Spoiler Alert: This weekly challenge deadline is due in a few days from now (on April 21, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.
Task 2: Completing Word
You are given a string, $str containing alphanumeric characters and array of strings (alphabetic characters only), @str.
Write a script to find the shortest completing word. If none found return empty string.
A completing word is a word that contains all the letters in the given string, ignoring space and number. If a letter appeared more than once in the given string then it must appear the same number or more in the word.
I just received an E-Mail purporting to be from the PAUSE Team, claiming a compromise of a server. It was written with some thought, referencing the account name of someone well known and trusted in our community. On closer inspection however, it was merely an attempt to phish PAUSE usernames and passwords via a supposed alternative login server.
I'm sure many of us are old enough and experienced enough to detect and ignore this type of attack. But in case you aren't (welcome!) or if you are feeling a bit out of practice, then please remember to only log in via the official PAUSE entry point.
The deadline for talk and paper submissions to the 2024 TPRC has been Officially extended through April 20th for both the regular Perl and Raku tracks; and also the Science Track.
Update for the Science Track submissions, we have a small, but solid set of submissions and are expecting a few more. The Science Perl Committee is committed to helping anyone submitting a serious entry to succeed. If you're hesitating at all because you're afraid of getting rejected, please be reassured we want as many people to be part of this inaugural Science Track, as possible.
Please note, acceptable topics DO include white papers discussing implementation details of the Perl or Raku interpreters, experimental language features, implementations, benchmarks, etc.
I personally and strongly encourage you to submit an abstract to the Science Track. And if you don't want to write a paper, I strongly encourage you to submit a regular conference talk.
Spoiler Alert: This weekly challenge deadline is due in a few days from now (on April 21, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.
Task 1: 33% Appearance
You are given an array of integers, @ints.
Write a script to find an integer in the given array that appeared 33% or more. If more than one found, return the smallest. If none found then return undef.
Maintainers and authors are found everywhere throughout our dependency trees. This includes the authors of the tooling others use for maintaining, building, testing, writing and running the infrastructure they depend on. Even maintainers depend on other maintainers.
Maintainers’ mental health and well-being is also a dependency.
So is their outlook on the sustainability of their projects, both in personal, technical, systemic and economic respects.
This means that personal, technical, systemic and economic well-being in the end are all actual and real dependencies* for the businesses that rely on these people and their projects.*
What can an ecosystem provide to make the lives of these maintainers easier in this regard?
Here’s a quickie little post, just to remind everyone of the usefulness of Date::Easy.
Recently, I downloaded some pictures from Google Photos, and unzipped them into my directory of other photos. I ended up with something that looked like this:
Well! said I. This is hardly ideal. A foolish consistency may well be the hobgoblin of little minds, as Emerson once wrote, but there is certainly something to be said for a sensible consistency. But ... how to achieve it?
Talk submissions are still open, and we are seeking proposals on a wide variety of subjects. This includes language features, personal projects, applications like Koha, and anything that may be of general interest to Perl and Raku programmers.
Please note it is our (the Science Perl Editorial Subcommittee) goal to be able to accept as many perl+science papers and posters as possible, as such our editorial process is designed to be very friendly.
Science Track Deadlines (initial submission is same date/time as the standard talk tracks):
Abstract submission deadline: April 5th, 2024 (23:59:59 UTC)
Abstract acceptance emails sent: April 15th, 2024
Draft full paper due: May 15th, 2024
Draft full paper feedback emails sent: May 31, 2024
Final full paper due: June 7th, 2024
Final papers approved: June 15th, 2024
PLEASE SPREAD THE WORD!
Thank you and I am looking forward to some very good things to see in Vegas, baby!
Roles are used when you need to share behaviour among several classes that don’t have to be related by inheritance. Normally, a role just adds a bunch of methods to the class that consumes it (there’s more, you can for example specify which other methods the role expects to already exist).
A parameterized role makes it possible to provide parameters for the consumed role. This way, you can adjust the behaviour for each consuming class.
A few people asked me about the distinctions between YAPC::Japan and other Perl events worldwide, prompting me to write below. Before delving into the specifics, I must preface that my experience is primarily rooted in YAPC::Hiroshima 2024, the only YAPC::Japan event I attended. It's important to say that comparing Perl events across different regions isn't about establishing superiority or inferiority; organizing conferences requires considerable resources and effort irrespective of location. Each conference has its unique approach and metrics for success. The observations I offer are purely subjective and reflect my personal views.
Crypt::Passphrase is a module for managing passwords. It allows you to separate policy and mechanism, meaning that the code that polices authorization doesn’t have to know anything about what algorithms are used behind the screen, and vice-versa; thus making for a cryptographically agile system.
It’s not only handling the technical details of password hashes for you but also it deals with a variety of schemes. It’s especially useful for transitioning between them.
A longer version of this post, including the full timeline as we know it, is available at security.metacpan.org
Between Dec 2023 and Jan 2024, vulnerabilities in Spreadsheet::ParseExcel and Spreadsheet::ParseXLSX were reported to the CPAN Security Group (CPANSec). This document describes the timeline and analysis of events.
Đình Hải Lê discovered an arbitrary code execution (ACE) vulnerability in the Perl module Spreadsheet::ParseExcel, version 0.65 and earlier.
An attacker, exploiting this vulnerability, would craft an Excel file containing malicious code encoded as a number format string, which is executed when the file is parsed by Spreadsheet::ParseExcel. Basically, untrusted data is passed to the Perl eval function enabling arbitrary code execution.
A detailed write up of the vulnerability and Proof of Concept (PoC) is available at
https://github.com/haile01/perl_spreadsheet_excel_rce_poc
After three years of not organising and one successful PTS in Lyon last year, we might have become a bit complacent and forgotten how taxing organizing an event is... After a very slow preparation, we are very pleased to announce the fourteenth edition of the Perl Toolchain Summit!
In 2024, we will be meeting in Lisbon, Portugal, from Wednesday April 25 to Sunday April 28. As has become customary, participants will stay at the hotel, and work in the meeting rooms dedicated for the event.
Get ready for a night of code, community, and culinary delights at the TPRF Sponsored Dinner during FOSDEM! 🍽️✨ Join us on Saturday, February 3rd, for a three-course feast and vibrant conversations.
📅 When: Saturday February 3rd, evening
📍 Where: Bruxelles
🎉 What's Cooking: An unforgettable evening filled with tech talks, networking, and delicious bites!
🤩 How to Join:
RSVP now by filling in this form below and secure your spot! Let's make this dinner a celebration of code and camaraderie.
Half of my new modules were related to my password framework Crypt::Passphrase. To be honest most of them are either small (± 100 LOC) glue two or three other pieces of code together. And then there was Crypt::HSM, a PKCS11 interface (to use cryptographic hardware without exposing cryptographic keys) that was probably more work (2600 LOC of XS) than the others combined.
Most of this was with the aim to add peppering support to Crypt::Passphrase, a subject extensive enough that I should probably dedicate a separate blogpost to it.
I missed last year but in 2024 I'm doing a dev release of Perl again. This time it is version 5.39.7.
And again, you can watch it live on Saturday 20th of January on Twitch.
Well, not actually wrong, just slow. But the exaggeration makes a punchier headline, you’ll admit.
This comes up when an interface takes a pattern to match things against. Sometimes you have some reason to want this match to always fail, so you want to pass a pattern which will never match. The customary way of doing this is to pass qr/(?!)/. There is a problem with that, though.
I’m not talking here about the fact that if possible, you really don’t want to pass an actual qr object. We’ve already covered that. It was a surprising enough discovery that I’ll take this opportunity to signal-boost that while we’re here, but this article is not about that.
