No results found.

Author

Sam James

Principal Engineer specialising in Magento 2, Adobe Commerce, DevOps, and e-commerce security

Sam James
Avatar of Sam James

Principal Engineer & Magento Specialist at BigEyeDeers

46 Magento & Engineering Articles 104 Technical Documentation Guides 10+ years Web Engineering Experience

Sam James is a Principal Engineer with over a decade of experience building, securing, and operating large-scale Magento 2 and Adobe Commerce platforms. His work focuses on performance optimisation, infrastructure automation, DevOps pipelines, and incident response for enterprise e-commerce.

He regularly publishes in-depth Magento tutorials, security advisories, and production engineering guides based on real-world incidents and client environments.

Sam James's Areas of Expertise

Sam James writes about a range of topics drawn from professional experience in Magento, DevOps, and e-commerce engineering.

Recent Articles (46)

Operational Maturity Before AI Velocity: What Your Magento Team Needs First

AI is a force multiplier for Magento development — but it multiplies whatever processes you already have. Here's the operational stack your team needs before leaning heavily into AI-generated output.

Copy Fail 2 / DirtyFrag (CVE-2026-31431): Container Escape & LPE Follow-Up

The sequel to CopyFail: DirtyFrag extends the CVE-2026-31431 exploit chain to container escape. Covers the new attack surface, detection, and mitigations beyond the algif_aead workaround.

CopyFail (CVE-2026-31431): Linux Kernel LPE — Detection, Mitigation & Distro Patch Status

CVE-2026-31431 is a Linux kernel local privilege escalation via algif_aead. Covers exploit mechanics, detection, the algif_aead mitigation, and patch status across Ubuntu, Fedora, Debian, RHEL, and more.

GitHub Webhook Secret Exposure via x-github-encoded-secret Header

How GitHub accidentally leaked webhook secrets via an erroneous HTTP header, what data was exposed, and the exact steps to rotate your secrets now.

Magento 2 Polyshell RCE: Technical Breakdown, PoC & Patch Guide

Deep dive into the Magento 2 Polyshell remote code execution vulnerability — how it works, how to test if you're affected, and how to apply the patch.

Adobe's Isolated Patch Strategy: A Community Response

Adobe's new monthly isolated patch approach for Magento creates maintenance burden. Here's how a community meta-package can help restore sanity to security patching.

See all articles by Sam James

Recent Documentation (104)

DevOps & Infrastructure

Production DevOps documentation: CI/CD pipelines, Ansible/Terraform automation, monitoring strategies, and infrastructure deployment workflows.

CI/CD Pipelines

CI/CD pipeline guides for GitHub Actions and Bitbucket: workflow automation, artifact management, environment cleanup, and troubleshooting.

Bitbucket Pipelines

Bitbucket Pipelines CI/CD guides: Renovate dependency automation, pipeline configuration, and third-party integrations for DevOps workflows.

Renovate Mend - Bitbucket

Configure Renovate Mend for automatic dependency updates in Bitbucket. Step-by-step setup guide with marketplace integration and config examples.

GitHub Actions

Production-tested GitHub Actions workflows: SSH config, artifact cleanup, environment management, Dependabot automation, bulk actions state management, and troubleshooting guides.

GitHub Artifact Cleanup

Automate GitHub Actions artifact cleanup with CLI commands. Bulk delete workflows, manage storage, and optimize repository artifacts efficiently.

See all documentation

Stack Exchange Contributions

60+ answers 1900+ reputation

Active contributor on Magento Stack Exchange — answers cover development, performance, security, and troubleshooting.

  • File type .svg Error in image upload Magento 2.3.1

    Explained that they are disabled in the first place for security reasons, and provided a few ways to re-enable them if needed. View on StackExchange →

    9 upvotes

  • Problems with friendsofphp/php-cs-fixer and php7.3

    PHPCS fixer is not supported above PHP7.2, explained options on how to install without dev dependencies, remove the package or downgrade PHP to a supported version. View on StackExchange →

    6 upvotes

  • CollectRates in custom carrier is not called when weight is over zero

    Explained that the issue likely stemmed from not setting the max package weight correctly, which in turn would set the max package weight to zero. View on StackExchange →

    5 upvotes

  • How to use systemd timer to replace OS system cron for Magento?

    Provided an example of a systemd timer and service file to run Magento cron jobs, along with instructions on how to enable and start the timer. View on StackExchange →

    4 upvotes

  • Magento 2.3 secure your site back and front

    Provided an non exhaustive list of steps to help secure a Magento 2.3 site, including using WAFs, file/IP restrictions, Scanning Tools, Integrity monitoring and more. View on StackExchange →

    4 upvotes
See all Stack Exchange contributions