This extended meeting took place between the three of us in person over several days at the PTS 2025 in the beautiful city of Leipzig.

Re-creating CVE-2024-56406 using docker container with affected Perl versions.
Please check out the link below for more information.
https://theweeklychallenge.org/blog/cve-2024-56406

sub some_field : lvalue { state $value = 'some_default' }

(We know, of course, that “class data” is OOPese for “global variable”.)

Control. That’s what we all desire and very rarely acquire. The natural restlessness that occurs when you watch one of your offspring flicking from one movie title to the next, barely glancing at the summary before rejecting it, is one of the reasons I don’t like family movie night. My daughter’s grip on the remote is as strong as her decision making skills are weak; I struggle silently to hold back any outburst that would expose my failing parenting abilities once again. I have to distract myself with thoughts of the good old days when the TV had only 4 channels and Teletext was the closest thing to internet. Desiring such regression is now getting much of a habit for me. But we change what we can, accept what we can’t and trust, often foolishly, that those blessed with control do the best for all of us. Ah, look. Another teen fantasy horror romance movie. Thanks a heap, Netflix.

Herewith V 1.24

Cheers

Perl Toolchain Summit 2025, my first time, thanks to the organisers.
Here is my event report: https://theweeklychallenge.org/blog/pts-2025

All three of us attended. Other than administrivia we talked about formally documenting our supported platforms, and we intend to start a discussion on the mailing list about this soon. This is also a topic for the upcoming Perl Toolchain Summit.

[P5P posting of this summary]

In the last months of the previous century, I had to learn Perl to be able to teach it to professionals. It was my 28th language to use, but still took two years to understand deeply. As experienced assembler and C programmer, I was astound how much more of my ideas I could achieve with this new Swiss army knife in my hands. I fell in love with Perl.

Of course, the only way to learn a programming language well, is to use it for a larger project. So, I started to re-code the business shell scripts and websites to Perl. Part of it was sending automated emails to colleagues.

Your phase in life is probably different, but for my personal feeling it was not too long ago; for Internet's lifespan, the year 2000 is ancient history. The first spec for MIME headers in email were just 8 years old at the time, and many email features were still evolving.

Die Hochschule der Bayerischen Wirtschaft unterstützt den Perl Workshop 2025 in München.

Wir freuen uns über die Unterstützung durch die HDBW!

Von der bayerischen Wirtschaft, mit der bayerischen Wirtschaft, für die
bayerische Wirtschaft: Die Hochschule der Bayerischen Wirtschaft (HDBW) ist
eine private, staatlich anerkannte Hochschule für angewandte
Wissenschaften - mit Fokus auf Wirtschaft, Technik und Digitalisierung. An der 2012 gegründeten HDBW mit Sitz in
München-Riem studieren derzeit knapp 500 Studierende.

Couple of experimental features added to Map::Tube.
Please check out the link below for more information.
https://theweeklychallenge.org/blog/map-tube-experimental

This announcement comes a bit late in the year, but the preparations for the next Perl Toolchain Summit have been going on for several months now. Today I am proud to announce that the 15th Perl Toolchain Summit will be held in Leipzig, Germany, from Thursday May 1st till Sunday May 4th, 2025.

This post is brought to you by Deriv, a Gold Sponsor of the Perl Toolchain Summit 2024.

For 25 years, Deriv has been committed to making online trading accessible to anyone, anywhere. Trusted by over 2.5 million traders worldwide, the company offers an expansive range of trade types and boasts over 200 assets across popular markets on its award-winning, intuitive trading platforms. With a workforce of more than 1,400 people globally, Deriv has cultivated an environment that celebrates achievements, encourages professional growth, and fosters talent development which reflects in its Platinum accreditation by Investors in People.

Cellgraph 0.7 is out. (I introduced it here and there.) And I will tell you about the great new features in the next paragraph and how it helps you to play with logical structures and deepen your understanding of them. But first please let me mention the why!

Originally published at dev.to

In a previous blog post, I explored the modern way to write CGI scripts using frameworks like Mojolicious. But as pointed out in comments, despite the many benefits, there is one critical problem: when you actually need to deploy to a regular CGI server, where the scripts will be loaded each time and not persisted, frameworks designed for persistent applications add lots of overhead to each request.

CGI scripts have historically been written using the CGI module (or even more ancient libraries). But this module is bulky, crufty, and has serious design issues that led to it being removed from Perl core.

Find out all about CVE and how we deal with it in Perl.
Please checkout the post for more information:
https://theweeklychallenge.org/blog/cve-in-perl

The three of us attended.

• Preparations for the point release are now in full swing.
• In relation to that, we ran into infrastructure permissions discrepancies that have cropped up due to an absence of onboarding/offboarding procedures. We need to address both the immediate and long-term issues here.
• We started winnowing this release cycle’s issues for potential release blockers. Out of about 95 issues, we have so far reviewed half, of which we identified 8 of interest. Additionally there are 72 pull requests to review.

[P5P posting of this summary]

I just needed a few rows of UUIDs in a column of a spreadsheet, more for esthetics than anything else. uuidgen to the rescue.

At the time I didn't realize that uuidgen natively supports outputting multiple ids like so

uuidgen -C 8

The truly lazy path would have been to read the fine uuidgen manual.

Alas, supposing I needed to make multiple calls to uuidgen, I went with a Perl one-liner with a loop, as I couldn't recall the Bash loop syntax.

Here comes the laziness... I I didn't want to write something like this:

perl -e 'print `uuidgen` for @{[1..5]}';

I'm not so found of of perl's de-reference syntax these days, also that array reference/range was giving "the ick" as my kids would say. I needed something lazier, cleaner. I wondered if there were any default/exported arrays available to me that don't have too many elements to them.... Ah, I know!

Sie bieten, wir catchen!
nicsell ist ein Domain-Backorder-Dienst, auch Dropcatcher genannt, der es Ihnen ermöglicht, auf eine Vielzahl freiwerdender Domains zu bieten, die sich aktuell in der Löschungsphase befinden.
Schon ab einem geringen Startgebot von 10 € können Sie an unseren Auktionen teilnehmen und haben die Chance an Ihre Wunschdomain zu gelangen.
Übrigens: Zur Verstärkung unseres Teams in Osnabrück suchen wir engagierte Perl-Entwickler (m/w/d). Bei Interesse freuen wir uns auf Ihre Bewerbung!

Nicsell

This is a continuation of a series of articles about how to write XS libraries that are more convenient and foolproof for the Perl users, while not blocking them from using the actual C API.

If you spot anything wrong, or want to contribute suggestions, open an issue at the GitHub repo

Wrapping Transient Objects

One frequent and difficult problem you will encounter when writing XS wrappers around a C library is what to do when the C library exposes a struct which the user needs to see, but the lifespan of that struct is controlled by something other than the reference the user is holding onto.

We didn’t have a meeting last week. This week, everyone was here.

• We briefly talked about builtin. We think a numify function is quite necessary.
• We started reviewing release blockers for v5.42.

[P5P posting of this summary]

Handling of undef / false default values in Perl v5.38
Please checkout the post for more information:
https://theweeklychallenge.org/blog/subroutine-signatures