mlut (читается как "млат") - это CSS-фреймворк для кастомных сайтов и креативов. Он помогает верстать проекты с индивидуальным и нешаблонным дизайном, где не подходят фреймворки старой школы и плохо справляются LLM. mlut похож на Tailwind, поскольку основан на подходе Atomic CSS, но по некоторым параметрам превосходит все популярные аналоги.

Atomic CSS - это методология верстки, в которой мы используем маленькие атомарные классы, каждый из которых делает одно действие. Эти классы называют *утилитами*. Обычно они применяет одно CSS-свойство (например, цвет текста), но не обязательно одно. Выглядят они примерно так: D-ib, Bgc-blue_h.

Преимущества такого подхода

1. Тратим меньше мыслетоплива: не думаем о нейминге сущностей, структуре каталогов
2. Меньше CSS на клиенте: реиспользуем одни и те же утилиты, а новые стили почти перестают добавляться
3. Быстрее пишем стили: короткие классы, нет переключения файлов
4. Можно применять на любом стеке: JS SPA, PHP, Clojure, etc

Ключевые особенности mlut

1. Краткий и строгий нейминг. Сокращения основаны на популярности свойств CSS и составлены по единому алгоритму. Если вы знаете CSS, то вы почти знаете mlut
2. Богатый и нативный синтаксис. Это как Vim для CSS. Удобно создавать сложные стили с помощью мощного синтаксиса, концептуально близкого к CSS
3. Написан на Sass. Используйте всю мощь препроцессора для связи рукописного CSS и утилит

Что реализовано на сегодня

- генератор утилит почти любой сложности
- JIT-движок, который умеет генерировать утилиты из HTML/JSX/etc
- CLI с минификацией и автопрефиксером
- плагины для сборщиков фронтенда: Webpack, Vite и Rollup
- онлайн-песочница

Также есть обширная документация. Совместно с HTML Academy готовится интерактивный мини-курс по инструменту. Первый урок уже вышел. Это open source проект - результат глубокого ресерча и 1200+ часов труда. Больше технических деталей есть в расшифровке доклада с HolyJS.

Планы по развитию

- добавить еще возможностей CSS для сложной верстки: множественные градиенты, псевдоселекторы с аргументами, типа :has(), etc
- сделать интеграции для вайб-кодинга
- сделать плагины к IDE для автокомплита и подсказок

А недавно мы запустили проект на ProductRadar. Бодаемся там со стартапами за топ-3 продуктов этой недели. Будем благодарны за поддержку лайком на этой площадке и любой фидбек. Давайте покажем всем, что open source инструмент тоже может быть продуктом!

🖼 WezTerm and mc for viewing images

I've recently started using excellent WezTerm. It is fast, feature-rich and runs in Linux, macOS, Windows. After some configuration it looks and runs just fine.

When I was using Windows, my go-to file manager was Total Commander. Under Linux and macOS I've used console mostly but sometimes for sorting photos and freeing up space mc was super-helpful.

WezTerm can display images with its imgcat so I've decided to make these two work together.

mc.ext is what mc uses when opening a file with F3. We forward all png and jpg to mc-img.sh. The shell script takes care of forwarding names to imgcat and adding keyboard navigation to view next/previous and first/last images.

https://github.com/samdark/dotfiles/tree/master/.config/mc

#shell #bash #mc #wezterm

😎 Security lessons Yii learned thanks to GitHub Secure Open Source Fund

Finally can talk about it. Last year we were chosen as an important project for development landscape by GitHub and participated in improving security of both the framework itself and its infra.

https://www.yiiframework.com/news/783/security-lessons-yii-learned-thanks-to-github-secure-open-source-fund

#yii #security

🚀FrankenPHP got faster

FrankenPHP got v1.11.2 release which resulted in significantly better performance by switching to Go 1.26 which improved garbage collection and CGO (which is the way Caddy extension communicates with PHP in FrankenPHP).

#frankenphp #php

🎁 Radix router for Yii3

About half a year ago wilaak implemented radix router. The router is base on radix tree and is faster than regex-based FastRoute which is default "driver" for Yii3 router.

Last month sirix777 implemented a "driver" for Yii3 router that uses radix router and did some benchmarks that prove that it's way faster implementation.

There's a drawback, of course. Radix router doesn't support regexp. If the router would ever be a bottleneck in your app, you have a good option now.

https://github.com/sirix777/yii-radixrouter

#yii #router #radixrouter

🎁 YiiPress

I always wanted to build a really fast static website generator engine with PHP. There were multiple reasons to do it:

1. To exercise.
2. For my own needs. I want to combine all posts I've ever made in a single indexable place.
3. To battle-test Yii3 one more time with a non-standard case.
4. To try LLM assisted coding in action.

So here we go, YiiPress was born. It's in alpha stage but works quite well and can build its own docs.

Go try and explore it: https://github.com/yiipress/engine

#yii #yiipress

🤔 LLMs and unknown domains

LLMs won't help you much if you have no idea what you need and try to vibe-code solution anyway.

If you know what you're doing, even if there are unknowns, LLMs are a big help but if you have no idea, LLMs are the opposite.

During the classic coding session you were getting deep into context bit by bit even if you had no understanding at first. With LLMs you can vibe-code it and it is likely that learning the domain context will be skipped as well.

#llm #ai

🤔 LLMs amplify everything including bad practices

LLMs amplify good parts of a human engineer — they help shipping more, they free us from many routine tasks. They can even help with less trivial things like code review and even some architectural decisions and that's great.

At the same time, they amplify bad parts many times more:

1. Unmanaged tech debt grows very fast. You can't postpone automated tests, removing clutches etc. It hits you in months or even weeks.
2. Engineer absolutely can't vibe-code without checking results now. Shipping code that wasn't run once was possible (but still quite bad) before. Now it's not. A sure way to get fired.
3. Bottlenecks in the SDLC are becoming obvious almost immediately and are usually making performance boost either minor or impossible.
4. Not thinking and blindly relying on key decisions made by LLM leads to disaster quite fast as well.

It seems that the most valuable engineering skill of future would be an ability to take full responsibility of what you deliver doing everything necessary so it works properly and solves the problem in question:

1. Understanding the problem. // previously analysts, architects
2. Verifying solution. // previously leads
3. Actually testing results. // previously testers

Engineer role shifts from coding to thinking and verifying results.

#llm

🤔Humans are bottleneck now

Code could be shipped very fast using LLMs. It is now of a questionable quality sometimes but that would certainly improve. For Yii we use GitHub copilot for reviews along with human review already and that helps to catch more issues and speed things up because review is provided earlier.

https://background-agents.com/ is a good compilation of thoughts about the new SDLC landscape and the role of humans in it.

#llm #ai

🤔 AI Exposure of the US / RU Job Markets

Andrej Karpathy made a good visualization about job security considering raise of LLMs.

US market, data from BLS: https://joshkale.github.io/jobs/

And here's the visualization for Russia market, Rosstat data: https://ai.apigpt.ru/jobs/

Overall:

1. It is huge market change.
2. The more the salary the less secure is the job.
3. Bachelor education is least secure.
4. IT got 9/10. So AI is a total disruption of the field.

#llm #ai

🐘 PostgreSQL collations

In PostgreSQL collation determines how strings are sorted and compared. Nowadays projects operate all over the world so we need good support for UTF-8 with natural language sorting which works for any language.

There three sources of collation/locale available in PostgreSQL:

1. builtin — only byte-sorting is available. Doesn’t work for the case.

2. libc — unpredictable, tied to the OS, and doesn’t survive upgrades well.

3. ICU — predictable, portable across OS, properly versioned, natural-sorting, deterministic (suitable for unique indexes and keys). That’s what we need.

From ICU-based locales, we need und-x-icu. und there is an "undefined" locale. It works reasonably well for any language, including Asian ones.

To make it work, the following should be in the env variable:

POSTGRES_INITDB_ARGS="--locale-provider=icu --icu-locale=und --encoding=UTF8"

It sets up defaults instance-wide. There's one quirk though — defaults can't be changed if you already have the database so the only way to do it right is to:

1. Backup existing data.
2. Kill the instance and wipe the data.
3. Up new instance with proper settings.
4. Restore the data.

#postgresql #collation #encoding

PHPeople — 3 месяца

Мы работаем уже 3 месяца. За это время собрали 10 авторов, запустили 40+ постов в месяц и выстроили живое сообщество. Но главная цель — стать точкой сбора для всех PHP-разработчиков — пока не достигнута.

Поэтому принято решение: основной чат теперь бесплатный.

Внутри — анонсы и превью от всех авторов, общие обсуждения. Темы закрывают всё: от асинхронного PHP и типизации до рефакторинга legacy, Laravel, IDE-инструментов и AI в разработке.

Авторские чаты с полным контентом и прямым общением остаются платными — 150₽/автор или все 10 за 1 200₽.

Если ты пишешь на PHP — заходи:

@phpeople_community

⏱️ AI drastically reduced CVE to exploit time

It is already about a week and projected timing is 1 hours this year. Cost for creating an exploit is about $4.

Patching time for reported vulnerabilities is still about 20 days.

https://zerodayclock.com/ proposes the following to address it:

1. Vendor liability — make insecurity expensive for the people who create it
2. Security by default — build it into the platform, the framework, the infrastructure
3. Disposable architecture — build to rebuild, not to patch
4. Memory-safe languages — mandate them for new critical infrastructure
5. Open-source the defense — make AI security tools free and accessible to every defender
6. Regulation for machine speed — redesign compliance so defenders can use AI without handcuffs
7. Technical intelligence in policy — embed hackers in the rooms where decisions are made
8. Zero Trust — eliminate implicit trust from every system
9. Geopolitical accountability — treat cyber as statecraft
10. Philanthropic mobilization — fund the defense of civil society

#security #ai #llm

Testo is a testing framework for PHP, built from scratch. Not a wrapper, not a fork, not an add-on — a fully independent architecture based on plugins, middlewares, and events.

A good alternative for PHPUnit.

https://php-testo.github.io/blog/beta-testo

#php #testing

Debug Duck an AI debugger that lives inside your PHP toolbar.

Click "Analyze request" and it breaks down your HTTP response, timing, memory usage, queries, and tells you what to fix.

Works with Yii2/Yii3, Laravel, and Symfony. Free LLM models via OpenRouter. Open source.

⭐ Give it a star → https://github.com/app-dev-panel/app-dev-panel

🧭 Разбираем современный PHP вместе с Podlodka PHP Crew

PHP-стек может устаревать незаметно: решения вроде бы работают, но скорость разработки снижается, стоимость поддержки растёт, а количество возможностей сокращается.

💡 Эксперты Podlodka PHP Crew собрали онлайн-конференцию «Современный стек PHP-разработки», чтобы разобраться, как всё устроено сегодня.

🗓С 20 по 24 апреля участники:

• изучат, как сегодня запускают PHP-приложения (worker mode, новые рантаймы, FrankenPHP),

• посмотрят, как изменилась инфраструктура и что пора выкинуть из Docker-стека,

• обсудят, как реально применять AI-агентов в разработке (не только писать код, но и расследовать баги и планировать изменения),

• разберут практические кейсы (например, в онлайн-режиме будут запускать мультиплеерную игру на PHP с Temporal и RoadRunner),

• и в целом поймут, какие инструменты и подходы действительно стоит внедрять в 2026.

Формат — пять дней живых Zoom-сессий по утрам и вечерам, закрытое комьюнити в Telegram и общение со спикерами.

🎟 Если хотите обновить свой стек и лучше понимать, куда движется разработка на PHP — обязательно присоединяйтесь👇

Скидка для подписчиков по промокоду: samdark_blog_8

#php

⭐️ Inside GitHub's Fake Star Economy

Elena Marchetti wrote on GitHub have fake stars and economy. The read is pretty interesting.
 
The outcome is that it's better to be critical to the projects that are on hype. If you absolutely need to judge the popularity, you should check the metrics like the forks versus the followers and the percentage of the fake followers as well.

In Yii we never faked any stars. We are not so great in marketing so our stars are all hard earned. Should be quite interesting to check how Yii stands up to the metrics mentioned in the article. Unfortunately I don't have time for the my own research right now, but would be cool if someone can do it and provide results.

#yii #github #hype