Samuel Levy
@imsamlevy.bsky.social
PHP, Laravel, Livewire, Tailwind, and Opinions!
Reposted by Samuel Levy
It’s been a year today since I walked on stage at @laracon.au 2024 and opened up about my experiences with depression and anxiety.
Mental health should be talked about.
And with 2025’s conference just days away, a reminder to be aware of those around you who feel invisible.
youtu.be/0kwNx93aha0
Mental health should be talked about.
And with 2025’s conference just days away, a reminder to be aware of those around you who feel invisible.
youtu.be/0kwNx93aha0
Marty Friedel - The Invisible Developer - Laracon AU 2024
YouTube video by Laracon AU
youtu.be
November 8, 2025 at 3:14 AM
It’s been a year today since I walked on stage at @laracon.au 2024 and opened up about my experiences with depression and anxiety.
Mental health should be talked about.
And with 2025’s conference just days away, a reminder to be aware of those around you who feel invisible.
youtu.be/0kwNx93aha0
Mental health should be talked about.
And with 2025’s conference just days away, a reminder to be aware of those around you who feel invisible.
youtu.be/0kwNx93aha0
After some consideration, I have come to the understanding that #CocomelonLane is some form of "Midwich Cuckoos" type of situation.
August 30, 2025 at 10:19 AM
After some consideration, I have come to the understanding that #CocomelonLane is some form of "Midwich Cuckoos" type of situation.
Lumpy disappointment. The yeast didn't go off properly.
May 11, 2025 at 2:41 AM
Lumpy disappointment. The yeast didn't go off properly.
Reposted by Samuel Levy
Quick poll for a security friend. If you are a dev:
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
May 9, 2025 at 10:18 PM
Quick poll for a security friend. If you are a dev:
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
Is #LaravelBakers a thing? #Larabakers? Anyway, I'm half asleep after @laravel.com worldwide meetup last night, so instead of working I made blueberry muffins.
April 30, 2025 at 2:13 AM
Is #LaravelBakers a thing? #Larabakers? Anyway, I'm half asleep after @laravel.com worldwide meetup last night, so instead of working I made blueberry muffins.
Last night I spoke at the @laravel.com worldwide meetup about the "magic" in Laravel.
And you can watch it now, on YouTube!
www.youtube.com/live/j9dqD9S...
And you can watch it now, on YouTube!
www.youtube.com/live/j9dqD9S...
Laravel Worldwide Meetup - April 2025
YouTube video by Laravel
www.youtube.com
April 29, 2025 at 10:02 PM
Last night I spoke at the @laravel.com worldwide meetup about the "magic" in Laravel.
And you can watch it now, on YouTube!
www.youtube.com/live/j9dqD9S...
And you can watch it now, on YouTube!
www.youtube.com/live/j9dqD9S...
Reposted by Samuel Levy
Reposted by Samuel Levy
1. LLM-generated code tries to run code from online software packages. Which is normal but
2. The packages don’t exist. Which would normally cause an error but
3. Nefarious people have made malware under the package names that LLMs make up most often. So
4. Now the LLM code points to malware.
2. The packages don’t exist. Which would normally cause an error but
3. Nefarious people have made malware under the package names that LLMs make up most often. So
4. Now the LLM code points to malware.
LLMs hallucinating nonexistent software packages with plausible names leads to a new malware vulnerability: "slopsquatting."
LLMs can't stop making up software dependencies and sabotaging everything
: Hallucinated package names fuel 'slopsquatting'
www.theregister.com
April 12, 2025 at 11:43 PM
1. LLM-generated code tries to run code from online software packages. Which is normal but
2. The packages don’t exist. Which would normally cause an error but
3. Nefarious people have made malware under the package names that LLMs make up most often. So
4. Now the LLM code points to malware.
2. The packages don’t exist. Which would normally cause an error but
3. Nefarious people have made malware under the package names that LLMs make up most often. So
4. Now the LLM code points to malware.
Reposted by Samuel Levy
CFP for this year's event, held in Brisbane on November 13-14, is now open!
Talks are 30min, and we welcome speakers from home and abroad presenting on Laravel and the wider ecosystem.
Submit as many times as you'd like! Successful speakers will be contacted by May 30th
Talks are 30min, and we welcome speakers from home and abroad presenting on Laravel and the wider ecosystem.
Submit as many times as you'd like! Successful speakers will be contacted by May 30th
April 11, 2025 at 2:09 AM
CFP for this year's event, held in Brisbane on November 13-14, is now open!
Talks are 30min, and we welcome speakers from home and abroad presenting on Laravel and the wider ecosystem.
Submit as many times as you'd like! Successful speakers will be contacted by May 30th
Talks are 30min, and we welcome speakers from home and abroad presenting on Laravel and the wider ecosystem.
Submit as many times as you'd like! Successful speakers will be contacted by May 30th
Sick of people responding to AI summaries of your emails instead of actually reading them?
Try poisoning your email signature with new instructions for the LLM!
Try poisoning your email signature with new instructions for the LLM!
April 1, 2025 at 6:03 AM
Sick of people responding to AI summaries of your emails instead of actually reading them?
Try poisoning your email signature with new instructions for the LLM!
Try poisoning your email signature with new instructions for the LLM!
I'm pretty sure that they call the second one "pairing", and yeah. It's a totally legitimate way to not have to do a formal PR review afterwards.
Outside of any automated CI checks, PR reviews are mostly just a form of asynchronous pairing with more passive aggressive nit-picking.
Outside of any automated CI checks, PR reviews are mostly just a form of asynchronous pairing with more passive aggressive nit-picking.
There are two acceptable PR review processes:
1. we went through all the checks, thorough review, and approval processes
2. there were a couple smart people in the room and we said "fuck it"
1. we went through all the checks, thorough review, and approval processes
2. there were a couple smart people in the room and we said "fuck it"
March 22, 2025 at 5:19 AM
I'm pretty sure that they call the second one "pairing", and yeah. It's a totally legitimate way to not have to do a formal PR review afterwards.
Outside of any automated CI checks, PR reviews are mostly just a form of asynchronous pairing with more passive aggressive nit-picking.
Outside of any automated CI checks, PR reviews are mostly just a form of asynchronous pairing with more passive aggressive nit-picking.
Reposted by Samuel Levy
Laracon EU :: Chris Morrell // Your First Pull Request
YouTube video by Laracon EU
youtu.be
February 22, 2025 at 10:54 PM
Reposted by Samuel Levy
Crypto guy in 2014: Crypto will revolutionize finance and change how we interact with money
Crypto in 2025:
Crypto in 2025:
February 11, 2025 at 2:16 AM
Crypto guy in 2014: Crypto will revolutionize finance and change how we interact with money
Crypto in 2025:
Crypto in 2025:
I'll just leave this here.
![CSS code for making smooth transitions on HTML `<details>` elements
@supports selector(::details-content) {
details.transition-content {
&::details-content {
content-visibility: visible;
block-size: 0;
overflow: hidden;
transition: block-size, content-visibility;
transition-duration: 300ms;
transition-timing-function: ease-in-out;
}
&[open]::details-content {
block-size: max-content;
@supports (block-size: calc-size(auto, size)) {
block-size: calc-size(auto, size);
}
}
}
}](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:hak5ltjzksyvnuuls76itrvq/bafkreih7eyqietuy7u7j3dmebynit7u5ge5hplrv64gayns6ulr637v3km@jpeg)
February 3, 2025 at 1:09 AM
I'll just leave this here.
I've never felt more like Seymour Skinner than I do listening to the pointy end of the #hottest100.
No, it's the kids that are wrong.
No, it's the kids that are wrong.
January 25, 2025 at 8:23 AM
I've never felt more like Seymour Skinner than I do listening to the pointy end of the #hottest100.
No, it's the kids that are wrong.
No, it's the kids that are wrong.
+++ style="margin-left: 40px"
--- style="margin-left: 40px"
+++ style="margin-left: 60px"
--- style="margin-left: 60px"
+++ style="margin-left: 50px"
--- style="margin-left: 50px"
+++ style="margin-left: 53px"
... 4 deployments just to micro-adjust an image on YOUR screen.
--- style="margin-left: 40px"
+++ style="margin-left: 60px"
--- style="margin-left: 60px"
+++ style="margin-left: 50px"
--- style="margin-left: 50px"
+++ style="margin-left: 53px"
... 4 deployments just to micro-adjust an image on YOUR screen.
January 19, 2025 at 12:00 PM
+++ style="margin-left: 40px"
--- style="margin-left: 40px"
+++ style="margin-left: 60px"
--- style="margin-left: 60px"
+++ style="margin-left: 50px"
--- style="margin-left: 50px"
+++ style="margin-left: 53px"
... 4 deployments just to micro-adjust an image on YOUR screen.
--- style="margin-left: 40px"
+++ style="margin-left: 60px"
--- style="margin-left: 60px"
+++ style="margin-left: 50px"
--- style="margin-left: 50px"
+++ style="margin-left: 53px"
... 4 deployments just to micro-adjust an image on YOUR screen.
Reposted by Samuel Levy
I'm going to share my journey with learning new things, starting with my experiences with Livewire.
And of course my personal ramblings and insecurities, but hey, that's natural with me, right?
I'd love for you to join in on the conversation!
www.martyfriedel.com/blog/dev-dia...
And of course my personal ramblings and insecurities, but hey, that's natural with me, right?
I'd love for you to join in on the conversation!
www.martyfriedel.com/blog/dev-dia...
Dev Diary #1: getting started with Livewire
www.martyfriedel.com
January 19, 2025 at 7:47 AM
I'm going to share my journey with learning new things, starting with my experiences with Livewire.
And of course my personal ramblings and insecurities, but hey, that's natural with me, right?
I'd love for you to join in on the conversation!
www.martyfriedel.com/blog/dev-dia...
And of course my personal ramblings and insecurities, but hey, that's natural with me, right?
I'd love for you to join in on the conversation!
www.martyfriedel.com/blog/dev-dia...
Fun fact: bcrypt does NOT only hash the first 72 chars of a password.
It TRUNCATES the input to a maximum of 72 bytes.
Which could mean as few as 18 characters, depending on the character encoding.
The actual spec says to truncate to 56 bytes, but none of the implementations do that.
It TRUNCATES the input to a maximum of 72 bytes.
Which could mean as few as 18 characters, depending on the character encoding.
The actual spec says to truncate to 56 bytes, but none of the implementations do that.
Password length limits are often a sign of a legacy backend or insecure hashing, but did you know bcrypt only hashes the first 72 chars? It raises the question, should we be limiting password lengths when using bcrypt? 🤔
Security Tip: Should You Limit Password Lengths?
[Tip #101] Password length limits are often a sign of a legacy backend or insecure hashing, but did you know bcrypt only hashes the first 72 characters? It raises the question, should we be limiting…
securinglaravel.com
January 16, 2025 at 11:10 AM
Fun fact: bcrypt does NOT only hash the first 72 chars of a password.
It TRUNCATES the input to a maximum of 72 bytes.
Which could mean as few as 18 characters, depending on the character encoding.
The actual spec says to truncate to 56 bytes, but none of the implementations do that.
It TRUNCATES the input to a maximum of 72 bytes.
Which could mean as few as 18 characters, depending on the character encoding.
The actual spec says to truncate to 56 bytes, but none of the implementations do that.
It's wild how much of my JS and HTML @calebporzio.bsky.social has actually written for me.
It's wild how much JS and old HTML/CSS I can replace with just Flux...
It's wild how much JS and old HTML/CSS hacks I can replace with just a few lines of CSS grid, native CSS animations, and the popover attribute…
January 16, 2025 at 10:21 AM
It's wild how much of my JS and HTML @calebporzio.bsky.social has actually written for me.
Reposted by Samuel Levy
I could use your help gathering some data for my upcoming Laracon EU talk.
If you ever had a slow Laravel application/slow request/slow command/etc. - what was the reason for it?
Would be great to get as many replies as possible. Please share for reach 🙂
If you ever had a slow Laravel application/slow request/slow command/etc. - what was the reason for it?
Would be great to get as many replies as possible. Please share for reach 🙂
January 9, 2025 at 2:47 PM
I could use your help gathering some data for my upcoming Laracon EU talk.
If you ever had a slow Laravel application/slow request/slow command/etc. - what was the reason for it?
Would be great to get as many replies as possible. Please share for reach 🙂
If you ever had a slow Laravel application/slow request/slow command/etc. - what was the reason for it?
Would be great to get as many replies as possible. Please share for reach 🙂
I'm far from an expert on #accessibility, but there's one thing that I know:
Your assumptions about who uses assistive tech are wrong.
Your assumptions about who uses assistive tech are wrong.
January 4, 2025 at 12:26 PM
I'm far from an expert on #accessibility, but there's one thing that I know:
Your assumptions about who uses assistive tech are wrong.
Your assumptions about who uses assistive tech are wrong.