Returning from the 27th installment of the German Perl or Perl/Raku Workshop, this time in Munich, I'd like to share some impressions.

Re-creating CVE-2024-56406 using docker container with affected Perl versions.
Please check out the link below for more information.
https://theweeklychallenge.org/blog/cve-2024-56406

A week ago I attended the 2025 PTS. For me it was a different PTS than the previous ones.

Firstly because it was my first PTS without Abe Timmerman. He was a regular in both the PTS (as maintainer of Test::Smoke), and of the Amsterdam Perl Mongers. In fact the last time I saw him was on our flight back to Amsterdam after the PTS in Lisbon last year. He was greatly missed.

Secondly, because of a question that Book asked at the very beginning of the PTS: how often we had been to the PTS before. I was one of the few who had attended more than 10 of them. Combined with the fact that several other regular attendees couldn't make it that meant that this PTS I spent more time than ever on helping others with various issues.

This is a hybrid (in-person and virtual) conference being held in Austin, TX on July 3rd-4th.

Did you miss your chance to speak or have wish to speak at the only available Perl Science Track (and get published in the Science Perl Journal)? Or maybe you just can't get enough Perl this summer??? Submit here ... or get more information on the PCC, including registration, special event registration, and donation links click here. For questions you may email us at science@perlcommunity.org or find us in the Perl Applications & Algorithms discord server.

The following lengths will be accepted for publication and presentation:

• Science Perl Track: Full length paper (10-36 pages, 50 minute speaker slot)
• Science Perl Track: Short paper (2-9 pages, 20 minute speaker slot)
• Science Perl Track: Extended Abstract (1 page, 5 minute lightning talk slot)
• Normal Perl Track (45 minute speaker slot, no paper required)

You may ask, where is the Winter SPJ or videos? We are working on them, promise! (it's a lot of work as some of you know. See also on Perlmonks and r/perlcommunity.

A Futility Closet post references a Perl "poem" over two decades old. I remember chuckling at it when it first appeared. Although it was published "anonymously", I'm pretty sure I know who wrote it. :)

Perl Toolchain Summit 2025, my first time, thanks to the organisers.
Here is my event report: https://theweeklychallenge.org/blog/pts-2025

This weekend I was once again privileged to attend the Perl Toolchain Summit (PTS). This year it was held in the lovely city of Leipzig.

The PTS continues to be my favourite technical event of the year. In part this is because I get to meet old friends and make new ones, but it's also because the summit really serves its purpose and I am able to make so much progress on the projects I have which belong in Perl's toolchain ecosystem.

PTS isn't a conference - it's a four-day working meeting. It brings together people working on toolchain projects to solve common problems and push the work forward. I did get a lot of work done, but that's not the main focus, for me anyway. I see it as a time to solve problems and plan the way forward, and for me PTS facilitates that in the most wonderful fashion.

Parenting aint easy. Certainly it is often something your kids teach you. Even worse, it often starts with ”<INSERT_KIDS_FRIENDS_NAME>’s dad lets him do <INSERT_CURRENTLY_PROHIBITED_ACTIVITY>”. In this constant battle to shape your offspring into a model citizen, with the values you value, and turning him/her into a self-sustaining organism, one applies tools that enhance particular features, remove the superfluous or the undesirable.

Here we go: Download me

All of us showed up for a long meeting of identifying release blockers. First we went over the issues and PRs submitted since last week, none of which turned out to be new potential blockers. Then we examined all of the issues and PRs of interest we had previously identified. We applied the “Release Blocker” label where necessary, left comments, and merged a few of the PRs. Out of 20 issues and 11 PRs on our list, we identified 5 issues and 1 PR as blockers, of which the PR and several of the issues all pertain to the same problem with retention of errors on filehandles across I/O operations. This issue needs an informed decision, which we did not have the time for in this meeting, but will pursue next.

Our next meeting will be in person at the PTS.

[P5P posting of this summary]

Yes, this is a Mandelbrot fractal with three heads. No cloning needed, just multiply z to the power of four and proceed as usual. Well all this and so much more contains the latest release of Juliagraph 0.7. Intro here. All I wrote about the Cellgraph and Harmonograph applies again, more features, better controls and ... you can cruise the fractal by mouse.

One of my pleasures in perl is learning the C language again. Something about the perl language makes it easier to write C, but while sharing the same space in my brain.

So how can I write a trivial program to write exactly one GB (2^30) of data to disk?

first in perl- (Of course you prototype in perl!)

But since my c program is cleaner, here’s the C program

Many thanx to Shawn Laffan for testing this version on Strawberry Perl.
I test it on my Debian machine first of course.
It took Shawn and myself a number of attempts to make all the test pass under the 2 types of OSes.

We were all present.

• CVE-2024-56406 is published and has been addressed by new point releases. Please upgrade or patch your perl promptly if affected. We thank Steve Hay, Andreas König and Stig Palmquist for doing the heavy lifting, as well as Nathan Mills for discovering the problem, and Karl Williams for providing the fix. We re-/learned a number of old and new lessons about the handling of security issues, which we will write up as new process for the PSC, the Perl Security Team, and the CPANSec group, to be jointly reviewed and agreed at the looming PTS.

• We started winnowing this release cycle’s pull requests for potential release blockers. We briefly reviewed all 72 pull requests and identified 11 of interest for a closer look.

• We reviewed the 2 new issues filed since last week for release blocker potential and put one of them on our list for closer review. We then started a closer examination of the 20 issues we identified as candidate blockers. We got through 5 issues, none of which we considered blockers.

[P5P posting of this summary]

With the Harmonograph you can create beautiful and individual images within a few clicks. It's painting by pendulum. I already gave here an introduction. So let me just explain what is new:

What's new?

• The BoolLike type constraint accepts boolean.pm booleans.
• Type::Params offers some improvements for DWIM named parameter processing.
• More shortcuts are provided for exporting parameterized versions of type constraints.

I started using DEV at the suggestion of Perl Weekly, and I was quite pleased with it - until I discovered that links to dev.to are effectively "shadowbanned" on several major platforms (Reddit, Hacker News, etc.). Posts containing DEV URLs would simply not be shown to users, making it impossible to share content effectively.

To work around this, I thought I would need a way to publish my DEV articles on my own domain so I could freely share them. There are some DEV tutorials out there that explain how to consume the API using frontend frameworks like React, however I don't enjoy frontend at all and I did not want to spend much time on that.

My solution was to get a simple Perl script that builds static versions of the articles, along with an index page. A Perl 5 script will run anywhere, including an old shared linux hosting account I still keep on IONOS, and I really like the speed of static sites.

Now that we have set up our mbtiny configuration in the previous post, we can actually use it.

Minting a new distribution

Minting a distribution is trivial once you’ve completed the setup. It’s typically just a matter of calling mbtiny mint Foo::Bar. If needed you can override the global configuration at minting time (e.g.  mbtiny mint Foo::Bar --license BSD).

Converting an existing distribution

You can also convert an existing distribution to App::ModuleBuildTiny. In most cases that requires just two things:

Years ago I wrote about a concise fork idiom. It turns out that it’s possible to do better than everything I discussed in that entry as well as the proposals in the comments.

I didn’t at the time appreciate a clever aspect of variable scoping in Perl:

use strict;
sub get_answer { 0 }
if ( my $answer = get_answer ) {
    ...;
} else {
    print $answer;
}

(apologies for "promoting"(?) Perl obfuscation...)

Today I won a gift card at an in-office meeting with the following code. Challenge: print the numbers 1-100 in the most incomprehensible, inefficient way. My entry, edited for brevity:

#!/usr/bin/env perl
use v5.16;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
splice @_, @_, -1, ++$_;
# plus 95 more of this
say join $/, @_;

Thinking about it more this evening, I came up with

$SIG {__DIE__} = sub { $_ = (pop)+0; chomp; $_%6?say:exit};
{ select undef,undef,undef,1; eval { die time-$^T }; redo; }

(where 6 instead of 101 so I don't have to wait 100 seconds (and to be honest I'm not sure if there'll be rounding errors)).

Wonder if any obfuscators could come up with better (the less inefficient, incomprehensible the better).