https://github.com/plack/Plack/pull/442
https://github.com/plack/Plack/blob/master/dist.ini
pack/unpack
is a bit verbose for my tastes, so I would rather use the byteorder
information from the Config module.
use Config;
my $is_little_endian = $Config{byteorder} eq '12345678';
]]>
This is more a problem with copy-paste style coding and bad testing of MITM attacks.
]]>
Our Wall would not accept such code.
The same thing would have happened if braces were used like this:
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
{ goto fail; }
{ goto fail; }
Only if the braces were on a different line would we either have gotten a
detectable merge conflict, or a second goto operation that did no harm:
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) {
goto fail;
goto fail;
}
But the thesis of this blog post missed something even more important about this security flaw: WHERE WERE THE TESTS? If there was a unit test covering this function, it would have been immediately obvious that the outcome was not the same as the intention, by way of a test failing as soon as the developer ran the tests himself or an integration server ran the tests.
Maybe you could write a blog post about your experiences with Devel::Cover, and how it's helped you? Doesn't have to be long — it's good to hear a range of perspectives and experiences.
]]>If you, as a user, need to install a git snapshot of a project hosted
at GitHub, you can use https://undzilit4.me/ for that and you don't
need to bother about all the plugins. It's not equivalent to "git
clone", but you get what you want.
btw, when packaging .deb files, Debian tools expect tarballs too. And if you try to build .deb from git clone, debian workflow looks broken.
Yes, that was annoying for those who author Perl modules with
Dist::Zilla which are primarily shipped as .deb, e.g. in corporate
environments.
But there's a solution for that now: dh-dist-zilla, a debhelper plugin
which allows you to build a .deb from Dist::Zilla based distribution
without having Makefile.PL or Build.PL -- they will be generated
because "dzil build" is run to generate the Makefile.PL later used by
dh_auto_configure and friends.
See https://github.com/elmar/dh-dist-zilla and
https://packages.debian.org/dh-dist-zilla
Dist::Zilla::App::Command::cover
]]>