Neil Bowers

• Website: neilb.org/reviews
• About: Perl hacker since 1992.

Recent Actions

• Commented on New feature: HTTPS support
  Thanks for doing this Aristotle!...
• Commented on Addressing CPAN vulnerabilities related to checksums
  If the mirror is trustworthy and so is the connection to it, does verification of the PAUSE-signed CHECKSUMS serve any remaining purpose? Marginal benefit, I'd say. It's an additional check that you're getting the expected file. I've heard anecdotally that...
• Commented on Addressing CPAN vulnerabilities related to checksums
  Thanks Jim - now fixed....
• Posted Addressing CPAN vulnerabilities related to checksums to NeilB

  This blog post addresses checksum and signature verification vulnerabilities affecting CPAN, the cpan client, and the cpanm client, which were published in a security advisory on 23rd November 2021. If you're not…

• Commented on Making Taint support optional in Perl
  Hi darthed, Can you give a bit more details on how you use taint please? Very few people have said "yeah, I love taint, please keep it", so it would be helpful to hear more details. Thanks!...
• Posted Making Taint support optional in Perl to NeilB

  One of the changes to Perl that we're considering on p5p (the perl5-porters mailing list) is the removal of taint support. The first step towards that is to add a Configure option that lets you build a Perl without taint support.

• Posted Open Letter to the Perl Foundation Board to NeilB

  Dear TPF Board members,

  We want to express our disappointment with the recent transparency reports and associated actions from the Community Affairs Team (CAT).

  On Monday 19th March, a first Transpa…

• Posted Kent Fredric's CPAN distributions are available for adoption to NeilB

  As most of you are probably aware, notice from his family, on Facebook.

  Kent was a prolific contributor to CPAN and Perl. He released more than 150 distributions of…

• Posted Opt-in your CPAN repos for Hacktoberfest to NeilB

  If you haven't heard, Hacktoberfest has now become opt-in, to reduce the number of spammy, or pointless, pull requests that people were doing, to get the t-shirt.…

• Posted Gisle Aas's CPAN distributions are available for adoption to NeilB

  Gisle Aas (GAAS on CPAN) is a well-known CPAN author, who made his first releases back in 1995. Over the years he has developed and maintained a number of keystone modules that most of us have relied on, whether we realised it or not. Gisle has…

• Commented on Keyhole surgery 100% successful
  Great news -- happy to hear it all went well. I hope your recovery continues apace!...
• Posted PTS 2020 Cancelled to NeilB

  The Perl Toolchain Summit (PTS) won't be happening this year. It had been planned for Vienna, so we're hoping that PTS 2021 will be held in Vienna.

  We had wondered about delaying it, or seeing whether there's interest in a virtual PTS, but right now we all have much more important things t…

• Commented on Monthly Report - November
  I'm happy to hear you're getting more sleep! It was your talk about the work you put into running the Perl weekly challenge that shocked me into sending you that book....
• Posted Fastmail and Perl: an interview with Ricardo Signes to NeilB

  Ricardo (Rik) Signes is a member of the Perl community who has helped the programming language move forward as far as features, stability, and popularity. Previously, he was Perl’s Pumpking (manager of the core Perl 5 language), during which time he oversaw 5 major releases. Currently, he is a…

• Commented on Is Perl 6 Being Renamed?
  I think "Perl++" is a really bad idea: poor differentiation between "Perl" and "Perl++" from an SEO/TIOBE/Google perspective, and people will just end up writing Perl/Perl++, lumping them together in a way that the renaming of Perl6 is trying to...
• Commented on I want to display NA instead of UNKKONW in CPAN Testers
  Is this because your module doesn't work on a particular OS? If so, use Devel::AssertOS. If your module doesn't work on older versions of Perl, put "use 5.010;" or similar in your module. Both of these result in your module...
• Posted PAUSE Projects at PTS 2019 to NeilB

  Every year at the Perl Toolchain Summit (PTS), there is some work done on PAUSE, but 2019 was a vintage year. In this blog post we'll remind you exactly what PAUSE is and does, and then take you through the major bits of PAUSE work done.

  ="float:righ…

• Posted MaxMind is sponsoring the Perl Toolchain Summit to NeilB

  The Perl Toolchain Summit (PTS) is happening this week in Marlow, on the banks of the River Thames, in the UK. Most of the attendees will gather on Wednesday evening, with the real business kicking off at 9am on Thursday morning. For the next four days 32 Perl developers will be working…

• Commented on Perl Toolchain Summit: People & Projects
  Tim Bunce has attended before, and was invited again this year, so he could work on DBI and Devel::NYTProf, but couldn't make it. Two of the main maintainers for LWP and friends are invited every year. We'll be having a...
• Posted Perl Toolchain Summit: People & Projects to NeilB

  The Perl Toolchain Summit (PTS) is taking place later this month in Marlow, in the UK, as previously announced. This event brings together…

• Commented on Announcing the Perl Toolchain Summit 2019
  Thanks Mohammad!...
• Commented on Announcing the Perl Toolchain Summit 2019
  Hi Kimoto-san, As a minimum, everyone attending will already have a backlog of bugs and known issues to work on. Having a 4-day block gives people time to get to the gnarly issues that can't be knocked off in a...
• Posted Announcing the Perl Toolchain Summit 2019 to NeilB

  This year's Perl Toolchain Summit (PTS) is being held in the UK, in the historic town of Marlow, which is about 30 miles west of London.

  ="Marlow Bridge and All Saints Church…

• Posted COED:ETHICS 2018 to NeilB

  A group of Perl companies are sponsoring the COED:ETHICS conference, a one-day conference on ethics for developers and technologists, which is in London on July 13th.

• Posted PAUSE Privacy Policy to NeilB

  Today is GDPR Day, and to celebrate that, the PAUSE admins have added a Privacy Policy to PAUSE. This tells you:

  • what personal data is processed by PAUSE;
  • what PAUSE does with that data;
  • ho…
• Posted The Great London Perl Bake Off to NeilB

  You may not have noticed, but the London Perl Workshop is happening later this month (Saturday 25th November). It's a free-to-attend community event: organised by members of the community, for the community, and made possible by sponsorship from companies…

• Posted Introducing the PAUSE Operating Model to NeilB

  At the Toolchain Summit this year, one of the discussion sessions was to reflect on how the DBIx::Class ownership conflict was…

• Posted Ask not what CPAN can do for you to NeilB

  If you're still not sure what to do on you could help me with one of my trickle projects: help us get META.yml and META.json files added to CPAN distributions that currently have neither.

  …
• Commented on CPAN Day is 16th August
  Isn't every day like that Dean? But right you are. And tweet a picture, with hashtag #cpanday...
• Posted CPAN Day is 16th August to NeilB

  CPAN Day marks the date of the first recorded upload to CPAN: Andreas König uploaded Symdump 1.20 (it's since been renamed Devel::Symdump).

  On CPAN Day this…

Comment Threads

• Ovid commented on Is Perl 6 Being Renamed?

  Shenanigans: thanks, fixed! :)

• Aaron Priven commented on Is Perl 6 Being Renamed?

  In general, I think the "rename Perl 6 to Raku / rename perl 5 as perl 7" is a good solution, but I would suggest that the Perl 5 -> Perl 7 bump should happen only when there is at least something notable to include in it that would otherwise justfy the change. (Native OO system, non-experimental signatures with named parameters, something like that.)

  I mean, the big user-visible improvement in Perl 5.30 was "The upper limit 'n' specifiable in a regular expression quantifier of the form '{m,n}' has been doubled to 65534", which was pretty underwhelming. And so far, the most notable …

• philip r brenan commented on Making Taint support optional in Perl

  Likewise we use taint in web applications whose code does not show up on CPAN. If taint were removed in later releases of Perl that would deny us an upgrade path to those releases. If you wish to remove taint please provide a feature guard so that the removal has to be explicitly requested. Thanks!

• nhorne commented on Addressing CPAN vulnerabilities related to checksums

  I have a local mirror which downloads from https://cpan.org, so it's trusted. I then mount the mirror using NFS, so the entry in MyConfig.pm for urllist starts with "file://foo/bar". Even though I know it's trusted I still get:

  Warning: checksum file '/mnt/CPAN/authors/id/G/GB/GBARR/CHECKSUMS' not conforming.
  
  The cksum does not contain the key 'cpan_path' for 'CPAN-DistnameInfo-0.12.tar.gz'.
  Proceed nonetheless? [no]

  How can I handle this scenario?

• 6031796 commented on CPAN Testers needs our help

  In the time since this article was posted the EPO has closed its doors so potential sponsors should no longer be directed there.

  Also, the sponsors page at http://iheart.cpantesters.org/ is showing an error and has been for many months, likely because it too depends on the now-gone EPO site. I've raised this problem elsewhere previously but perhaps you could also have a word?