Is not this version number beautiful? 😍.111111111111111111111111111. #Drupal

As a little pre-Christmas gift, my #Composer plugins got #PHP 8.4 support today. 🎄. #opensource #dependencyTrack #securityAudit #maintainability.

RT @thedroptimes: 🔒 @Pronovix enhances Drupal’s username privacy with 2 open-source modules for fine-grained control. Built for AI era, the….

TIL that #[\SensitiveParameter] in #PHP is not as powerful as I thought so. it simply does nothing in hierarchies.

Just found @jiripudil's awesome #PHPStan #generics deep dive presentation. This is a super valuable asset for learning the essentials. I very much liked the "you've already used it" slides, they bring this idea more closer to the audience.

Composer 2.6.0 related enhancements were added to my Composer plugins and they also got the RC1 tag. Happy testing! :). Hopefully audit ignore feature helps with the adaptation of ddqg-composer-audit on #Drupal projects 🙈.

\o/.With the support of @pronovix I contributed 2 important changes to the Audit component. PR11605 changed the new ignore feature's implementation before the release and PR#11436 added support for multiple sec. advisory sources.

@pronovix @pronskiy hi, could this be a good material for Phpstorm annotated monthly? The blogpost or just the referenced Composer extensions.

I am trying to explain colleagues why something is rather a domain- than an application service. I may have went a bit far with this diagram from the original problem statement. :) What do you think?. #DDD #hexagonalarchitecture #onionarchitecture

Composer audit is already on Drupal steroid, did you know that?. #Drush #DrupalConPittsburgh #Drupal #Composer.

Kudos to @tidelift for all resource materials that I have used for this article!.

As a hobby project I've added some Drupal steroids to #ComposerPHP's audit command. I also explained the reasons behind that in my new blog post on @pronovix's blog P.s. Don't miss the new composer audit-changes command either. #php #foss #audit #security.

Have you seen a pending CR/MR/PR before that was blocked because a security advisory has just been released for a existing dependency? Solution: Only audit changed packages!. #php #Composer #opensource.

RT @pronovix: We're proud to announce that Pronovix has been audited and certified as meeting the requirements of ISO/IEC 27001:2013 in the….

Dear #Drupal community!. Let me promote my new tool that enhances "composer audit" with extra advisories for insecure- (even if there is no CVE) and unsupported versions!. Share in the thread if your project passed on it, you should be proud!. #FOSS #php.

I must admit, I have got a bit addicted on mass-analyzing dependency trees =] (See mxr576/ddqg package). It is also good to see that within a week, 3 projects got a D10 stable release. Keep up the good work everyone!. #Drupal

I've worked on a pet project in the weekend: #Drupal Dependency Quality Gate (#ddqg). For now, only quality-level-max is available and auto-generated with GHA with unsupported projects and versions. See what could come in the README. #highQualityDrupal.

@pronovix PS.: Upgrade Status is great but I found it hard using it for mass analyzing customer projects.

Today I have built a quick CLI tool for @pronovix that uses composer.lock and Update Status API to list all installed dependencies that are not #Drupal 10 compatible atm with info about whether there is a D10 available version or not.

RT @frankdejonge: Hard problems are not solved by adding more people.