This extended meeting took place between the three of us in person over several days at the PTS 2025 in the beautiful city of Leipzig.

Happy Friday, this is my first hand experience with AWS Bedrock.
Please check out the link for more information:
https://theweeklychallenge.org/blog/aws-bedrock

Many thanx to Shawn Laffan for testing this version on Strawberry Perl.
I test it on my Debian machine first of course.
It took Shawn and myself a number of attempts to make all the test pass under the 2 types of OSes.

Over the past year, I’ve been self-studying XS and have now decided to share my learning journey through a series of blog posts. This fourth post introduces you to overloading operators in XS.

Lots has been going on. All of us showed up, though Aristotle had to join late and Philippe had to leave early, so the meeting was short but productive:

• We continued with the potential release blocker issue review and finished going over all 49 issues remaining at this time, of which we identified 11 of interest. There are now still 72 pull requests to review.
• We agreed to include the new Perl logo in the next release, but don’t yet know exactly how and where. That should be sorted out on p5p, and we will kick that off soon.
• We went over the latest point release news, where everything is finally on track. It is coming very soon.

[P5P posting of this summary]

Continue with the blog series, in this post, I am talking about AWS KMS Encryption.
Please check out the link for more information:
https://theweeklychallenge.org/blog/aws-kms-encryption

With the Harmonograph you can create beautiful and individual images within a few clicks. It's painting by pendulum. I already gave here an introduction. So let me just explain what is new:

My home page gives you access to:

o Perl TiddlyWiki V 1.25
o Mojolicious TiddlyWiki V 1.03
o Debian TiddlyWiki V 1.07
o Some other stuff...

What's new?

• The BoolLike type constraint accepts boolean.pm booleans.
• Type::Params offers some improvements for DWIM named parameter processing.
• More shortcuts are provided for exporting parameterized versions of type constraints.

AWS S3 Encryption isn't as complex as I thought initially. I had fun playing with it. You can give it a try too. Please check out the link below for more information.
https://theweeklychallenge.org/blog/aws-s3-encryption

All three were present.

• We went over developments on the point release front. Things are now finally moving, if slowly.
• We discussed some internal quality-of-life improvements to the PSC meeting workflow.
• We briefly reflected on our work as the PSC given our various personal circumstances this year.
• We discussed PPC 0027 (any/all), prompted by the Mojolicious::Lite DSL question. We went over its status, how the work got merged, and current issues with the design. We confirmed an already possible technical solution to the Mojolicious issue and agreed that it satisfies us for now, but we still intend to pick up the further issues at a later time.

[P5P posting of this summary]

I started using DEV at the suggestion of Perl Weekly, and I was quite pleased with it - until I discovered that links to dev.to are effectively "shadowbanned" on several major platforms (Reddit, Hacker News, etc.). Posts containing DEV URLs would simply not be shown to users, making it impossible to share content effectively.

To work around this, I thought I would need a way to publish my DEV articles on my own domain so I could freely share them. There are some DEV tutorials out there that explain how to consume the API using frontend frameworks like React, however I don't enjoy frontend at all and I did not want to spend much time on that.

My solution was to get a simple Perl script that builds static versions of the articles, along with an index page. A Perl 5 script will run anywhere, including an old shared linux hosting account I still keep on IONOS, and I really like the speed of static sites.

Now that we have set up our mbtiny configuration in the previous post, we can actually use it.

Minting a new distribution

Minting a distribution is trivial once you’ve completed the setup. It’s typically just a matter of calling mbtiny mint Foo::Bar. If needed you can override the global configuration at minting time (e.g.  mbtiny mint Foo::Bar --license BSD).

Converting an existing distribution

You can also convert an existing distribution to App::ModuleBuildTiny. In most cases that requires just two things:

Playing with AWS S3 using LocalStack platform.
Please check out the link below for more information.
https://theweeklychallenge.org/blog/localstack-aws-s3

Years ago I wrote about a concise fork idiom. It turns out that it’s possible to do better than everything I discussed in that entry as well as the proposals in the comments.

I didn’t at the time appreciate a clever aspect of variable scoping in Perl:

use strict;
sub get_answer { 0 }
if ( my $answer = get_answer ) {
    ...;
} else {
    print $answer;
}

All three of us attended, but none of us had the time for significant discussion, so we decided to reclaim the time and make some progress on our various to-do list items.

[P5P posting of this summary]

(apologies for "promoting"(?) Perl obfuscation...)

Today I won a gift card at an in-office meeting with the following code. Challenge: print the numbers 1-100 in the most incomprehensible, inefficient way. My entry, edited for brevity:

#!/usr/bin/env perl
use v5.16;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
# plus 95 more of this
say join $/, @_;

Thinking about it more this evening, I came up with

$SIG {__DIE__} = sub { $_ = (pop)+0; chomp; $_%6?say:exit};
{ select undef,undef,undef,1; eval { die time-$^T }; redo; }

(where 6 instead of 101 so I don't have to wait 100 seconds (and to be honest I'm not sure if there'll be rounding errors)).

Wonder if any obfuscators could come up with better (the less inefficient, incomprehensible the better).

Re-creating CVE-2024-56406 using docker container with affected Perl versions.
Please check out the link below for more information.
https://theweeklychallenge.org/blog/cve-2024-56406

I wrote very elliptically about this warning and received some helpful comments with the standard advice about how to proceed when encountering it. Except unfortunately that advice will be of no use when you encounter this warning.

Namely I should have been less cute about it and made it clear that I was specifically talking about a warning about a wide character “in substitution”. How can a s/// even possibly trigger a wide character warning, you ask? Beats me, to be entirely honest, even now, but: if you have a use locale somewhere, it turns out that it can. Because defeating that is what fixed the warning I was getting:

We were all present.

• CVE-2024-56406 is published and has been addressed by new point releases. Please upgrade or patch your perl promptly if affected. We thank Steve Hay, Andreas König and Stig Palmquist for doing the heavy lifting, as well as Nathan Mills for discovering the problem, and Karl Williams for providing the fix. We re-/learned a number of old and new lessons about the handling of security issues, which we will write up as new process for the PSC, the Perl Security Team, and the CPANSec group, to be jointly reviewed and agreed at the looming PTS.

• We started winnowing this release cycle’s pull requests for potential release blockers. We briefly reviewed all 72 pull requests and identified 11 of interest for a closer look.

• We reviewed the 2 new issues filed since last week for release blocker potential and put one of them on our list for closer review. We then started a closer examination of the 20 issues we identified as candidate blockers. We got through 5 issues, none of which we considered blockers.

[P5P posting of this summary]