Changes in MooX::Role::Parameterized

What is it good for?

If you’ve never worked with MooX::Role::Parameterized or MooseX::Role::Parameterized, you might wonder what is a parameterized role at all?

Roles are used when you need to share behaviour among several classes that don’t have to be related by inheritance. Normally, a role just adds a bunch of methods to the class that consumes it (there’s more, you can for example specify which other methods the role expects to already exist).

A parameterized role makes it possible to provide parameters for the consumed role. This way, you can adjust the behaviour for each consuming class.

PSC #140 2024-03-14

This week, we discussed:

  • Further look down open bugs to tag some as being release-blocker
  • Do we want to revert PR21915? - discussed in its own email thread
  • Thought of a couple of issues to discuss with the wider group at the upcoming PTS
    • How to handle “important author is AWOL” for upstream CPAN issues
    • How to not break CPAN tests when adding new warnings to core

Reading sequences from FASTA format alignment by Bio::Perl

Show code for TL;DR:

Perl Weekly Challenge 258: Sum of Values

These are some answers to the Week 258, Task 2, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a couple of days from now (on March 3, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 2: Sum of Values

You are given an array of integers, @int and an integer $k.

Write a script to find the sum of values whose index binary representation has exactly $k number of 1-bit set.

Example 1

CFP: Science Track Papers Needed at The Perl & Raku Conference

CALL FOR PAPERS NOW OPEN!

  • Science Track at The Perl & Raku Conference
  • June 25 - 27, 2024 (talk dates)
  • Las Vegas, Nevada, USA

click here to submit your abstract

You may submit your Science Track abstracts here! Don't wait, do this today! Prior registration to the Perl Conference is not a condition for acceptance, however individuals with accepted papers and posters are expected to register for and attend the Conference in person*. You may register for the Perl & Raku Conference here. (Note: in the past, the Conference registration fee has been waived for speakers; it is expected that this will be the case again this year, but at this time there are no guarantees.)

  • let us know if this is impossible, exceptions may be considered in some extenuating circumstances

Deadlines:

  • Abstract submission deadline: April 05, 2024 (23:59:59 UTC)
  • Full paper deadline: May 15th, 2024 (23:59:59 UTC)

This Week in PSC (139)

Just Paul and Philippe this week:

  • Paul volunteers to do the 5.39.9 release. We still need people for .10 and 5.40. The .10 release will be timed around PTS - so maybe we could do something “live” at the summit?
  • Mailing list was otherwise quiet so there weren’t many issues to discuss.

In absence of many other pressing issues, we spent some time thinking ahead to large-scale development work that might take place in the 5.41 series. We talked about “hooks” as a potential long-term thought to making a more powerful Magic-like structure, for implementing new features, attributes, etc..

What makes YAPC::Japan unique

I attended YAPC::Hiroshima 2024 in Japan.

A few people asked me about the distinctions between YAPC::Japan and other Perl events worldwide, prompting me to write below. Before delving into the specifics, I must preface that my experience is primarily rooted in YAPC::Hiroshima 2024, the only YAPC::Japan event I attended. It's important to say that comparing Perl events across different regions isn't about establishing superiority or inferiority; organizing conferences requires considerable resources and effort irrespective of location. Each conference has its unique approach and metrics for success. The observations I offer are purely subjective and reflect my personal views.

Size

Perl Weekly Challenge 258: Count Even Digits Numbers

These are some answers to the Week 258, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on March 3, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Count Even Digits Number

You are given a array of positive integers, @ints.

Write a script to find out how many integers have even number of digits.

Example 1

Input: @ints = (10, 1, 111, 24, 1000)
Output: 3

There are 3 integers having even digits i.e. 10, 24 and 1000.

Example 2

Input: @ints = (111, 1, 11111)
Output: 0

Example 3

(repost) TPRC 2024 Call For Papers is now open!

If you have been following along with the efforts to add a Science Track to the TPRC, now is the time to seriously consider submitting a peer reviewed paper. The TPRC Call for Papers has opened with information on submitting to any of the 3 tracks. Note that the science papers are submitted to the Perl Community's Science Perl website, which is linked in the TPRC's announcement.

Repost from, https://news.perlfoundation.org/post/cfp2024

You can submit your talk Ideas at https://tprc.us/talks Talk submission deadline is April 5th, Midnight UTC. Talks must be given live and in-person. If you are looking for any talk ideas, try out the conference wiki.

New this year, we are accepting submissions for a peer reviewed Science track. Those talks should be submitted at https://science.perlcommunity.org/

Visit the TPRC 2024 website at https://tprc.us/ Follow us on Twitter: @PerlConferences Like us on Facebook: The Perl Foundation (@tpf.perl) Subscribe to the mailing list: https://tprc.us/subscribe

Any questions about the Science Track should be directed to "science at perlcommunity.org" or visit us at #science on irc.perl.org.

Looking forward to seeing all the submissions!

Cheers,

Brett Estrade (OODLER)

Chairman, Science Perl Committee

Using peppers with Crypt::Passphrase

Recalling Crypt::Passphrase

Crypt::Passphrase is a module for managing passwords. It allows you to separate policy and mechanism, meaning that the code that polices authorization doesn’t have to know anything about what algorithms are used behind the screen, and vice-versa; thus making for a cryptographically agile system.

It’s not only handling the technical details of password hashes for you but also it deals with a variety of schemes. It’s especially useful for transitioning between them.

A configuration might look like this (Koha):

YAPC::Hiroshimaの参加記録 | I attended YAPC::Hiroshima in Japan

日本のYAPCに参加したのは18年ぶり2度目。

イベント参加者として

  • 世界一成功しているYAPCであるYAPC::Japanの運営を見習うためにボランティアで参加させてもらった。一般参加者の切符を買いますと言ったのだが、主催のkobakenさんに固辞された。神のようなお方
  • YAPCという名前はやはり良い

ボランティアとして

  • 朝7:30に集合だった。早めの行動をしようと7:25に着いたらほとんどのスタッフがすでに到着していた。アメリカではありえない
  • メインは部屋の進行係。さらに登壇者向けの受付という重大な任務もまかされて光栄です

TPFの人間として

  • 運営の方がTPFへの寄付を繰り返し呼びかけてくれて、さらに受付でも寄付コーナーを設置してくれてお礼の申しようもない https://blog.yapcjapan.org/entry/2024/02/10/100000
  • もちろん、寄付をしてくださった方にも本当に感謝している

トークについて

  • ボランティアをしていたのでほとんど聞いていない。あとで録画を見る
  • 広島のYAPCのキーノートを誰にしてもらうかという疑問に対して、とほほさんというパーフェクトな答えを出した運営チームは偉すぎる
  • 私がこのコミュニティに入る前から登壇していてまぶしい存在だったcharsbarさんとtakesakoさんのトークをまた見られてありがたかった。かるぱねるらさんが同じようなことを書いている。https://x.com/karupanerura/status/1756575196369260893
  • ずっと前から有名人という点ではmalaさんのトークが聞けてよかった。タイムリーでYAPCにぴったりな内容。弾さんのトークは聞き逃した
  • もちろん新しい登壇者が半分以上で、それもいいこと
  • YAYAPCはYAPC以上に良かった。録画とSNS公開が禁止のトークは実に面白い
  • 私のトークは過去に20分でやったものを5分に圧縮した。ボーナススライドは時間が余れば見せようかと思っていたところまったく無理だった。内容は「日本発のPerlのスローガンを提案する」だった

アメリカのカンファレンス主催側の者として

  • 日本のYAPCが米国のYAPC(最近はTPRCという)より規模が大きいのは、人口が世界一の都市である東京で開催するからだというのがかつての通説だった。その後YAPC::Japanチームは東京から飛び出して他の都市でも世界一大きいなYAPCができるのだということを証明した
  • YAPC::Japanがなぜこれだけ人が集められるかというというのは別記事で長い考察が必要だが、毎年来る人でも10年に一度しか来ない人でも初参加者でも楽しめるイベントであるのは事実
  • スケジュール通りにトークが進行するのは素晴らしい。あれは、参加者が開始前に着席していないと無理。日本人がどうやって5分の休憩時間で遅れなく部屋を移動するのかは謎
  • YAPC::Hiroshimaの広報は優秀
  • YAYAPCでkobakenさんが少しだけ言っていたように、自分は客だという気持ちの入場者がいるのは残念。チケットの売り上げでは全然赤字なのがYAPCなので、一般入場者はお客様ではないのです(これは私の意見)

まとめ

  • 家から広島の会場まで最短でも24時間かかるので移動は大変だったがその価値はあった
  • また来たい

Vulnerable Perl Spreadsheet Parsing modules

A longer version of this post, including the full timeline as we know it, is available at security.metacpan.org

Between Dec 2023 and Jan 2024, vulnerabilities in Spreadsheet::ParseExcel and Spreadsheet::ParseXLSX were reported to the CPAN Security Group (CPANSec).  This document describes the timeline and analysis of events.

CVE-2023-7101: Spreadsheet::ParseExcel arbitrary code execution vulnerability

Đình Hải Lê discovered an arbitrary code execution (ACE) vulnerability in the Perl module Spreadsheet::ParseExcel, version 0.65 and earlier.

An attacker, exploiting this vulnerability, would craft an Excel file containing malicious code encoded as a number format string, which is executed when the file is parsed by Spreadsheet::ParseExcel.  Basically, untrusted data is passed to the Perl eval function enabling arbitrary code execution. A detailed write up of the vulnerability and Proof of Concept (PoC) is available at https://github.com/haile01/perl_spreadsheet_excel_rce_poc

Announcing the Perl Toolchain Summit in 2024!

After three years of not organising and one successful PTS in Lyon last year, we might have become a bit complacent and forgotten how taxing organizing an event is... After a very slow preparation, we are very pleased to announce the fourteenth edition of the Perl Toolchain Summit!

In 2024, we will be meeting in Lisbon, Portugal, from Wednesday April 25 to Sunday April 28. As has become customary, participants will stay at the hotel, and work in the meeting rooms dedicated for the event.

FOSDEM 2024 TPRF Community Dinner

Get ready for a night of code, community, and culinary delights at the TPRF Sponsored Dinner during FOSDEM! 🍽️✨ Join us on Saturday, February 3rd, for a three-course feast and vibrant conversations.

📅 When: Saturday February 3rd, evening

📍 Where: Bruxelles

🎉 What's Cooking: An unforgettable evening filled with tech talks, networking, and delicious bites!

🤩 How to Join:
RSVP now by filling in this form below and secure your spot! Let's make this dinner a celebration of code and camaraderie.

Google Forms

My 2023 in Perl

2023 was a rather productive year for me on CPAN. Aided by taking some time off I managed to release a whopping 18 new modules.

Passwords

Half of my new modules were related to my password framework Crypt::Passphrase. To be honest most of them are either small (± 100 LOC) glue two or three other pieces of code together. And then there was Crypt::HSM, a PKCS11 interface (to use cryptographic hardware without exposing cryptographic keys) that was probably more work (2600 LOC of XS) than the others combined.

Most of this was with the aim to add peppering support to Crypt::Passphrase, a subject extensive enough that I should probably dedicate a separate blogpost to it.

Live streaming the release of Perl 5.39.7

I missed last year but in 2024 I'm doing a dev release of Perl again. This time it is version 5.39.7.
And again, you can watch it live on Saturday 20th of January on Twitch.

Never matching: everybody is doing it wrong

Well, not actually wrong, just slow. But the exaggeration makes a punchier headline, you’ll admit.

This comes up when an interface takes a pattern to match things against. Sometimes you have some reason to want this match to always fail, so you want to pass a pattern which will never match. The customary way of doing this is to pass qr/(?!)/. There is a problem with that, though.

I’m not talking here about the fact that if possible, you really don’t want to pass an actual qr object. We’ve already covered that. It was a surprising enough discovery that I’ll take this opportunity to signal-boost that while we’re here, but this article is not about that.

Step Counter (Advent of Code 2023/21)

The Task

We’re given a grid with obstacles, we’re supposed to count all the reachable plots in the grid in a given number of steps (we can only move one plot at a time horizontally or vertically).

The sample input looks like this:

...........
.....###.#.
.###.##..#.
..#.#...#..
....#.#....
.##..S####.
.##..#...#.
.......##..
.##.#.####.
.##..##.##.
...........

where S is the starting position.

Migrating from DBD::mysql to DBD::MariaDB

DBD::mysql has long provided the interface to connect to the MySQL database from Perl code. But as old as it is, it was implemented with some critical bugs that cannot simply be corrected without breaking mountains of existing code relying on those bugs. For this same reason, though DBD::MariaDB corrects these bugs, care must be taken when migrating existing code to avoid subtle breakage.

This blog post is far too short to explain Unicode and encodings like UTF-8; for anyone seeking a more solid grasp on the concepts, I recommend a read through The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!) by Joel Spolsky.

Cosmoshop unterstützt den Deutschen Perl/Raku-Workshop

We are happy to announce that CosmoShop supports the German Perl/Raku-Workshop.

CosmoShop is the largest pure Perl based shop system.

Since 1997, we have been implementing sophisticated and individual eCommerce projects in the B2B sector with our specially developed store software. We are the central point of contact for the entire spectrum.

About blogs.perl.org

blogs.perl.org is a common blogging platform for the Perl community. Written in Perl with a graphic design donated by Six Apart, Ltd.