This is from 2011, according to the commit blame info [1]. The advice appears to be from the standpoint of LAMP development a decade ago.<p>[1] <a href="https://secure.phabricator.com/source/phabricator/browse/master/src/docs/flavor/things_you_should_do_now.diviner$1" rel="nofollow">https://secure.phabricator.com/source/phabricator/browse/mas...</a>
For me #1 would be to add a version to any data format or communication
protocol. If you want to know how hard not doing so can bite, don't look further than Git and it's tourcherous migration from sha1.
Things you should never do: use integers as ID's. This is literally a solved problem, and the solution is UUIDs, which were invented for exactly this job.
Don't use a raw integer as the ID type. Use different types for different IDs: UserId, OrganizationId, etc.<p>It's a common bug to get different ID types mixed up, and a gigantic offset will do nothing to help you with that.
> Only Store Valid UTF-8<p>Linux could learn something about filenames here.<p>Personally I would also disallow anything below 32 to avoid having filenames contain escape sequences.<p>I have absolutely no need for a filename that contains an escape character, and would see this as a major bug, like his description of SQL injection. Better to fail fast.
I knew of a trucker once, who when he was starting his transport business, marked his first truck with "Number 8".<p>It never hurts to make people believe you are bigger and better than you really are.
"As of 2011 Facebook is in the second group, and spends several milliseconds of CPU time sanitizing every display string on its way to the browser, which multiplies out to hundreds of servers worth of CPUs sitting in a datacenter paying the price for the invalid UTF-8 in the databases."<p>I can imagine how companies will be taxed extra for this somewhere in the (probably not so near) future.