Pragmatism in the real world

Exercise

I do not enjoy exercise, but I'm at that age where I can see far enough into my future that I would like to remain mobile and healthy well into my later years. So I exercise. I'm not into sports and I find it relatively boring, but this is what is working for me. In the average week I do some form of exercise at least 6, sometimes 7 days. Most days, I walk. Just… continue reading.

macOS tips and tricks

It's been over a decade since I last updated my article for new users to the Mac, so time for a new one that I can point people too. This article is intended to give a quick and easy introduction to some key things that I think you should know when you move to using macOS. Basics There’s one menu bar for all applications. That is, you can only see the menus for the currently… continue reading.

Command line access to GitLab & GitHub

I've always been a huge fan of the command line and have been using the gh command line tool to access GitHub for a while. My current client uses GitLab and I was delighted to discover that there is a glab CLI tool. As you can imagine, both tools do essentially the same thing: operate on GitHub/GitLab from the command line. The two main uses of gh & glab that I have is creating and… continue reading.

Stash unstaged changes in git

I wanted to stash just the unstaged changes in my git repo. There's a git stash –staged which will stash the staged files, but I didn't see an equivalent to stash just the unstaged ones. Obviously, this is a common problem so a minute or two of googling will find the Git stash uncached: how to put away all unstaged changes? Stack Overflow question. Turns out that you have to remember the the staging area… continue reading.

Command line access to the Mac Keychain with keyring

While reading Alex Chan's post about experimenting with the Flickr API, I noticed the call out to keyring by Jason Coombs for accessing the macOS Keychain. The built-in app: security The built-in way to access the keychain from the command line is /usr/bin/security: To create a password: $ security add-generic-password -s FlickrAPI -a rodeo -w redacted-key Note that you need to include the password on the command line in clear test, so it's now in… continue reading.

Matt Gemmell's short stories

I've been following the work of Matt Gemmell for years. His techno-thriller Kestrel series a great fun to read and I recommend that you read them if that's your thing. He also writes short stories, one every week. These are excellent. They are free and as they are short, they don't take long to read at all. A wonderful break from the reality of the world of work, I enjoy reading each week's story with… continue reading.

Check licenses of composer dependencies

With some commercial projects, it can be useful to know that all your dependencies have licences that your organisation deems acceptable. I had this requirement for a few clients now and came up with this script that we ran as part of our CI which would then fail if a dependency used a license that wasn't allowed. This proved to be reasonably easy as composer licenses will provide a list of all packages with their… continue reading.

Reinstall pipx apps after Homebrew Python upgrade

I install Python apps on my Mac using pipx like this: pipx install rst2pdf This will then install rst2pdf into its own isolated environment so that its dependencies do not affect and are not affected by any other Python app I have installed. Internally, it creates a venv at /.local/pipx/venvs/rst2pdf with symlinks to the currently installed python in the bin directory: lrwxrwxr-x@ 1 rob staff 10 24 May 2023 python -> python3.11 lrwxrwxr-x@ 1 rob… continue reading.

Creating JWKS.json file in PHP

In order to verify a JWT created with an asymmetric key, the verifier needs to get the correct public key. One way to do is described in RFC7517 which describes the JSON Web Key format. Within the header of the JWT there is a kid property which is the key ID which is then used to find the correct key within a list provided at the /.well-known/jwks.json endpoint. The JWT header therefore looks something like… continue reading.

A quick guide to JWTs in PHP

The most common use of JWTs is as an authentication token, usually within an OAuth2 workflow. Creating these tokens is part and parcel of the authentication library that you use. I recently had a requirement to use a JWT independent of authentication and these are some notes on what I learned when researching with Lcobucci\JWT. Make up of a JWT To really understand JWTs, read RFC7519. For a more readable introduction, read the one on… continue reading.