’re going to have to buy another $200 jersey with somebody else. Why are they $200 to begin with? That’s crazy. Yeah. Well, that’s a whole other thing. So to answer your question about why are we here early, it’s baseball. It’s baseball. It’s baseball. John’s baseball. So, so Tuesday started like a week long stretch of baseball for me with Tuesday night being a little league game. You and I went to the Padres game yesterday. Tonight I’ve got practice. Um, tomorrow we have our little league draft reveal for playoffs. Um, Saturday, I have a little league game. Sunday, I’m going to the Padres game again. It’s like a lot of baseball. It’s nothing wrong with that. I’ve got to ask, if my current wife, my wife, Beck, if you’re awake and you’re listening to this podcast, can you come get this dog?
[16:22] I’m going to have to walk this dog outside or something. She’s like really whining.
[16:28] Um yeah so yeah that’s why we’re here not this is not going to be a regular thing right we’re going to go back to three o’clock as far as i know unless we decide we like it at two o’clock but i like three o’clock because it’s kind of wrapping our day up yeah it’s kind of the end of the day yeah yeah i get that um yeah yeah so we have tea today baby you know the kids say that you know t means and and the kids love when we use their their slang absolutely they do yeah uh that yeah uh so we have some tea to talk about today out there in the world of being a developer, before i get to that though how was your week john doing anything fun interesting, not fun nor interesting my week’s been all sorts of miscombobulated because my son last week was diagnosed with pneumonia and then.
[17:26] Ended up taking him back to the doctor this week because they not misdiagnosed it, but there’s two different types of pneumonia, typical and atypical. And they didn’t do the proper blood test the first time. So he has atypical or walking pneumonia. So it’s a different antibiotic. So just it’s kind of been a long week. So is he getting better? Is he feeling better? He’s feeling so much better right now. Yeah. got him on the right medication i love modern science stuff we can do how fast they get better right yeah it’s like once he you could just see it you know like all of a sudden he’s on the right medication and when he’s on the medication before he was trying to be better because he really wanted to go to sixth grade camp yeah so he wanted to be better and he tried but you could just tell you. Do just a little bit of walking and then all of a sudden he’s taking a nap so right he’s he’s all good
[18:26] now cool cool i said my current wife i think we’ve talked about this on the show before but not everybody listens to all the shows if you listen to our old uh podcast uh php ugly that’s how i would refer to my wife is my current wife and she’s been my wife for like 100 years now we got married out of high school so it was an ongoing joke everybody enjoyed it i even shared in discord a few weeks ago there was like this trend on tiktok where guys say my current wife to see their reaction you’re like you know guys are getting like karate chopped in the throat which was hysterical, uh but yeah my my wife uh she embraced it it became a whole thing where like when we had the conference people were asking where my current wife was and and if you’re in our discord that’s her discord handle show comes current wife so uh but yeah i didn’t i didn’t bring that over because i don’t know trying to be a little bit more professional and and she’s kind of like established
[19:27] herself in the community so yeah i like it, yeah okay uh yeah so your kid’s been sick yeah. Outside of that getting little stuff done here and there work-wise mostly trying to get prepared for tech because it’s quickly approaching and I still feel like there’s a ton to be done, yeah it definitely feels that way like just. And I’m like, yeah, I’m like, what are we missing? Like, I feel like we’re, cause it seems like we were so much busier the last couple of years at this time during the year. So I don’t know. Maybe we just have it under control enough. No, we’re missing.
[20:11] I’m pretty sure we’ve screwed something up here.
[20:16] I got, I’ve got one speaker who hasn’t responded to any messages I’ve sent them for the past two months. That is so trippy. So i don’t i finally tried reaching out a different way like let me go find them on linkedin and see if i can get a hold of them there because i don’t know and i don’t have a a flight or hotel room for them i don’t they’re international so i don’t know if i’m going to be able to get a flight for them at this point because i know costs have just skyrocketed with the price of fuel lately.
[20:52] All stressful. And we’ve already had a speaker back out from doing a tutorial for personal reasons. And, I just know where we’re at. The ticket sales and everything don’t justify us paying for more hotel rooms and more flights. Right. This is a huge piece of that.
[21:18] Yeah. There you go. Sarah, Jeff, she listens.
[21:25] My current wife replied in our Discord if you’re watching. So join our Discord and say hi to Beck, my wife. She’s a beautiful person. She came in. I asked about the dog. And of course she shows up and the dog is like, no, I don’t want to go potty now. I’m just going to stay here. So I don’t know what that was about, but she did show up. So, and she does, she literally wakes up. She works at night. Like she has to work from eight o’clock tonight until five tomorrow morning. She wakes up on Thursdays just to listen to the show. Oh, what a supportive voice. Very. Yes. she’s a very supportive wife and i do love her for it um my week if since you asked i was about to chill calm down eric uh screw you i guess i’m no i’m just kidding how was your week, Been pretty okay, I guess. Talking a lot more about AI to clients now. Had like an hour-long meeting with a client today on a project. Kind of a new project. What about new? The one we were talking about last night or yesterday? Yeah.
[22:37] Okay. And after that meeting, the owner of the company who was in the meeting calls me on my cell phone, and we talked for like another hour. And like I said, there was a lot of talk about AI and what role it’s playing in our industry and what role it’s going to be playing and all that stuff. I personally have been struggling a little bit. We talked a while back. I had done an open claw. With, um, that we were, you know, calling internally, we’ll call it Alfred. It’s the same, it’s the same bot that’s in discord as Archie. Uh, so Archie was doing our standups with, with the team and doing, I thought a really good job. Like the team was able to continue to interact with them. And I would do weekly summary reports and just got a really good understanding of what everybody’s been working on and what issues they’re having. It was really nice. I got really spoiled by it. I had another version of that a long time ago where Google’s Gemini kind of
[23:55] did the same thing, but it wasn’t as interactive. So I had gotten spoiled with it because the team started really taking advantage of it, where they would tell Archie to do things for them or to remind them of things. Or they’d come back in later in the day and say, okay, those tickets I talked about, I finished. So that was great. Anthropic pulled the plug on OpenClaw, and we had to find another model, another AI. And it just went off the rails. And I still haven’t really gotten it under control. I’m getting close. I ended up having to subscribe to Olama service, like the web version of Olama. Because as hard as I tried to get it running locally, it would run. But it was so slow. It was terrible. And I’m like, this is just not going to work. And even the like service is slow. Like you talk to it and, and it takes forever for, for it to respond. And sometimes it doesn’t respond. Um, um, Yeah, it’s tough, man. I don’t know.
[25:11] I’m really kind of irritated with Anthropic right now. I don’t know what I’m going to do. I’m feeling like I’m going to need to pull the plug on this and just go back to the old method because I know the team’s getting frustrated with it. So that’s been a big part of mine. I’m going to tell you, speaking of Anthropic, I had an issue. So I’ve been using this open source package called Postiz, P-O-S-T-I-Z. I don’t know how you say the word.
[25:45] It’s basically like Social Champ or any of these services where a buffer, any of these services where you can post to multiple social media platforms at one time. And I spent a lot of time getting it set up, and I’m really happy with it. And I use it a lot. uh and i updated it recently and it broke i’m like fuck me sideways i don’t know and i’m trying to fix it as a docker container and the docker containers ring fine and blah blah blah and i’m like i’m like playing with it for like weeks you know it’s not like a major focus of mine but like you know i go get on it and i just couldn’t get it to work and so i kind of gave up i’m like oh, Forget this I can’t get it to work And I’m like let me just try one more thing And I opened it up Claude, And I said hey Claude I have this. Docker container running on a remote server on my tailscale network it’s not working i can’t i i upgraded i explained the whole
[26:50] backstory and it said can i do i have permission to ssh into the server and take a look i’m like yeah sure what the hell could go wrong there use my ssh key, it’s like it’s funny it’s asking permission because i’m like well clearly you have the ability, so I guess go ahead and do it because you could be doing it without telling me, you know? So, in SSH SSH is in. And we’re having a conversation for like a half hour yesterday of fixing it. Like it was like, okay, I see the problem. They have this new telephone thing, blah, blah, blah. And it’s trying to fix it. And then it would fix it and then it would break again. And it’s like, okay, I wrote this script and it just fixed everything. And it’s back up. And I’m like, that was incredible because what I do is I’m like, okay, screw it. I’m just going to start from scratch. And I’m just going to download, you know, like it’s a fresh install. And it was weird. The problem I was having is like if I was local host,
[27:58] I could see it because I was pulling it in on my local system to see what was breaking, right? Because when I pulled in the fresh one, it was still broken. So I couldn’t get to it. If I tried to get to it using 127.0, you know, the local host IP address, it would still be broken. But if I typed in localhost, it worked. I’m like, man, it must be doing some sort of like verifying what the URL is.
[28:28] So anyways, I narrowed it down to, I have this running through Cloudflare. So it’s on Tailscale Network, but it runs through Cloudflare. And I think something with Cloudflare was like, you know, screwing it up with the new version. But I tell you what, man, Claude fixed it. And I’m like, that was awesome. But you still don’t know how it fixed it? Yeah, yeah, yeah. It explained everything. Was it a configuration thing or what? No, it wasn’t even a configuration thing. It was, so like I said, there’s this whole, I think it’s called Teleform. I would have to open it back up. There’s this whole Teleform. Is it Terraform? Terraform, maybe? I don’t know. were the basically document documenting your servers,
[29:15] you’re gonna have me look this up now because now you got me not remembering to terraform is the the way to document your uh your servers yeah see there was a lot of issues,
[29:33] I can’t even find the chat now You just have to trust me, John, that it fixed it I trust you, I was just curious.
[29:46] Infrastructure as code, that’s what I was trying to say I honestly can’t even find the chat now Where did that chat go? Oh, that was so weird I’m actually going to have to look for this at some point because it did have a bunch of good information. And like I said, it even wrote a script for me to take care of it in the future. I said, okay, just… And it even created a cron job to restart the Docker container on reboot and run the script. It was just bizarre, man.
[30:22] Okay, it says it’s in that chat that I thought it was in. Why am I not seeing it?
[30:28] Yeah, it says this in this chat, but I’m definitely not seeing it right now. Okay, well, I’ll have to look at it later.
[30:36] And so, yeah, things like that. Like, just when I think I’m about to give up on, like, AI. Not give up on it.
[30:46] Temporal is what it’s called. Sorry, I found it. It’s this temporal thing that I guess is tied into Elasticsearch. And like it’s i i didn’t understand what temporal was it just kept telling me that’s what the problem is it was losing its configuration and it just needed to be reconfigured on restart for some reason yeah registered attributes for temporal are are missing yeah it’s it was something i would have never fixed like i would have never figured out how to fix it and and yeah it just fixed it You know what else helps to fix things, Jim? What is that?
[31:30] Not our partners. They’re PHP Score. They help you understand if your app will probably need fixing in the future. Measuring your technical debt. Yeah, measuring your technical debt. Let’s listen to PHP Score here.
[31:47] Every app builds up technical debt over time. It’s the unfortunate price.
[31:54] Thank you to our partners at phpscore.com. Every app builds up technical debt over time. It’s the price we pay for shipping new features and moving fast. When we build up too much of it, though, it can start to impact how we work. Team velocity suffers, bugs become more frequent and take longer to fix, and everyone starts to get a little frustrated. The key to managing debt is to measure it. A credit score can help you understand how well you’re managing your financial debt. And now there’s a credit score for your technical debt. Go to phpscore.com to get a free technical debt score and monitoring for all of your PHP applications today.
[32:35] Thank you, PHP Scorer.
[32:39] Happy you’re with us. So, John. So, Eric. Did you have any GitHub issues this week? I have not. I saw the notice on the pull request board, but I haven’t seen any issues. Oh, really? Yeah. Cool, man. That’s actually, well, apparently not everybody has been as lucky as you. I didn’t see any issues, but I guess Joe was experiencing things because he noticed pretty quick and posted to the company Slack that GitHub was having issues. Boy, do they have issues. I guess a lot of issues. Why is this taking so long?
[33:24] What is going on with this transfer? Anyways, boy, did they have issues. And I heard it was crazy where people were logging into GitHub, if they could log in, because a lot of people were getting the unicorn thing that you get when GitHub is down. They were logging in, and all their PRs were gone. Or I heard stories that GitHub had reverted a bunch of commits. Just this crazy stuff was going on. So, yeah, they had all sorts of problems. There’s a huge blog post here on it. So, yeah, two recent events. And it’s been like an issue lately with GitHub. It used to be like you would never hear of GitHub going down. It seemed like it always just worked, right? But it seems like recently, I mean, not recently, but like the last year or two, So it going down is like not that unusual anymore. You can be like everybody else and just say it’s because Microsoft bought them.
[34:37] It’s funny yeah that’s your your yeah you kind of want to do that um their one of their responses is just like ai has just been hammering them with you know ai agents creating commits and doing entire like pipelines and i guess that that was part of the issue it’s just nuts i’m like i’m not going to get into the whole story because we got more to talk about here along those lines we have a client that’s doing that where they are unleashing ai clients on the backlog to automatically open pull requests and it’s from what i’m hearing it’s a little bit scary slash, it’s like on the surface like from the owner of a company it sounds like it could be cool it’s like hey look all this work is getting done but is it really getting done is it are you’re now like you have this code that now somebody else has to bring down and one has to understand what it was trying to do and then see if it does it but probably fix it because what i’m understanding a high percentage high
[35:46] percentage of the time it’s not. Accurate enough to be committed so it sounds like a nightmare i gotta admit it’s tempting like i can see the attraction to saying hey you’re my development you know developer agents keep an eye on my github repo and as issues come up take them fix them commit them push them you know and it’s but like you said it’s just like i spent a lot of time correcting ai like it’s like okay this isn’t working right you know look at this look at that um so i would not do that just off off the cuff i wouldn’t mind trying to tell my ai create branches for this create fixes for it And let me know when you’re done. Don’t commit them. Don’t push them. Don’t open PRs. Just, you know, do it locally.
[36:51] But, yeah. So that apparently was part of the issue. I’m just looking at those graphs. The new repos per month. Like 20 million repos every month. I know, right? 1.4 billion commits. Where is that? Is that here? Yeah, that graph right there. that is bonkers 90 million prs and you see how how it just kind of shot up in 2006, 2026 yeah yeah 2026 i mean what like,
[37:26] That’s this, this line here is probably this entire line. Yeah. You know what I mean? Well, I can’t see your mouse, but yeah, that’s just so bizarre. Oh yeah. Sorry. Yeah. Use your finger and point to it.
[37:42] So yeah. Things are just, yeah.
[37:48] It’s scale. I don’t know. I mean, it’s kind of like, I remember I had a friend working at Reddit when Reddit blew up. It was like the same thing on a smaller scale, obviously. He’s like, they were getting so many new users and so many new posts and so many more people reading posts. He’s like, every weekend the servers were going down. And people on Reddit, you know, it used to be a joke on Reddit. And he was the guy like response because it was like one guy for a very long time who was managing the servers. And the guy basically didn’t sleep for like two years because he was always doing things to the servers uh this kind of seems like that same thing on a much larger scale i don’t know man it’s crazy i’m always amazed that aws doesn’t go down more frequently um for the same reason but, yeah it’s crazy so kind of along the same lines.
[38:49] Let me make sure I’m on the right one here Zig, which is the general purpose programming language and toolchain for maintaining robust and optimal and reusable software a long time not a long time ago, a while ago, they decided to make the move to get off GitHub because they were having issues this was, you know, nobody really noticed because, you know, it was Zig I don’t even know where they were meant,
[39:19] No, I was laughing because the way you said that, I was like, because it’s Zig. Nobody even knows what Zig is. So kind of along that same line, the guy who created my terminal of choice, Ghosty, G-O-S-T-T-Y, has announced he’s leaving GitHub too. And I guess this guy has been on GitHub like since like 2000s and something like 2008 shows right there. It was user 1299. Yep. User 1299.
[39:59] He’s made this declaration now that he’s leaving GitHub for the same reason. So this, this guy’s a little different, uh, where first thing, he’s like a trillionaire. I mean, the guy’s like, I’m not trillionaire, but he’s really rich. He sold one of his companies and now all it does is work on this. I’m not all he does, but one of the things he does, he continued to code. Like, this is my dream. I want somebody to give me millions and millions of dollars for PHP Architect and just let me, you know, just continue to code and, you know, not have to worry about money anymore. So if anybody out there wants to jump in, I’m willing to kill John for it if needed. Like, if you guys say, we’ll give you $5 million, but you got to kill John, I have a plan. Don’t worry about it. But uh yeah he says he’s leaving github i think it’s funny because i like i feel like the same thing with like facebook or or twitter and x when people are like i’m leaving facebook
[40:54] saying i really don’t care see why do you think you’re that important right see you because everyone needs to make everyone needs their story to be heard and make an announcement, Yeah, that’s true. And I’m sure I’ve done it. Yeah. And it’s like, you want to also possibly start a movement if you can.
[41:18] And I didn’t read this whole thing. I was just skidding over it again. He doesn’t even say what he’s going to do in its place. So if you don’t know, if you’re a very young developer, there are many other, you know, repo system. I mean, Git itself by itself does most of like, you know, what GitHub does. As far as like, that’s where the whole, you know, commits and versioning starts. So there’s GitLab, there’s Bitbuck. I don’t know if Bitbuck is even a thing anymore. There’s a bunch of open source ones as well, but nobody uses them. I mean, not that many people use them. And he doesn’t say what he’s going to use instead.
[42:01] I just looked, I joined in 2009. Oh, did you? Where do you find that at? I just went to my profile page, and just on the right-hand side, you’ve got all the years down the right-hand side. Let’s do it. I’m doing it live. Let’s do it live.
[42:21] Uh, all the way down to your commits, all the way down. Commits. What commits? Those.
[42:30] 2026. No, keep going. Nope. You’ve think you need to probably have it a little more. Your screen’s too narrow. Okay. Uh, boom, boom. Yeah. Right there. 2009, 2009. I had one commit all year. Well, no, no, that’s, I think, if you click on that that’s probably when you joined oh i didn’t commit anything oh look at this this is going to be fun to do for a while nothing couple commits.
[43:05] So i clicked on 2009 and then expanded all the boxes until it says you joined march 26th, guess when i got serious about development between 2012 and 2013 right around july of 2013 I started getting more serious about doing coding. Because we started Diego Dev in 2012. We weren’t really coding yet. Oh, did we? Yeah. Oh, that’s right. It was October 2012 is when we officially formed the business, and we really didn’t get a client until 2013. Yeah. And for the record, John and I were both developers before we got our first client. I remember now, the person I was working for had a Git Enterprise. So I was using, you know, that doesn’t show up on here. I was using the company’s Git Enterprise implementation. That’s happened a couple times. As a matter of fact, you see it drop off again. This is probably, I don’t know what this is. I was thinking COVID is probably because I pivoted to that old company again.
[44:14] And I’m like, hey, do you guys need some help? Do you need, yeah, here’s 2020, 2021. Yeah, I start breaking up a little bit more. This is fun. This is fun.
[44:30] Okay uh so so yeah so github you know kind of having a bad couple couple of uh days weeks months whatever um but you know what that’s not the end of it john it’s not oh my goodness there is more to talk about you’re gonna love this one did you hear about the recent github vulnerability, No. Oh, my God. Why is that like that? There we go. So GitHub was notified that there was a vulnerability in their system where if somebody put together the correct strings on a git push, it would allow them to execute any code they wanted on the GitHub servers. What? And they were very quiet. Like, I had to search for this blog post because I’m like, wait, where’s that blog post at? Everybody’s talking about it. I’m like looking for it. Yeah. This is like absolutely terrifying to know.
[45:41] I mean, I basically kind of told you what it was all about. Yeah. It’s like a malformed Git push. Of course, they’re not going to show you what it is. Right. And to be clear, they’re very clear here. Their team did a bunch of research and investigating, and they’re saying that it wasn’t exploited. Nobody got compromised. None of the systems got compromised. It was one of these security things that was brought to their attention. They verified it. They’re like, oh, yeah, shit. They’re right. This is how it works. And it’s just get pushed. So, again, for you young developers, Git and GitHub are two separate things. So, the way GitHub was handling the push, you know, it was like passing it between a bunch of services internally. And, yeah, if you had this malformed, I say malformed, but it was intentional, right? A specific way you… It was in the Git push options. That’s how those were handled. Right. Within the metadata.
[46:48] How bonkers. so you’re bringing up the security issue i had somebody find one in the code base i work on oh really yeah yeah for years this code has been an api endpoint to update uh member data and it turned out if you had a key where you could update your data you could update anybody’s data You told me about this. Now, it turned out it was… It was benign in the sense that you could change first name, last name, email, phone. Like, yeah, it would suck, but you’re not really going to cause damage. You couldn’t get information. You could just all of a sudden update this. You had update access that you shouldn’t have had. Right. And it was a stupid bug, and I understand how it was done, but it, yeah. It was easy to fix one line one line fix done push it up and we’re good to go but it was that way for years.
[48:06] And it was only found because i was yeah it was only found because i was i got i picked up a ticket to allow you to change the password through the api and they mistyped the endpoint in the, in the title of the ticket and i didn’t read the body of the ticket i’m like okay i’ll go make this happen and then in the back and forth they’re like no we want to i want this end point updated okay i went and updated that because it was password and some other stuff and i decided to leave the password setting on the original one just because it worked there as well and, So in testing, he, the person doing QA did the right thing. And they’re like, well, what happens if I use somebody else’s token? And then he found it. And I’m like, so he just wanted me to revert the password change. I’m like, whoa, whoa, whoa. If you can do that, then you can update all this other stuff. So this isn’t an issue with the PR that I opened. It’s an issue with the existing
[49:07] code. We need to go fix that. And he’s always, oh. So you guys found it though, right? Yeah, we found it. Yeah, I’ve worked on a project where somebody reached out and said, hey, you know, this is a vulnerability and we had to go fix it. And it’s weird because, like, you know, it’s not our company. We’re just working for them. We fix it. And it’s like, you know, show them some appreciation. But they’re like, no. All right. I don’t know what to do. It’s tough. Like, I can appreciate a good bug bounty program, like, having that in place. Hey if you find find something we’ll make it right or you know say thank you in some way but the problem is then you get all these people submitting bug bounty requests for like oh you’ve got this misspelled on your website it’s like that’s not a bug i’m not paying for that no, root vegetable why do you got to be a dickhead now i gotta boot you and everybody’s having a good time you
[50:10] know dickhead all right let me boot this guy here yeah uh add to block uh block user on youtube block user on restream uh yeah.
[50:31] That’s one way to take care of it I don’t know how to take care of it on the stream so I wanted to let me bring this up real fast,
[50:42] Rhinus I’m sorry I don’t know if I’m pronouncing it right he was talking about old school,
[50:48] version control what was the big one everybody was using before SVN SVN oh my god subversion Yeah, yeah, yeah, subversion. Yeah, yeah, yeah, yeah, yeah, yeah, subversion. So the big thing about subversion, again, for you young kids there who don’t know what subversion is, like GitHub, everybody can have a copy of the code base and everybody can work and everybody can submit pull requests. Subversion, everybody was working on the same code base. Like, you didn’t have your own copy. And, like, getting it committed, it was ugly. Oh, my God, I hated subversion. we had that in the enterprise i was working at and good god it was terrible i hated it i was like just use dropbox screw this you know i was working like i was by myself at the companies you know back when i worked in florida and trying to teach myself how to use version control was a nightmare because i was by myself because like i don’t
[51:54] need this like right and i was working in production anyway because it was easy and that’s just how i did things you know i wish i knew better like i’m sitting there i’m trying to figure out why am i using this how do you what is this whole deployment mechanism like how do you deploy code like because it didn’t make sense to me and i’m by myself and it wasn’t until i went to php tech in 2010 that everything started to click and i’m like it’s crazy right i’m like oh that’s how you like yeah. Yeah, good point. If you’re, even if you’re a lone developer, you need to be using version control. Now you think you don’t, you do. We had that issue with a developer, you know, of the team recently. No longer works for us, but dude could not get us out of version control. And he would like not submit his changes to the upstream repo. I’m like, oh my God, dude, you’re killing me here, man. Oh yeah yeah and i i know a great place to talk to people and learn more yeah
[52:59] in 19 days in 19 days we’ve had some great github or github we’ve had some great get talks at tech like talks where.
[53:12] You use a tool a certain way for a very long time. I actually had this recently with Vim. I actually had, that’s what that, in Trello, I don’t know if we’ll get to it. That’s what that is. Like, you use a tool a certain way. You’re like, okay, this is how I use the tool. This is what it does. You forget that tool can do so much more. Gets one of those things. Like, if you’ve ever talked to somebody that knows how to use Git, they will blow your mind with everything it can do. It’s crazy. Crazy, crazy, crazy good stuff. I suggest doing, I suggest coming to tech and, uh, I don’t know if we have a good talk this year. I don’t think we do, but yeah. Get bisect is one of those tools where I don’t know. It’s you don’t know it’s there. And when you need it and you know how to use it, it’s such a lifesaver. It’s so good. Yep. I totally agree. And I cannot stop reading that as get biscuit. I don’t know why I have that problem.
[54:10] I just, every time I see it, I’m like, oh, get Biscuit. Let’s go. Let’s go, buddy.
[54:17] I was signing up for a service this, actually it was today. I started a few days ago trying to teach my kids about money. And they’ve asked about investing. So I started looking into not sponsored money. I don’t even know if I should say the name of it, but whatever. Green light, looking into that. And I got annoyed with the scammy pricing on there in the sense that they make you go through sign up. And I did go find the pricing page later. I didn’t look at it prior to that. I was just going through the sign up flow. And then once you get accepted, it’s like, do you want to start with the family shield, uh version and it was like 14 a month and you get a higher uh higher interest rate on your savings account which is nice so then i’m trying to go through and figure out okay how much money do i have to have in the account to get that interest that pays for the service and it’s not, horrendous but you also have to go read the terms and conditions because they
[55:30] only pay you up to a certain amount and then you’re done but as you’re looking at it only offers the their high-end, family shield plan i’m like no show me your other options it’s like okay our core is, six dollars a month and then the next one went to five dollars a month i’m like why is this one cheaper and then i finally read the full thing five dollars on top of the core plan it’s like why are you making me do math here just tell me what the price is.
[56:03] It was so it’s not a big story it’s just one of those annoyances that, i ran into today thought i would share i appreciate that yeah actually i i i talked about that story i was having with that tool i was using for social media posts and, Uh, the, the, the, even when we got it fixed, I kept trying to post to X and it kept failing. And I’m like, it keeps failing and keeps, oh, this is, this will blow your mind. So I’m telling Claude, I’m like, I’m trying to post the X and it keeps failing. The, the, uh, the keys are correct. I double check the keys. Everything’s correct. It keeps failing. And it’s like, okay. Claude says, let me try. I’m like, oh shit. Shit’s about to get real. because uh claude’s like well all i’m seeing in the software is that it was unable to post to x but it’s not telling me why he goes let me try posting and i’ll dig into the logs as i’m posting and so it tries to do
[57:05] a post it’s like oh yeah you don’t have uh it says you don’t you’re out of tokens to post i’m like tokens i’m like i’m on the free tier i don’t have tokens and so So it’s like, well, go check the developer portal because, you know, X is always changing their plan in the terms and conditions. Sure enough, I get over there and say, oh, yeah, you can’t post anymore unless you have tokens. I’m like, fuck, you know, I’ve said that word a lot now. So I put $25 on, you get $25 worth of tokens and see how long that lasts. But yeah x kind of the i get what you’re saying i hate things like that where it’s like oh yeah you just need to pay us a little bit more and get these features and a little bit more and get these features and oh yeah it’s just scammy i i don’t know what is what is green whatever it was green light. It’s just a money manager. It’s like a savings account tied to a bank. But from there, I can give my kids accounts and I can. Oh, that’s cool.
[58:10] There’s like a chore aspect to it. So I can assign chores. And if they complete the chores, they get X amount of dollars. Oh, interesting. They learn about interest rates. There’s a parent something interest. So I can give them more interest just to try and teach them the concept. Of of earning interest you keep the money here you get more more money in the long term see how it compounds and then the other cool part is supposedly there’s an investment feature where they can start you know making little investments so oh i thought it’d be fun to you know start teaching them a little bit of financial that’s great yeah jeff i don’t know what a token is i I just know I tested posting with it, and it took like $0.20 off my account. So $0.22. I don’t know if it’s always $0.22 or if you’re posting during peak hours, it’s something else. That’s the other thing that drives me crazy, peak hours. Don’t get me started with peak hours. Drives me nuts.
[59:16] But, yeah, I don’t know what a token is. They’re called tokens. I don’t know. I don’t know what to tell you. okay we’re running uh john’s got a drop off uh we’re running a little long so i’ve got other things i’m going to push until next week okay i mean i’m good for a little bit okay well i’ll i’ll keep talking you let me know when you want to wrap up because i got a few things to go through here the one important one i want to talk about here is um let me see how long this one takes to, change watch i’m clicking the button now to change finished. Change, change, change. I could have been talking about something else by now. Jesus Christ. There’s been a big security patch to Composer. We don’t think about, as PHP developers, we don’t think about updating Composer. And Composer has a built-in self-update. I think that’s it self-update. That’s all you have to do is type in Composer, self-update. Self-update, yep.
[01:00:16] Yeah. Not only does it update, but it will keep a rollback. In case you have a problem and you can roll back to the previous version. But you’re going to want to update your composer package. There was a pretty serious security vulnerability on there. They’ve taken care of it. It’s been resolved. So just do a composer self-update and get that taken. And while you’re at it, if you’re somebody like me, and you have a bunch of global packages installed, maybe do a composer, what’s it, composer-g upgrade. And just upgrade all your global packages.
[01:00:54] Yeah. You don’t, like I said, I’ll be honest with you, I never think about Publisher and updating Composer.
[01:01:04] So, okay, we’re going to do a rapid fire. I’m surprised it doesn’t complain more often when you just run and say, hey, just so you know, you’re four versions behind.
[01:01:16] That would be helpful, wouldn’t it? Because Claude does it. Claude’s like, hey, there’s a new version of Claude run brew, you know, upgrade Claude or cloud code. Holly does X have rollover tokens too.
[01:01:30] Sorry. What are we saying? Maybe I express free nights and weekends.
[01:01:38] Oh, shit. I forgot about that. I’m happy Holly’s in here. Holly created an app for attendees of tech. Let’s just get that off the screen here. Attendees of tech. It’s in beta now. there is there are two links there’s a link for ios and a link for android they’ll be in the show notes uh you can you can click on it you can opt in to be part of the beta testers of it if you’re on ios you’ll need to install test flight if you’ve ever done this before you know this it’s it’s how the application gets distributed but uh yeah in android it just it just allows you to do it so i will include those and i’ve been playing with it all week um again beck installed it was using it without me telling her anything so basically what it does is it allows you to select talks and it will build your own schedule but it will let you know if you select two talks that that are like conflicting like you know it’s you know it has a
[01:02:51] merge conflict you have two talks selected um so you know it lets you pick which one you do and the really cool part which we still need to i guess do some testing on is um if we change the schedule because the schedule is always changing matter of fact john was in there uh today i made i made a few few changes today yeah right and we change them during during tech like people come up and be hey you know can i do another talk and i mean it’s a whole thing, It’s going to send you a notification and say, you have to opt in for notifications, obviously. And you can opt in where you can say, you know, tell me all the changes or tell me changes that impact the talks I’ve selected, which is another good reason to choose talks. And it will let you know and say, hey, this talk has been moved. And it’s very cool. Thank you so much, Holly, for doing that. I’m going to get in the show notes I will post it in Discord if you’re in Discord Holly,
[01:03:51] if you’re still around if you want to post those in Discord please do so try not to bug Holly too much with petty stuff because they are just doing this out of the generosity of their heart for the community.
[01:04:08] Is it the code open source on GitHub? We could do issues there or we’re going to open a just for issues so we can start looking at it? Yeah, that’s a good question, Holly. You let me know what you think about that. I don’t know if there are any secrets or anything in there that we need to worry about. Let me know how you feel about making it open source, but if not, to John’s point, we can create a whole other repo for issues. That’s actually a great idea, John. Good job. That’s why I keep you around, man. They are native-built Swift in Kotlin. She apologizes. We really wanted to do native PHP. It just wasn’t enough time. And Holly is, you know, hasn’t been using it really. So, you know, there would have been like a ramp up and we just didn’t have time. And, you know, she was very comfortable doing it natively. So they’re just native apps. But, yeah, that’s where we’re at today. Duck Nizza, we started an hour early because of me.
[01:05:11] Just for today. Yeah, we are all blaming Duck Nizzle, our official model for PHP Architect. We like Duck Nizzle. Again, we ordered a new shirt. I got a new shirt. I got two new shirts on our shop for anybody interested. The wife, so we had the rainbow PHP Architect T-shirt, which I have. Uh evan my my kid up in san francisco got one uh but the wife i got one my son got one he wears at the school oh really yeah i wear mine all the time actually uh the wife doesn’t like these these collars so she wanted you know a female uh with the v-neck and then she’s like well can you just make the just to just to be clear it’s not a woman’s shirt it’s a v-neck i know plenty of guys that wear a v-neck i don’t know why why i’m saying this i could just. Pull it up uh i’m trying to explain to you this this new shirt i created uh share this go here we’re gonna wait 40 seconds for it to transfer transfer transition i
[01:06:22] mean so uh so we have a new version of the rainbow one that’s just a little little logo on the pocket instead of the big logo in the chest and yeah i like it i like it a lot um i might end up ordering one of these i’ve already ordered one for for the wife because i made it for her but yeah uh that’s there um like i said we go to go to store.phparch.com uh this is what i ordered for myself because i created this just for me i have another version of this uh that john has and i never bought one for myself and then I’m like yeah I want to change it up a little bit so my Vim for developers who don’t quit t-shirts out there. Yeah you know what’s crazy John um, uh beck has a hoodie has this hoodie i always get hoodies in black or gray and blue we do blue that used to be our old company’s color and i’m like this is just you know where it looks good for whatever reason beck ordered this green one i’m like why are you ordering green i don’t
[01:07:32] even know why i have that as an option dude it looks good like yeah like it looks good i would not have ever thought to order this i did order me one i i don’t know what color i would order green but, yeah it’s i got one i got a green one from one of our clients that i wear occasionally yeah, i too was surprised and their color is orange as well so the orange on the green works yeah so we have a lot this is the old not the old but you know the original um rainbow one uh if you guys have an idea of something you’d like to see? Let me know, and if I think it’s worth it, I’ll throw it together, throw it in a t-shirt. This one I have sold zero of. I have standards specifically PSR 0, 1.
[01:08:24] It’s a PSR joke, but it didn’t really hit. I think it’s hard to read. It’s supposed to be hard to read because nobody’s going to understand it about PHP developers. So it’s meant to like have people read it like and ask the question what does that mean you know like oh yeah I’m a PHP developer it means you know, it’s a whole thing i’m a dork man like in my head these are great ideas and i make it as i can’t nobody cares um but yeah hit our store up and uh you can buy the magazine here you can buy our elephants here which i need to get back on this home page i always forget you have to change the order every time i wish i could say this is the home page this is what i want displayed, Stop putting other things on here. But yeah, you get our elephants here. You can, you know, the magazine takes you back to the old website. But yeah. And we still got the brackets on that page. Lovely. Got to fix that.
[01:09:27] We got to fix it in all our emails too. Drives me crazy. I thought I got all the emails. I don’t think so. I’ll let you know the next one. Speaking of elephants, new one coming out in 19 days. Guess where you can find that at? Where, John? PHP Tech. What? Come join us in Chicago. We have to name this one.
[01:09:51] I think we name it Holly since Holly’s doing so much for us. I don’t know. Whatever you want to name it. Sounds like you just named it. Are we naming it Holly? Want to name it Holly? I’m good with that. I have a picture. Are we sharing pictures? Sure. I don’t care. I don’t know where the picture is.
[01:10:13] Tune in next week to see a picture of the PHP Tech Elephant. I might be able to find it really quick, but… Or tease it for next week. Yeah, we’re going to tease it for next week.
[01:10:26] All right. God damn it. Stop it, Eric. All right. Where are we at? Time? We got a copy. The copy fail CV, I’ll throw it over here real quick. It was shared in our Discord earlier today, and I guess there was a huge Linux kernel exploit that would allow you to easily get root on ubuntu amazon linux redhead and juicy yep what, where’s that where’s that link at i don’t see i i just put it at the bottom of the board, here i’ll put it back in queue to discuss i got it i got it i got it yeah dude this is terrifying,
[01:11:06] yeah we’ll throw 732 bytes at set uid and all of a sudden you’re good good to go,
[01:11:14] what just that easy well it doesn’t tell you exactly how to do it but it sounds like it was oh my god it was a a fun one.
[01:11:29] See, this is horrifying. I hate these. Yeah. All right.
[01:11:37] Okay. I think that’s a good place to stop. We’ll talk about all this other stuff next week. None of this is important. Except for make sure you keep your operating systems up to date. Linux as well. I know we can have Linux running for years and years and years, but we still need to patch it. 100%. Yeah. That’s the one thing I’ve really grown to like about cloud computing, right? The throwaway nature of servers where back in my day, you know, it was you had racks and they were all named and they just ran all the time. And when one died, you cried because it sucked. It was like losing a loved one. But now with things like Terraform infrastructures code where you can just spin up new machines as long as you have good backups and you have good deployment strategies.
[01:12:32] We’re less concerned like we can automate automate patching servers and just have new ones come up, i i don’t pride myself on oh my machine has been running for five years anymore back in the day uptime is like wow look at this it’s been running i remember that it’s not windows so i don’t have to reboot it every other day yeah yeah i remember when that was a big badge of honor and it’s like oh yeah i’ve had you know three year uptime i remember one guy uh old school unix guy would just like just like just the idea of wreck uh suggesting to reboot the server he’s like this is a windows box you don’t need to reboot it it’s like yeah it’s probably gonna like this start seizing up like you probably want to run through his pieces every now and then but yeah yeah uh, Supernova Joe, please don’t throw away servers in Dio because we don’t have dead deployments for those. Yeah, don’t do that. That is a downside of Forge, in my opinion, to a point where it’s like…
[01:13:39] Yeah, we do use, yeah. Forge was nice. I recommend everybody get a Joe if you don’t have a Joe. Because that’s, you know, basically. But not our Joe. You can’t have our Joe. No, our Joe is, he’s already tried to quit and work for somebody else. I forget who it was. And I told him to stop asking. It was on the Live and Kicking, which by the way, Live and Kicking this week, had Elizabeth on again, if you’re interested. More of a Q&A sort of thing. So yeah, check that out. But yeah, get a Joe.
[01:14:10] It’s been a godsend to have Joe because, like John said, we had Forge because we just didn’t have time to manage this stuff. So we just kind of, Forge was there and made it easy.
[01:14:23] And then we had a Kalen. We have a Kalen, but I mean, just our workload just got overbearing and Kalen just stopped coding because he was always addressing infrastructure. I don’t know why I’m complaining. We have a Joe, get a Joe or a Kalen, either one, and let them take care. Let it be their problem. I would highly, highly recommend that. Okay, are we done, John? Yep, now we’re done. I’m going to go draft some kids. Oh, no, this is All-Star, right? You’re picking All-Star players? That’s later tonight. I have a practice with my team first. Oh, okay. And then from there, I go meet with all the other managers to discuss kids and worthiness of All-Stars. Fantastic. No, it’s not a campaign.
[01:15:17] The downside is some of my best players are league age 11 but for whatever reason they didn’t get to the next division so they’re stuck in my division and for the league age 11 most of the players for the all-star team are going to come from the higher division which makes sense because it probably means they’re better players but like i know one of my kids i’m like if he’s not a pitcher on the all-star team i don’t know that doesn’t make sense but i also don’t know how they’re pitching up in the major division so i’m sure they’re better that’s true just makes that makes me sad for him because he’s i think he’s worthy okay uh thanks for everybody uh hanging out with us a little early uh if you join the podcast at three o’clock i’m sorry we’re wrapping up, but we will be back next week at, we’re going to say three o’clock for now. We’ll see how it goes. It’s always up. If you want to be reminded of the podcast, that’s one thing Archie is still doing.
[01:16:19] I got Archie doing that again, where it will keep an eye. And as the podcast gets closer to stream time, it will send out a notification in discord and mention people who asked to be mentioned. So you can ask Archie to remind you when podcasts are scheduled and Archie will do that for you. All right. So you got to join our discord for that discord.phparch.com. That’s it I’m done you’re done I’m done I’m telling Archie to remind me of the podcast because I never know when they are now watch it not work god damn it watch it not work god damn it, okay cool thank you everybody for hanging out with us this has been a fun one joy talking development with everybody. Again pitch tech to your bosses if you have bosses in person conferences are fantastic and worth going to so let us know if we can be of help we’ve we’ve written letters before to people so yeah and i just finished uh replying to the hotel with
[01:17:25] the food that we’re gonna have uh so is i i think it’s always been decent food so how’s the room block by the way that’s that’s the other big thing the room block sells out yeah i’m not sure if there’s any rooms left or not oh okay well we do have a discount price for rooms i don’t know if the block is sold out or not uh if it is if you buy a ticket and it is sold out let us know um we’ll see what we can do not making any promises but you know let us know it’s blocked out it’s sold out okay uh fantastic this last time i’m saying it everybody take it easy have a fantastic week keep coding and enjoy yourself bye bye this has been php podcast the The official podcast of PHP Architect. The industry’s leading tech magazine and publisher focused on PHP and web development. Subscribe today at phparch.com to see what the leaders in the community and industry are talking about.
| Air date | April 30, 2026 |
|---|---|
| Hosted by | Eric Van Johnson, John Congdon |
| Guest(s) |
