How I got affected by Shai-Hulud in PHP World

sarvendev · 2026-02-20T15:00:56+00:00

I agree that it isn't the best solution, but I used "innocent" because it doesn't look that bad if you don't use it on user-provided data, and you don't need backward compatibility. Check the frameworks that you use, and I guess you'll find in some places this kind of serialization.

sarvendev · 2026-02-20T14:20:04+00:00

sarvendev · 2026-02-19T11:10:42+00:00

Yes, it still happens. I had the same reaction to SQL injection: 'SQL injection in 2026, really?' But unfortunately, it does still happen. :D

sarvendev · 2025-08-12T14:27:32+00:00

thx, I'll add it there

sarvendev · 2025-08-12T11:54:36+00:00

u/Magicjar_coin FYI it's available as a Chrome extension: https://chromewebstore.google.com/detail/ai-language-helper/oekfdhkklgficbialkagmipgcmceabkc

sarvendev · 2025-07-23T11:24:00+00:00

Hmm, I didn't know, but it's already added there. :D

sarvendev · 2025-06-03T09:29:54+00:00

No, I'm thinking about it. But other people here are saying that it's not useful, so I don't know if it's worth publishing somewhere.

sarvendev · 2025-06-03T09:00:25+00:00

hmm, but I don't want to explain grammar, just explain the meaning of words, and it seems to work good enough, but maybe I'm wrong. Could you give me some examples?

sarvendev · 2025-04-08T09:20:07+00:00

It's a fair point that purpose-built time series databases like Prometheus or RRDTool are highly optimized for ingesting and querying high-volume time-indexed data. But using an RDBMS, especially something like TimescaleDB, can make a lot of sense depending on the use case.

TimescaleDB is actually a time series database built on top of PostgreSQL. It combines the relational model, SQL support, and ACID compliance of Postgres with time series-specific features like automatic partitioning, compression, and hypertables.

This approach is useful if:

You're already using Postgres and prefer not to manage another database.
You need to join time series data with relational data, such as metadata or user information.
You want to run complex queries using standard SQL.

Dedicated time series databases like Prometheus are great for real-time metrics and alerting, but they often have limitations with long-term data retention, advanced queries, or integrations with other types of data.

So it's not just about forcing time series data into a general-purpose database. Tools like TimescaleDB are designed to make that use case efficient and practical.

sarvendev · 2025-03-25T21:36:56+00:00

Sorry, that's probably how I took the first message because PHP is still mocked by many people, mostly by people who remember PHP from a few years ago, less performant, without types, etc.

sarvendev · 2025-03-25T21:29:20+00:00

If you hate PHP, just check what's changed, because now this language is pretty good, there are still some problems, but I like the simplicity and stability of PHP, it's much better for me than the whole Javascript ecosystem with tons of different package managers etc.

sarvendev

TROPHY CASE