This week in PSC (140) | 2024-03-14

This week, we discussed:

  • Further look down open bugs to tag some as being release-blocker
  • Do we want to revert PR21915? - discussed in its own email thread
  • Thought of a couple of issues to discuss with the wider group at the upcoming PTS
    • How to handle “important author is AWOL” for upstream CPAN issues
    • How to not break CPAN tests when adding new warnings to core

Perl Weekly Challenge 277: Count Common

These are some answers to the Week 277, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on July 14, 2024, known in France as Bastille Day, at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Count Common

You are given two arrays of strings, @words1 and @words2.

Write a script to return the count of words that appears in both arrays exactly once.

Example 1

Input: @words1 = ("Perl", "is", "my", "friend")
       @words2 = ("Perl", "and", "Raku", "are", "friend")
Output: 2

The words "Perl" and "friend" appear once in each array.

Example 2

Vulnerable Perl Spreadsheet Parsing modules

A longer version of this post, including the full timeline as we know it, is available at security.metacpan.org

Between Dec 2023 and Jan 2024, vulnerabilities in Spreadsheet::ParseExcel and Spreadsheet::ParseXLSX were reported to the CPAN Security Group (CPANSec).  This document describes the timeline and analysis of events.

CVE-2023-7101: Spreadsheet::ParseExcel arbitrary code execution vulnerability

Đình Hải Lê discovered an arbitrary code execution (ACE) vulnerability in the Perl module Spreadsheet::ParseExcel, version 0.65 and earlier.

An attacker, exploiting this vulnerability, would craft an Excel file containing malicious code encoded as a number format string, which is executed when the file is parsed by Spreadsheet::ParseExcel.  Basically, untrusted data is passed to the Perl eval function enabling arbitrary code execution. A detailed write up of the vulnerability and Proof of Concept (PoC) is available at https://github.com/haile01/perl_spreadsheet_excel_rce_poc

Announcing the Perl Toolchain Summit in 2024!

After three years of not organising and one successful PTS in Lyon last year, we might have become a bit complacent and forgotten how taxing organizing an event is... After a very slow preparation, we are very pleased to announce the fourteenth edition of the Perl Toolchain Summit!

In 2024, we will be meeting in Lisbon, Portugal, from Wednesday April 25 to Sunday April 28. As has become customary, participants will stay at the hotel, and work in the meeting rooms dedicated for the event.

This week in PSC (139) | 2024-03-07

Just Paul and Philippe this week:

  • Paul volunteers to do the 5.39.9 release. We still need people for .10 and 5.40. The .10 release will be timed around PTS - so maybe we could do something “live” at the summit?
  • Mailing list was otherwise quiet so there weren’t many issues to discuss.

In absence of many other pressing issues, we spent some time thinking ahead to large-scale development work that might take place in the 5.41 series. We talked about “hooks” as a potential long-term thought to making a more powerful Magic-like structure, for implementing new features, attributes, etc..

Perl Weekly Challenge 255: Most Frequent Word

These are some answers to the Week 255, Task 2, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on February 11, 2024, at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 2: Most Frequent Word

You are given a paragraph $p and a banned word $w.

Write a script to return the most frequent word that is not banned.

Example 1

Input: $p = "Joe hit a ball, the hit ball flew far after it was hit."
       $w = "hit"
Output: "ball"

The banned word "hit" occurs 3 times.
The other word "ball" occurs 2 times.

Example 2

FOSDEM 2024 TPRF Community Dinner

Get ready for a night of code, community, and culinary delights at the TPRF Sponsored Dinner during FOSDEM! 🍽️✨ Join us on Saturday, February 3rd, for a three-course feast and vibrant conversations.

📅 When: Saturday February 3rd, evening

📍 Where: Bruxelles

🎉 What's Cooking: An unforgettable evening filled with tech talks, networking, and delicious bites!

🤩 How to Join:
RSVP now by filling in this form below and secure your spot! Let's make this dinner a celebration of code and camaraderie.

Google Forms

February 08, 2024 @ 6pm CT ~ Houston Perl Mongers Zoom Meeting

February 08, 6pm CT ~ Houston Perl Mongers Zoom Meeting 🔗 Thu Jan 25 2024
Title: Using Perl Prototypes

When: Thur February 8th at 6:00-8:00 PM CT (+6 UTC)

Where: (virtual, see below):

https://us02web.zoom.us/j/920069702
Meeting ID: 920 069 702
Password can be found by running this statement.
perl -e 'print +(0b1000100).((3<<2)*10).(010)."\n"' # 681208
Original post:
https://houstonperlmongers.org/posts/3a99ac5b-f9f9-4409-a38c-e9ef91d972c8

This week in PSC (138) | 2024-02-28

Back to the usual three of us

  • Further chats on allowing a subsequent use VERSION of the same value as is already prevailing

  • We continued going through the bug list to tag release blockers

Perl Weekly Challenge 254: Three Power

These are some answers to the Week 254, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on February 4, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Three Power

You are given a positive integer, $n.

Write a script to return true if the given integer is a power of three otherwise return false.

Example 1

Input: $n = 27
Output: true

27 = 3 ^ 3

Example 2

My 2023 in Perl

2023 was a rather productive year for me on CPAN. Aided by taking some time off I managed to release a whopping 18 new modules.

Passwords

Half of my new modules were related to my password framework Crypt::Passphrase. To be honest most of them are either small (± 100 LOC) glue two or three other pieces of code together. And then there was Crypt::HSM, a PKCS11 interface (to use cryptographic hardware without exposing cryptographic keys) that was probably more work (2600 LOC of XS) than the others combined.

Most of this was with the aim to add peppering support to Crypt::Passphrase, a subject extensive enough that I should probably dedicate a separate blogpost to it.

Live streaming the release of Perl 5.39.7

I missed last year but in 2024 I'm doing a dev release of Perl again. This time it is version 5.39.7.
And again, you can watch it live on Saturday 20th of January on Twitch.

This week in PSC (136) | 2024-02-15

  • working out a timeline of what should go in to 5.39.8, 5.39.9, and what to defer to 5.41
  • draft tests+docs received from Martijn Lievaart (“M4”) for a logical xor (^^) operator
  • the responses saying no to adding Data::Printer in core that it doesn’t seem like it would be popular
  • some potential new sprintf format templates:
    • a float template that produces the shortest string that represents the exact float (similar to what Math::Ryu does),
    • a %q to access B::perlstring/quotemeta or something similar
  • the realisation that, some months ago, Mark Gardner had volunteered to work on the SSL-in-core project, and we haven’t heard from them since.

Perl Weekly Challenge 276: Maximum Frequency

These are some answers to the Week 276, Task 2, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on July 7, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 2: Maximum Frequency

You are given an array of positive integers, @ints.

Write a script to return the total number of elements in the given array which have the highest frequency.

Example 1

Input: @ints = (1, 2, 2, 4, 1, 5)
Ouput: 4

The maximum frequency is 2.
The elements 1 and 2 has the maximum frequency.

Example 2

Never matching: everybody is doing it wrong

Well, not actually wrong, just slow. But the exaggeration makes a punchier headline, you’ll admit.

This comes up when an interface takes a pattern to match things against. Sometimes you have some reason to want this match to always fail, so you want to pass a pattern which will never match. The customary way of doing this is to pass qr/(?!)/. There is a problem with that, though.

I’m not talking here about the fact that if possible, you really don’t want to pass an actual qr object. We’ve already covered that. It was a surprising enough discovery that I’ll take this opportunity to signal-boost that while we’re here, but this article is not about that.

Geizhals Preisvergleich unterstützt den Deutschen Perl/Raku-Workshop

We are happy to announce that Geizhals Preisvergleich supports the German Perl Workshop in 2024!

Step Counter (Advent of Code 2023/21)

The Task

We’re given a grid with obstacles, we’re supposed to count all the reachable plots in the grid in a given number of steps (we can only move one plot at a time horizontally or vertically).

The sample input looks like this:

...........
.....###.#.
.###.##..#.
..#.#...#..
....#.#....
.##..S####.
.##..#...#.
.......##..
.##.#.####.
.##..##.##.
...........

where S is the starting position.

Perl Weekly Challenge 276: Complete Day

These are some answers to the Week 276, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on July 7, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Complete Day

You are given an array of integers, @hours.

Write a script to return the number of pairs that forms a complete day.

A complete day is defined as a time duration that is an exact multiple of 24 hours.

Example 1

Input: @hours = (12, 12, 30, 24, 24)
Output: 2

Pair 1: (12, 12)
Pair 2: (24, 24)

Example 2

This week in PSC (135) | 2024-02-08

This week, the three of us:

  • noted that use VERSION restrictions have had mostly positive responses
  • thought that Data::Printer can’t go in core as-is, but there’s a use case for a debugging helper, some of which might be hidden in D:P’s core
  • discussed adding a builtin::numify function (and the corresponding OP in core)
  • quickly reviewed the PPCs currently being implemented:
    • we should ping the implementors of PPC0014 (English names) and PPC0021 (optional chaining)
    • PPC0022 (meta) has an implementation on CPAN
    • PPC0019 (qt strings) implementation is in progress, but unlikely to be done by 5.40
    • PPC0013 (overload in join) is currently stalled

Perl & Raku Conference 2024 to Host a Science Track!

I am very pleased to announce that the 2024 Perl & Raku Conference Planning Committee (TPRC) is moving forward with the addition of a new track that targets academic, governmental, and industrial STEM applications. It will strive to be organized as a traditional science conference track; meaning the talks will be based on paper and poster submissions. (more on this in a future announcement!)

The decision by the TPRC Planning Committee is the result of an overwhelmingly positive response to the Science Track Survey that was held late in 2023. Everyone involved in organizing the survey deeply appreciates those who filled out the survey or shared it with others.

The track is being organized in tight cooperation with the TPRC, by the Science Perl Committee (SPC); a separately organized group of Perl and STEM enthusiasts that anyone of good will is welcome to join.

What to expect now: ...

About blogs.perl.org

blogs.perl.org is a common blogging platform for the Perl community. Written in Perl with a graphic design donated by Six Apart, Ltd.