Discussed some specific ideas for future perl development - more ways to allow CPAN modules to experiment with new ideas, import some possibly-stable ideas from CPAN into core.
Reviewed the list of ongoing experiments in perlexperiment.pod to work out what can now be declared stable. We’re technically past “user visible changes” freeze but maybe the list will be happy with these changes anyway.
Observed that SSL-in-core still hasn’t made any progress, and wondered further on how we can unstall it and try to get someone working on it eventually. Maybe writing a PPC doc would help?
Talk submissions are still open, and we are seeking proposals on a wide variety of subjects. This includes language features, personal projects, applications like Koha, and anything that may be of general interest to Perl and Raku programmers.
Please note it is our (the Science Perl Editorial Subcommittee) goal to be able to accept as many perl+science papers and posters as possible, as such our editorial process is designed to be very friendly.
Science Track Deadlines (initial submission is same date/time as the standard talk tracks):
Abstract submission deadline: April 5th, 2024 (23:59:59 UTC)
Abstract acceptance emails sent: April 15th, 2024
Draft full paper due: May 15th, 2024
Draft full paper feedback emails sent: May 31, 2024
Final full paper due: June 7th, 2024
Final papers approved: June 15th, 2024
PLEASE SPREAD THE WORD!
Thank you and I am looking forward to some very good things to see in Vegas, baby!
Spoiler Alert: This weekly challenge deadline is due in a few days from now (on March 31, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.
Task 2: Count Equal Divisible
You are given an array of integers, @ints and an integer $k.
Write a script to return the number of pairs (i, j) where
Roles are used when you need to share behaviour among several classes that don’t have to be related by inheritance. Normally, a role just adds a bunch of methods to the class that consumes it (there’s more, you can for example specify which other methods the role expects to already exist).
A parameterized role makes it possible to provide parameters for the consumed role. This way, you can adjust the behaviour for each consuming class.
Spoiler Alert: This weekly challenge deadline is due in a few days from now (on March 31, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.
Task 1: Max Positive Negative
You are given an array of integers, @ints.
Write a script to return the maximum number of either positive or negative integers in the given array.
Example 1
Input: @ints = (-3, 1, 2, -1, 3, -2, 4)
Output: 4
Count of positive integers: 4
Count of negative integers: 3
Maximum of count of positive and negative integers: 4
You may submit your Science Track abstracts here! Don't wait, do this today! Prior registration to the Perl Conference is not a condition for acceptance, however individuals with accepted papers and posters are expected to register for and attend the Conference in person*. You may register for the Perl & Raku Conference here. (Note: in the past, the Conference registration fee has been waived for speakers; it is expected that this will be the case again this year, but at this time there are no guarantees.)
let us know if this is impossible, exceptions may be considered in some extenuating circumstances
Deadlines:
Abstract submission deadline: April 05, 2024 (23:59:59 UTC)
Full paper deadline: May 15th, 2024 (23:59:59 UTC)
A few people asked me about the distinctions between YAPC::Japan and other Perl events worldwide, prompting me to write below. Before delving into the specifics, I must preface that my experience is primarily rooted in YAPC::Hiroshima 2024, the only YAPC::Japan event I attended. It's important to say that comparing Perl events across different regions isn't about establishing superiority or inferiority; organizing conferences requires considerable resources and effort irrespective of location. Each conference has its unique approach and metrics for success. The observations I offer are purely subjective and reflect my personal views.
Crypt::Passphrase is a module for managing passwords. It allows you to separate policy and mechanism, meaning that the code that polices authorization doesn’t have to know anything about what algorithms are used behind the screen, and vice-versa; thus making for a cryptographically agile system.
It’s not only handling the technical details of password hashes for you but also it deals with a variety of schemes. It’s especially useful for transitioning between them.
A longer version of this post, including the full timeline as we know it, is available at security.metacpan.org
Between Dec 2023 and Jan 2024, vulnerabilities in Spreadsheet::ParseExcel and Spreadsheet::ParseXLSX were reported to the CPAN Security Group (CPANSec). This document describes the timeline and analysis of events.
Đình Hải Lê discovered an arbitrary code execution (ACE) vulnerability in the Perl module Spreadsheet::ParseExcel, version 0.65 and earlier.
An attacker, exploiting this vulnerability, would craft an Excel file containing malicious code encoded as a number format string, which is executed when the file is parsed by Spreadsheet::ParseExcel. Basically, untrusted data is passed to the Perl eval function enabling arbitrary code execution.
A detailed write up of the vulnerability and Proof of Concept (PoC) is available at
https://github.com/haile01/perl_spreadsheet_excel_rce_poc
After three years of not organising and one successful PTS in Lyon last year, we might have become a bit complacent and forgotten how taxing organizing an event is... After a very slow preparation, we are very pleased to announce the fourteenth edition of the Perl Toolchain Summit!
In 2024, we will be meeting in Lisbon, Portugal, from Wednesday April 25 to Sunday April 28. As has become customary, participants will stay at the hotel, and work in the meeting rooms dedicated for the event.
Get ready for a night of code, community, and culinary delights at the TPRF Sponsored Dinner during FOSDEM! 🍽️✨ Join us on Saturday, February 3rd, for a three-course feast and vibrant conversations.
📅 When: Saturday February 3rd, evening
📍 Where: Bruxelles
🎉 What's Cooking: An unforgettable evening filled with tech talks, networking, and delicious bites!
🤩 How to Join:
RSVP now by filling in this form below and secure your spot! Let's make this dinner a celebration of code and camaraderie.
Half of my new modules were related to my password framework Crypt::Passphrase. To be honest most of them are either small (± 100 LOC) glue two or three other pieces of code together. And then there was Crypt::HSM, a PKCS11 interface (to use cryptographic hardware without exposing cryptographic keys) that was probably more work (2600 LOC of XS) than the others combined.
Most of this was with the aim to add peppering support to Crypt::Passphrase, a subject extensive enough that I should probably dedicate a separate blogpost to it.
I missed last year but in 2024 I'm doing a dev release of Perl again. This time it is version 5.39.7.
And again, you can watch it live on Saturday 20th of January on Twitch.
Well, not actually wrong, just slow. But the exaggeration makes a punchier headline, you’ll admit.
This comes up when an interface takes a pattern to match things against. Sometimes you have some reason to want this match to always fail, so you want to pass a pattern which will never match. The customary way of doing this is to pass qr/(?!)/. There is a problem with that, though.
I’m not talking here about the fact that if possible, you really don’t want to pass an actual qr object. We’ve already covered that. It was a surprising enough discovery that I’ll take this opportunity to signal-boost that while we’re here, but this article is not about that.
We’re given a grid with obstacles, we’re supposed to count all the reachable plots in the grid in a given number of steps (we can only move one plot at a time horizontally or vertically).
DBD::mysql has long provided the interface to connect to the MySQL database from Perl code. But as old as it is, it was implemented with some critical bugs that cannot simply be corrected without breaking mountains of existing code relying on those bugs. For this same reason, though DBD::MariaDB corrects these bugs, care must be taken when migrating existing code to avoid subtle breakage.
CosmoShop is the largest pure Perl based shop system.
Since 1997, we have been implementing sophisticated and individual eCommerce projects in the B2B sector with our specially developed store software. We are the central point of contact for the entire spectrum.