π‘οΈ mVDP Growth Manager at Patchstack β Coffee Lover π Blog https://maciekpalmowski.dev
943 followers 379 following 288 posts
view profile on Bluesky
Organizing a #WordCamp is not an easy task. But it turns out that organizing a bilingual WordCamp is even more difficult. π€― On paper, it should be easier (bigger pool of everything), but in reality, you hit quite a few problems. π¬ Read the whole article on maciekpalmowski.dev/blog/from-p...
See you soon KrakΓ³w. #wckrakow #wordcamp
maciekpalmowski.dev/blog/what-t...
Some time ago, I wrote an article explaining what #mVDP is and why you, as a #WordPress plugin developer, should join one: π It's easier to manage reports π οΈ You'll get help validating patches π You'll be one step further to CRA-compatibility Link in the comments
Me speaking at #OsDay25 earlier this year. You can see that two days in Florence are already turning me into an Italian π€π
Thank you - I will do my best πͺ
Thank you π«Ά
Officially, I'm 40 π I'm not sure how I'm feeling about this. I don't see any sudden side effects of this - no back or knee pains out of the sudden. My dreadlocks are still there. But let's wait and see - the day is young π
Time for a traditional airport photo. This time I'm in PoznaΕ and I'm waiting for a flight to Prague, so I can take part in #webexpo π€© I'm bringing a lot of cool swag with me, so don't hesitate to say "hi". Oh, and join me on 29th for my talk about WordPress security π
If you enjoy my newsletter, don't forget to subscribe. You'll receive weekly: π₯ cool links about web development (including Astro, Statamic, WordPress and more) for pros and beginners π₯ a bit of personal insights π₯ no spam newsletter.maciekpalmowski.dev/subscribe
I just released the 113th issue of my newsletter! π You'll learn about #Astro, #WordPress, and more π₯ newsletter.maciekpalmowski.dev/p/what-happ...
Ivana and Sven are speaking about birds songs and Grafana π¦ I'm this will be one the most amazing talks that happened at this conference π¦π¦ππ¦π¦
A great talk by @dbafromthecold about #Docker π #cyberwisecon
We're starting #cyberwisecon with a bang. Romano Roth is talking about how DevOps and AI can work together
Time for a traditional pre-confenerce airport photo. In a few minutes I'm flying to Vilnius to attend #CyberWiseCon. I have quite a tight schedule there: π€ a talk π¬ a discussion panel ποΈ hosting a track It will be π₯π₯ See you there.
Here you can buy the ticket gdynia.wordcamp.org/2025/en/tic...
π£ There are just 1οΈβ£3οΈβ£ early bird tickets for #WordCamp Gdynia left. This means you should visit the WordCamp Gdynia website (in the comment π ) and purchase it. This way you'll have a chance to visit the first bilingual WordCamp in Poland and save a few dollarsπͺ
A small reminder - next week, I will be speaking at CyberWiseCon in Vilnius π€ Also, if you still don't have a ticket, you can grab one a bit cheaper by using this code - SPEAKERS20 π₯ If you would like to meet for a coffee and chat about security, leave a comment or DM :)
Time for a little career update π I'm no longer the Security Community Manager at Patchstack... Since yesterday, I'm an mVDP Growth Manager πͺ
This is how Midjourney thinks Patchstack would look like if it was a robot π€ Can't disagree with this πͺ π₯ A true protector against vulnerabilities.
You can buy a ticket on the gdynia.wordcamp.org/2025/en/tic... And you can learn more about sponsorship packages gdynia.wordcamp.org/2025/en/spo... I'm also happy to hop on a call to explain everything :)
#WordCamp Gdynia is setting up sails β΅ This will be Poland's first bilingual (English & Polish) WordPress conference π and an opportunity to visit the Polish seaside. You can buy early bird tickets (only 29 left)π¦ Or become a sponsor π° More info below π
Today, for the first time ever, I took part in a feedback session before my #WebExpo talk π Together with Steven, Teresa and Alvaro we worked on our talks to make them better. I got valuable feedback. Time to implement it πͺ PS. More organizers should do something like this π
Take a moment to read about why you should use #Flotiq together with #astro. Check out this article π flotiq.com/blog/flotiq...
I'm looking for a cheap/free alternative to Sessionize or Papercall? We're looking for a tool that will help us manage the submissions. The vision of using Excel for this frightens me a lot π¨ Or maybe you have a working workflow that won't make us mad. π€
Thanks @drivingralle.de for the picture π
Together with Sander we're spreading the word about #WordPress #security at #WCVie π We still have some swag left - including tattoos and pins. Just find us and say "hi π"
#WCVie here I come βοΈ I have a bag full of #patchstack goodies, so if want a some amazing stickers or pins, don't hesitate to say "hi π".
#WCVIE starts this week π€― I will be there to share a thing or two about #headless architecture and #WordPress. I'm also bringing a lot of cool #Patchstack swag π» Who am I meeting in Vienna? PS. I'm always on the lookout for great specialty cafes. Any recommendations? βοΈ
Keystatic x Astro maciekpalmowski.dev/blog/keysta...
Second article about connecting CMSs with #Astro. This time it's time for #keystatic π Quick bits: π Keystatic is totally distraction-free π It creates Markdocs or markdown files (no API needed) Check the comment for more π
I'm continuing my journey to connect #Astro with different headless CMSs. π Right now, I'm experimenting with #keystatic, and boy, oh boyβit's fun! π When I finish the article, I will likely integrate it with one website for a nicer editing experience. π»
If you enjoy my newsletter, don't forget to subscribe. You'll receive weekly: π₯ cool links about web development (including Astro, Statamic, WordPress and more) for pros and beginners π₯ a bit of personal insights π₯ no spam newsletter.maciekpalmowski.dev/subscribe
I just released the 110th issue of my newsletter! π You'll learn about #Astro, #AI, and more π₯ newsletter.maciekpalmowski.dev/p/what-happ...
I promised to write tutorials about connecting CMSs with #Astro. Here's the first one about #Flotiq π Quick bits: π Content Layer API is amazingly flexible β‘ Flotiq is powerful π You can connect a CMS just by updating the content config maciekpalmowski.dev/blog/flotiq...
Who else is using #substack and has a newsletter about things connected to web developmentβ I would love to add some newsletters to the recommended list :)
My plan for the next few weeks - write 5 articles about #headless #CMS and show what I liked/disliked about them. π Each time I will connect it to #Astro π So the question is - which CMSs I should test? Post your picks in the comments and I'll make a poll later π
If you enjoy my newsletter, don't forget to subscribe. You'll receive weekly: π₯ cool links about web development (including Astro, Statamic, WordPress and more) for pros and beginners π₯ a bit of personal insights π₯ no spam newsletter.maciekpalmowski.dev/subscribe
I just released the 109th issue of my newsletter! π You'll learn about Astro, #osday25, and more π₯ newsletter.maciekpalmowski.dev/p/what-happ...
Goodbye #osday25 and goodbye Florence π₯Ί Soon, I will post a summary of this amazing event, but before I do, I just wanted to quickly thank all the organizers for organizing the BEST event ever π€ Thank you and see you next year π
Dungeons And Developers: Epic Teamwork for Legendary Projects It's definitely the best talk today π€―π It's a tech talk and DnD session at the same time βοΈπ‘οΈπ² Pierdomenico Reitano, you rock π₯ #osday25
Giorgio Boa on stage π» He's explaining how Open Source can help with your career π #osday25
Listen to the applause all the researchers got for closing 1K plugins during the October Bug Bounty π₯π₯ #osday25 - thank you for giving me the chance to share the history of this epic event and thank all the researchers properlyπ www.youtube.com/clip/UgkxEx...
Going live soon #osday25 Am I stressed a bit? Maybe, but just a bit πͺ
Emiliano Pisu talks about WCAGUI, a unified toolkit for accessible UI. Visit wcag-ui.com, in the middle of April the release candidate will be released. #osday25 #a11y
Sal Kimmich explains how to bridge laws and technology. This is one of those more unique talks that you won't find at any conference
Kicking off the #osday25 π€©
Oh well - it happens. I wanted to share a story of the biggest bug hunt that happened in the #WordPress ecosystem and how Patchstack's community removed almost 1K plugins from the repo because of security reasons. Maybe next year... or at different events.
#OSDay25, here I come βοΈπ
Can't wait for the #osday25 to start already π Who am I meeting in Florence? If you would like to talk a bit about securing your #WordPress (because you still have some websites you are maintaining) - I'm happy to help π
If you enjoy my newsletter, don't forget to sign up. You'll receive weekly: π₯ cool links about web development (including Astro, Statamic, WordPress and more) for pros and beginners π₯ a bit of personal insights π₯ no spam newsletter.maciekpalmowski.dev/subscribe
I just released the 108th issue of my newsletter! π You'll learn about security, CMS, and more π₯ newsletter.maciekpalmowski.dev/p/what-happ...
π» #CloudFest Hackathon day 2 is in full swing and the team, led by Nestor Angulo De Ugarte and John Blackbourn, is racking their brains. π§ β‘οΈ Curious to see the results? See the final presentations tomorrow at 3:55 PM at the Ring Stage in Europa Park. π #CFHack #CFHack2025 #cloudfest
So you're saying it's like having an umbrella with you - if you take one it won't rain π
I had the pleasure of chatting with Karim Marucchi from Crowd Favorite: π the importance of maintenance π why enterprises are using Open Source β οΈ biggest mistakes you can make as an agency owner Watch the trailer π¬ and subscribe for updates π© www.youtube.com/watch?v=rXA...
PS. If you don't want to miss more articles like that, subscribe to my newsletter at newsletter.maciekpalmowski.dev/. π I will keep you updated about new articles I published and I'm sharing some curated links about web development. π
And setting such a test is pretty simple: maciekpalmowski.dev/blog/the-la...
If I used regression testing, I would quickly see this difference(this orange part) and I could address the bug sooner. Overall, you should run such a test every time you do an upgrade (especially one that can introduce breaking changes) π§
Last week I mentioned that I missed one bug when migrating from #tailwind v3 to v4. π¬ Can you spot it? Yeah, I missed that too that's why it landed on production. π Was it easy to prevent? Of course - by using regression testing. βοΈ More in the comment ππ
Unauthenticated Arbitrary File Upload Vuln in Chaty Pro plugin π‘οΈ It suffers from an arbitrary file upload vuln. An attacker can upload a malicious file and take over the site π« It was fixed in 3.3.4 β With Patchstack protection activated, you're already protected π‘οΈ patchstack.com/articles/una...
If you enjoy my newsletter, don't forget to sign up. You'll receive weekly: π₯ cool links about web development (including Astro, Statamic, WordPress and more) for pros and beginners π₯ a bit of personal insights π₯ no spam newsletter.maciekpalmowski.dev/subscribe
I just released the 107th issue of my newsletter! π You'll learn about regression tests, CMS, and more π₯ newsletter.maciekpalmowski.dev/p/what-happ...
There is a thing that I β€οΈ about Gutenberg. You can select text and paste a link - this will convert this selected text into a link. That's something I missed in #Statamic for a while. So, using Claude, I managed to make a working prototype.
I mentioned that the migration from #TailwindCSS 3 to 4 went without a problem just to discover a day later that I missed a bug π After fixing it I spent some time to make sure it would never happen again and writing an article so you won't have the same problem. x.com/palmiak_fp/...
Nice branding BTW ;)
I was really surprised with what you can do with scroll-animated CSS. For example - maciekpalmowski.dev/blog/what-wa... this small progress bar on top is pure CSS π€―
Thanks for having me @briancoords.com πͺ Great that we talked about the alternatives and about getting out of our WP comfort zone π
Also, if you would like to meet and chat about security, CMSs, and lots of other stuff. Just leave me a DM or a comment and let's arrange something in Florence π¬ποΈ
In less than a month I will be speaking at Open Source Day in Florence. π€ I will tell you a story about how we closed around 1k plugins from the official WP repo in a month. π« Thanks, Patchstack for making this possible. π Want to meet? Check the comment π #OSDay2025
Subscribed of course
If you enjoy my newsletter, don't forget to sign up. You'll receive weekly: π₯ cool links about web development for pros and beginners π₯ a bit of personal insights π₯ no spam newsletter.maciekpalmowski.dev/subscribe
I just released the 106th issue of my newsletter! π You'll learn about #WordPress, #astro, and more π₯ newsletter.maciekpalmowski.dev/p/what-happ...
Woop π₯³I placed 5th in the @patchstack.com CTF at #wcasia2025 π Here's my first write-up covering one of the trickier challenges, diving into PHPβs quirks, like mixed-case function calls and dynamic execution. sec.stealthcopter.com/patchstack-c... #CTF #WordPress #Hacking
Happy to join :D We can chat about WordPress and why it is still so popular despite so much negativity around it. Or switching from dev to DevRel :)
Reflected XSS Patched in Essential Addons for Elementor π οΈ It happens due to insufficient validation of the popup-selector query argument. π€ It got fixed in 6.0.15 β If you have Patchstack protection enabled, you're already protected. π‘οΈ patchstack.com/articles/ref...
We had a lot of fun during the Patchstack #WCAsia Capture The Flag π© Time to sum it up: π― 11 challenges (all solved πͺ) π₯ 200+ registered users π© 183 solutions sent π¬ lot of chatter on Discord Thank you all for participating π«Ά You are amazing.
π΅οΈββοΈ Is WordPress security really that bad? With 6,000+ vulnerabilities last year, security is a real concern. @maciekpalmowski.dev from Patchstack will reveal: πΉWordPress security myths vs. reality πΉHow vulnerabilities are found & fixed πΉWays to keep your site safe
How do you have access to my inbox? π
It's already on my list, but something always happens. But maybe next year π€
WordCamps as usual, but last year I also visited Open Source Day in Florence (love it), Developer Week in Nurnberg, Come to Code(very unique). And this year I will go to WebExpo in Prague and DevDay in Vilnius.
Totally agree - I see this at every conference, where a bunch of nerds (myself included) behave totally different because they feel at home, surrounded with people like them π
Yup - I like to brag that I'm an introvert who learned how to behave as an extravert at the age of 31 π
In my case it was a natural thing - I felt that I have hit the wall as a dev, but it turned out I can talk with other devs and that's a quite rare talent (who would have thought) π
I moved from Dev to DevRel/Community Manager stuff. Also I'm trying to stay less in the WP bubble and I'm constantly experimenting with other CMSs etc.
#OpenSourceDay is happening soon, so it's finally time to gear upπ
I had a lot of fun recording this with Steve. π¬ #Drupal has some interesting solutions baked in - including using AI agents, recipes, and Symfony under the hood. Also, it has a different philosophy behind it. π‘ www.youtube.com/watch?v=u3t...
I always add this to my #statamic websites. The muscle memory to visit wp-admin is just too strong :D BTW - would you be interested in an addon that would add redirects to other CMS admin panels?
Critical Privilege Escalation Patched in KLEO Themeβs Plugin. π It occurs due to broken logic in the FB social login process. β Update it immediately to at least 5.4.0 β¬οΈ If you have Patchstack protection enabled, you're already protected. β patchstack.com/articles/cri...
I migrated my website from #tailwindcss 3 to 4. It took me around 20 min π₯ π the migration script did 99% of the heavy lifting π¨ I had to fix a few opacity classes in the CSS file π one thing stopped working properly ("before" added to images) Overall - 9/10 experience β
I have a dream π€©! I want to make small #gym at my new home, so it's easier to continue my #fitness adventure ππͺ. However, this dream is hard to achieve, that's why I'm looking for assistance. Can you help? Find full story & donate here: 4fund.com/z/home-gym π. Thanks β€οΈ!
Is Drupal CMS a good alternative to WordPress? ft Steve Persch, Pantheon www.youtube.com/watch?v=u3t...
I enjoyed discussing everything #drupal with Steve Persch from #pantheon. π The full interview will be out on 21st Feb, but you can already watch the teaser: www.youtube.com/watch?v=9p8... and you can subscribe for the final video (link in the comment): π
I started lifting when I was 37, so it's never too late. Also, every time my kid sees a strongman somewhere he says "daddy" π
My kid motivated me to start (carrying him was a pain for my back), but I got hooked up. So gym became a routine and during warmer months the bicycle also kicks in.
Last week we were testing some text-to-speech tools and I wouldn't be surprised if that's Ai-generated.
Enjoying the weekend πͺ I never thought that the gym would become part of my weekly routine.
To take part in the CTF you have to subscribe at ctf.patchstack.com/ Have fun π₯
#WCAsia is happening soon, so at #Patchstack, we thought that doing a nice Capture The Flag Event would be a good idea π© Join us on 20-22 February π We have some cool prizes too: π₯ - $1200 π₯ - $900 π₯ - $600 4οΈβ£ - $300 5οΈβ£ - $150 Link to the event in the comments π
