Skip to content

Instantly share code, notes, and snippets.

Working from home

Phil Sturgeon philsturgeon

Working from home
View GitHub Profile
philsturgeon / cloudSettings
Last active May 29, 2020
Visual Studio Code Settings Sync Gist
View cloudSettings
View .spectral.yaml
description: |-
Cache usage MUST be extensively detailed in the `description` property
to avoid data leaks or the usage of stale data.
This rule should ensure in some way that the api provider
documented extensively the cache usage to avoid data leaks
or usage of stale data.
philsturgeon / giphy.bundled.yaml
Last active Mar 10, 2020
OpenAPI $ref Resolution: Bundling vs Dereferencing
View giphy.bundled.yaml
swagger: '2.0'
- https
basePath: /v1
description: Giphy API phantom change
termsOfService: ''


You're free to use this package, but if it makes it to your production environment you are required to buy the world a tree.

It’s now common knowledge that one of the best tools to tackle the climate crisis and keep our temperatures from rising above 1.5C is to plant trees. If you support this package and contribute to the Treeware forest you’ll be creating employment for local families and restoring wildlife habitats.

You can buy trees here

Read more about Treeware at

philsturgeon / gist:5465246
Last active Oct 19, 2019
API Golden Rules
View gist:5465246

Never Expose DB Results Directly

  1. If you rename a field, then your users are fucked. Convert with a hardcoded array structure.
  2. Most DB drivers [for PHP] will show integers as numeric strings and false as "0", so you want to typecast them.
  3. Unless you're using an ORM with "hidden" functionality, people will see passwords, salts and all sorts of fancy codes. If you add one and forget to put it in your $hidden array then OOPS!

Use the URI sparingly, and correctly

  1. Use the query string for paired params instead of /users/id/5/active/true. Your API does not need to be SEO optimised.
  2. ?format=xml is stupid, use an Accept: application/xml header. I added this to the CodeIgniter Rest Server once for lazy people, and now people think it's a thing. It's not.
philsturgeon / All Posts
Last active May 16, 2019
Octopress iTunes Feed
View All Posts
layout: post
title: "Episode 3: ExpressionEngine StackExchange"
date: 2012-12-20 10:47
comments: true
filename: some-file-name-without-extension
length: 52409154
summary: ExpressionEngine Pro Anna Brown and Testing Hero Chris Hartjes join Ben Edmunds and Phil Sturgeon to discuss the recent rumblings in the ExpressionEngine community and the new EE StackExchange site. We talk about Inversion of Control (IoC), what it is, why its useful and how it's done.
philsturgeon /
Last active Feb 23, 2019
OpenAPI specifications style guide / file format

API Specs & Docs

Style Guide

A lot of this information has been used to create linting rules for [Speccy], so just run the linter with --rules=strict for advice. It will be updated over time, as new rules are created.

File Structure

OpenAPI supports JSON Pointer via $ref keys, even when you’re writing in YAML. has a great guide for $ref and JSON Pointer.

View REST_Controller.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class REST_Controller extends Controller {
private $method;
private $format;
private $get_args;
private $put_args;
private $args;
# /etc/init.d/gearman-workers
# Provides: gearman-workers
# Required-Start: $network $remote_fs $syslog
# Required-Stop: $network $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
philsturgeon /
Last active Jun 7, 2018
PSR-2 v CodeSniffer PSR-2

This is a list of issues or discrepencies between the wording or intention of PSR-2 itself and the CodeSniffer PSR-2 ruleset.

Add suggestions in the comments or tweet me (@philsturgeon) if you have more inconsistencies to report.

You can’t perform that action at this time.