Author: Ipstenu (Mika Epstein)

Github Introduces Archiving

One of my laments has been that I can't (easily) flag a repository in Github as archived.

https://twitter.com/ipstenu/status/926529534580555777

As of today, you can!

Github just announced the ability to archive repositories, and yes, it can be undone.

To archive a repository, go to your Repository Settings Page, scroll down to the Danger Zone and click Archive this repository. It will pop up with a screen to warn you that this is a serious change, and while it can be undone, it will ask you to type in the repository slug to confirm.

Once you've closed the repository, you'll see it has a new banner at the top, announcing "This repository has been archived by the owner. It is now read-only."

The repository will also have a little 'Archived" badge in the regular view.

So. YAY!

9 November, 2017
Grunt Can’t Build Sass on High Sierra
Working on a site, I went to run my grunt command to compile sass, I got an error.
```
Running "sass:dist" (sass) task
/usr/local/Cellar/ruby/2.4.2_1/lib/ruby/2.4.0/rubygems.rb:271:in `find_spec_for_exe': can't find gem sass (>= 0.a) (Gem::GemNotFoundException)
    from /usr/local/Cellar/ruby/2.4.2_1/lib/ruby/2.4.0/rubygems.rb:299:in `activate_bin_path'
    from /usr/local/bin/sass:22:in `<main>'
Warning: Exited with error code 1 Use --force to continue.
```
No good, right? And googling around for that didn't help me at all until I drilled down and realized the sass error was a Ruby error.

Upgrade Ruby

First, install Homebrew. I know there are many other ways to handle installs on Macs, but Homebrew has been my go-to for a few years. It makes my life easier.

Once Homebrew is installed run the following command: brew install rbenv ruby-build

If this gives you an error, like missing xcrun, then run this: xcode-select --install

Once you have rbenv installed, it's time to upgrade ruby:
```
rbenv install 2.4.2
rbenv global 2.4.2
```
Awesome! But grunt still doesn't work. And this is because Sass isn't installed.

Install Sass

This should be easy, right? sudo gem install -n /usr/local/bin sass and off you go. The problem is you may get this error:
```
ERROR:  While executing gem ... (TypeError)
    no implicit conversion of nil into String
```
Not so helpful. The magic here is going backwards to go forward. Update your gems first: sudo gem update --system and then run the installer for sass.

Why Did This Happen?

The short answer is that Mac changed versions and everything got out of sync. I'm not a system code expert so I can't explain it better than that.

How you fix these things is by understanding how to logically step backwards through the errors. Most of the time, we see it as "Grunt says Sass is broken!" and the trick here is to ask yourself "What runs Sass?" and the answer is "Ruby." So instead of looking up "Why can't I run sass on grunt?" we look up "Ruby can't compile SCSS on Mac High Sierra" because that's the ultimate answer.

Walking backwards is the secret sauce for all solutions with software, I feel. Why can't Grunt run Sass? Because Ruby can't compile? Why can't Ruby compile SCSS? Let's reinstall Sass! Oh wait, that has an error. Okay, let's upgrade Ruby. Oh that has an error too? Let's solve that.

It's not fun, unless you're me and think snarling at a laptop in the conference room of your friends' office is cheerful.
7 November, 2017
PHP Spaceship
It’s no Jefferson Starship, but in PHP 7 there’s an awesome new comparison operator called ‘Spaceship.’

Dragon Fly

Operators are those things we use to tell PHP what ‘operations’ to perform on variables and values. Comparison operators are used to compare two values (like a number or string). And Spaceship — <=> — is a cool new one.

It’s a combined comparison operator and returns:
- 0 if values on either side are equal
- 1 if value on the left is greater
- -1 if the value on the right is greater
Red Octopus

So why would anyone use it?

Let’s say you have an array of characters with lists of when they died. But the characters are ordered alphabetically. Sara Lance comes after Lexa, even though Sara died first. And let’s say you want to take the list of all the characters who died and put them in the order of death, not their names.

To do this in PHP, you would use usort or uasort to ‘user sort’ the array. The A in the sort is if you have an associative array, and you want to keep ‘name’ and ‘date of death’ connected when you sort. Which you do.

Spitfire

In PHP 5, the sort would look like this:
```
uasort( $death_list_array, function($a, $b) {
	$return = '0';
	if ( $a['died'] &lt; $b['died'] ) $return = '-1';
	if ( $a['died'] &gt; $b['died'] ) $return = '1';
	return $return;
}
```
Which isn’t bad, but it’s messy right?

Earth

In PHP 7, the sort would look like this:
```
uasort( $death_list_array, function($a, $b) {
	$return = $a['died'] &lt;=&gt; $b['died'];
	return $return;
}
```
Way nicer, and faster, isn’t it?

Freedom at Point Zero

Why not use it all the time? Because it’s PHP 7+ only, and for some reason not all servers have PHP 7 as the command line version of PHP. Which means if you use it, sometimes wp-cli commands don’t run.

However. If you have PHP 7 all across the board, then use the starship and save yourself some flying time.
2 November, 2017
18 Months Without Contact Forms
In February of 2016 I deleted my contact forms (except one).

In the subsequent 18 months, I’ve actually enjoyed it, as the cruft email in my box has dropped significantly. But it led to a few peculiar situations. You see, people do still try to get a hold of me personally , and they’ve taken to interesting methods.

Keep in mind. I’m talking about my personal contact. Not work. Work is work is work. This is basically you calling my house, not my office.

Everything Is About Plugins

Every. Single. Time.

I’m only talking about unsolicited messages. Not “We’ve been talking about X in the #meta and let’s take it to a sidebar.” And it’s not “Last week you said X was okay in #forums and I have a followup.”

I mean, literally, people I’ve never spoken to before who fall into one of two categories:
1. People looking for help with a plugin I wrote
2. People who got an email from the Plugins address
For group 1, please use the WordPress support forums. For group 2, please press ‘reply’ on your email.

But they don’t. Instead they use…

Twitter

It’s not a secret I leave DMs open on Twitter. This means, yes, anyone can DM me if they want. So far, I’ve received the following:
- multiple offers to speak at an event
- multiple requests to help with a plugin review
- multiple complaints that blocking their ‘company’ account on twitter was unethical of me
- requests for help from friends
That last one I don’t mind. It’s pretty rare, and it’s from people who are, you know, friends. They’re also incredibly respectful of my time (as I try to be of theirs) and understand when I say no. Pro tip: If someone lashes out or acts up after you tell them ‘sorry, no’ they’re not actually your friend, they find you useful.

Facebook

This one cracks me up because I limit FB messages to friends only, so I get a lot of friend requests just so people can message me. I decline them. The only trend I’ve noticed there is people who met me at WordCamps (sorry, no), and people from AWP (again, no).

I actually block a lot more people from FB for snide comments than anywhere else.

Slack

90% of the ‘unsolicited’ contacts on Slack I get are people who, for some reason, instead of pressing the reply button in their email, decide to DM me.

The rest are people who have a question about plugins and even though they know about the email address, think it’ll be faster to DM me. At 8pm. On Saturday.

The contact form on my ebook site

I actually went to look at those. The last few emails are:
- Spam to pay someone to write copy for my site for ‘SEO’
- Spam for a VPN
- Someone asking ‘If I can’t use a contact form, how am I supposed to get help?’
- Spam about SEO
Dear person #3 – That’s what the support forums are for.

How Do You Contact Someone Without A Contact Form?

Generally? You don’t.

Look. There’s no form on my website because I’m not your free support. If you have a problem with a plugin I wrote, go to the plugin page on WordPress.org and ask for help. I get emailed when you do that. If you have a problem with a plugin review, press reply on your email. Shockingly? I get an email about that.

What About Work?

Oh that pesky professional thing.

First of all – use the established contact methods. WordPress plugins all have support forums. Use those. Did you get an email? Press reply to the email and either propose a different method to converse or stick to whatcha got. Sometimes email will be the only way to go, as it’s the lowest common denominator (it’s 2017 – everyone has an email since you needed one to get on Twitter or Facebook or Slack in the first place).

Next, if you know how to contact someone, unsolicited, about work things, then just do that. It’s not very complicated. You reach out, you apologize for the interruption, and you ask if I have time to talk about X. Here’s an example for you:

Sorry to bother you. I’m planning a non-WordCamp event in Dallas for 2018 and I was wondering if you or your company would be interested in sponsoring? You can find the details at http://event-example.com and my email is me@event-example.com

That works because you’re starting out being respectful of the other person’s time. You’re offering contact information, which demonstrates sincerity, and lets me know there’s a non-platform limited way to get in touch with you.

Here’s another:

Sorry about the DM, but I don’t know where to go for this. I’m having a problem with DreamPress and I can’t log in to my panel. What’s the right way to get my access back?

This is good because you’re not assuming I’m the contact, and you’re asking ‘what is right?’ If it’s me, I’ll happily tell you. Well. Not happily, because I’ll be bummed you can’t log in, but I’ll help you sort it out (BTW: The answer there is the DreamPress Support page where someone’s familiar mug can be seen).

The point here is that reaching out to someone, in an unsolicited way, requires you to begin by respecting them as a human. If you can’t do that, you’re basically sending them hate-mail.

Be sincere. Be respectful. Be polite.

And if you DM me about plugin reviews, I’ll just block you and walk away.
31 October, 2017
Find It, Write It, or Buy It?

When you need to extend WordPress, you have three main choices for how to do it. You can find the code on WordPress.org, you can write the code, or you can buy premium code.

Which is right depends more on your situation and skills than your space cash.

Find It

This is the cheapest, though it can be time consuming. Finding a good plugin or theme on WordPress.org is less a factor of the search function, and more a function of being unable to codify ‘need’ clearly. For example, if you want a slider plugin (no judgement here), there are around 2000 possibilities. Newspaper themes? You’re looking at 70 or so that may fit the bill.

Finding what you need means you must narrow your search. You have to decide what kind of sliders, or what format of newspaper, you feel is the most important. You want a slider with text overlay? That’s different than one that supports animated images. Newspaper themes don’t always have the same formatting options.

Once you find the features you want, you still have the headache of reviewing the developer and the code. Oh yes. If you’re installing plugins without looking into the developers or the code, you run a high risk of damaging your site. This isn’t a huge deal for a hobby site, but if you’re trying to make a business or a successful niche site, this can make or break you.

So. Should you rely on what you find? For the most part, yes. Provided you can vet the code, you’re going to save yourself time, effort, and money. There’s no sense in reinventing the wheel.

Write It

This is the most expensive choice. Seriously. Think about how much you get paid a year. Let’s say you make $80k. Divide by two to get $40k. Now. You’re worth about $40 an hour. So if it takes you ten hours to write a plugin or theme, that’s $400. Surprise.

So why would anyone write their own code? Basically because you cannot find what you’re looking for in a way that meets your requirements, be it security, stability, or functionality. Often you will find very close versions of what you’re looking for, but when the magic bullet is missing, it’s up to you to build it all your own. This is how forks happen, in software, by the way.

There’s nothing inherently wrong with this, but it requires time and skill you may not have. But should you do it? Yes. If you can’t find what you want, and you know you can write and support the code, this is a perfectly viable option.

Buy It

People always seem to not want to do this. And really the only reason I can understand not wanting to buy premium code is that you can’t vet the usability or security until you buy it. That makes freemium code like Yoast SEO or Monster Insights my favourite kind. You can use their free code, see how well it works and if these are people you could work with.

But when you argue that you shouldn’t have to pay for code, I gesture towards the door and ignore you. Because yes, yes you should. Remember how 10 hours of writing your own code is around $400? Plus ongoing upkeep? Okay, that plugin you want is $60 a year. That means six years of the plugin is the same cost as writing it yourself. Which is a way better deal.

Should you buy it? Yes! Absolutely yes, buy the plugins but only if you can vet the plugin shop first.

Wait… You said yes to all three!

Surprise twist ending!

Here’s the thing. Every single decision you make has a cost and repercussions. They’ll all cost you time, money, and a bit of a headache no matter what you pick. So the real answer, the one I can’t give you, is what’s worth more to you?

For me, I will use free if it exists, I’ll write my own if it doesn’t, and I’ll buy premium if they do it so well I’m just whistling dixie.

26 October, 2017
Crypto Mining on Websites Isn’t Evil

A recent hot button topic in WordPress has been Crypto Mining.

What is Crypto Mining?

Mining is a way to use your computer hardware to ‘mine’ for Bitcoin (or whatever cryptocurrency). Cryptocurrency is a digital currency, generated by performing computationally expensive tasks that use a lot of your computer’s processing power. Basically a computer is paid for solving math numbers. This math solving verifies transitions, and effectively runs the cryptocurrency Wall Street.

Mining is earning money.

Why is it bad?

The problem is that you can’t actually do any profitable mining on your laptop. It’s not powerful enough. People have to build out crazy computers dedicated to mining, and those use a lot of power, which means you’ll end up paying more for electricity than it’s worth. Somewhere along the line, people decided to use the power of the crowd to make the money for them, and started to bundle mining tools in their software. uTorrent, for example, did that so every time you used their app, you made them a few thousandths of a penny. With millions of users, they make money and you pay more for electricity.

Isn’t that illegal?

Well. No. You agreed to their Terms of Use and guess what got buried in those EULA’s you clicked “I Accept” on? Surprise! Technically this means its legal. Ethical is, of course, a different matter. Mining without reporting your income on your taxes is illegal (surprise again), but the actual mining itself isn’t. But the reason why people say this is unethical is less that people are using your computer to mine, but that you don’t get any of the money from it!

How did websites get involved?

People figured out how to embed, via javascript, a mining program in websites as an alternative to those ads no one clicks. While most (if not all) web hosts will kick you off their services for using their servers to mine, this instead uses the computers of site visitors to mine. Which brings us back to the part where your laptop (or worse – phone) is being used to mine without your knowledge or real permission. Because in the case of the javascript, most aren’t asking you to opt in. All the visitors make thousandths of a coin for the website, all without knowing (except maybe wondering why the website is a little slow).

It’s THAT illegal?

Apparently not. Which is why I recommend you install and use an adblocker. I currently use Ghostery, which is an add-on for your browsers. It stops most bad actors from being loaded if they’re tracking you, but it doesn’t block all javascript. Which yeah, it shouldn’t! You need javascript for the modern web to run.

Instead, you could block bad javascript, which I do via jsBlacklist – a Safari extension. I’m sure it exists for other things, and my friend Jason has a Javascript Blacklist of all the naughty miners and services he knows.

Amusingly, Showtime’s website was mining, and we’re not yet sure how or why. It was removed quickly.

Is there a good way to use this on my website?

If you absolutely must, I recommend an approach like AuthedMine. This legit enforces opt in. But check with your web host first to make sure it doesn’t violate their terms. And above all, make sure people know what they’re agreeing to.

24 October, 2017