Learning GitHub Actions for Map::Tube.
Please checkout the post for more information.
https://theweeklychallenge.org/blog/github-actions

Just Graham and Philippe this time.

• We talked a bit about PPC 0025 (Perl version), but didn’t say anything new
• Regarding PPC 0030 (new operators) vs PPC 0031 (flags on operators), we continue to think that flags on operators bring more confusion than value (PSC #168). Perl is an operator-rich language, so adding new operators when needed sounds right.
• As for the discussion on implicit stringification of references, we think that adding more runtime effects to strict doesn’t really fit. The issue would likely be better addressed with a new warning (and is very similar to the uninitialized warning when dealing with undef).

[P5P posting of this summary]

Intro

There are several competing philosophies for wrapping external C libraries. One is that the XS module should hide all the details of the library and provide a clean “Perlish interface”. The opposite extreme is that the external C functions should be exposed to Perl using an extremely minimal XS layer, or the Foreign Function Interface (FFI) and all the logic for working with the library should be written in Perl.

I advocate something in the middle. I think that a good interface should expose as much of the low-level as possible (to make the most usage of that library possible by other Perl modules) while “padding the sharp edges” so that it is difficult for Perl-side usage to crash the program. Higher level features can be provided in addition to the low level API via XS, Perl modules, or both.

Adding a SECURITY or SECURITY.md file to your Perl distributions will let people know:

1. How to contact the maintainers if they find a security issue with your software
2. What software will be supported for security issues

The contact point is very important for modules that have been around for a long time and have had several authors over the years. When there is a long list of maintainers, it's not clear who to contact.

You don't want people reporting security vulnerabilities in public on the RT or GitHub issues for your project, nor do you want a post on IRC, Reddit or social media about it.

If your software is on GitHub, you can set up private vulnerability reporting. GitLab has a similar system.

Otherwise, a single email address is acceptable. An alias that forwards to all of the maintainers or at the very least, a single maintainer who has agreed to that role will work.

A quick introduction to Docker Volume. Please check out the post for more information. https://theweeklychallenge.org/blog/docker-volume

Just Aristotle and Graham for our first meeting of the new year. Not much progress since the last one due to Christmas, New Year’s, sickness, and other personal circumstances. We discussed our framing of the version bump, the timeline for a decision, and the fact that constraints push us toward a dummy .0 third version component as the simplest way forward.

[P5P posting of this summary]

I know, thinking about where to put what in a code file sounds lame to most artisan hero's that fly by intuition, but I find it actually helpful. Here my article about it on dev.to and you can tell its written with Perl in mind. I just wanted to publish outside to reach more people and maybe even bring some in.

Having reached a certain level of proficiency with Mojolicious and Vue.js, I made the decision to dedicate some of my free time every week to develop "cool and somewhat useful" (according to some) open-source web apps in Perl.

The goal is to practice and learn, and maybe also help make Perl a bit more popular.

My first such project is Gandalf Links, a link-aggregator website (inspired by pinboard.in) that's pretty much complete and can be installed and run very easily with Docker.

At the front page's footer you can find a link to the source code. A full list of current and future features can be found here.

If interested to contribute in ANY way (ideas, know-how, coding) please do get in touch with me via e-mail, through the form that's on gandalf.gr, or maybe use the project's issue tracker. I've done almost all I can on this project, now I'm looking for other people's expertise.

I'd also be looking for ideas on what other self-hosted web app to work on next (with you if you're interested).

Regards,

- Gandalf (first cousin of the copyrighted one)

A quick introduction to Docker Compose. Please check out the post for more information.
https://theweeklychallenge.org/blog/docker-compose

Simplest is if you go to my homepage and follow the links to my Debian and Perl pages.

Note: The Debian and Mojolicious updates are minor, but a lot of changes are in the Perl wiki.

For the last meeting of the year we were all present again.

• We have requested further input regarding our plan for TLS in core.

• We picked the ball back up that we dropped regarding point releases. They should be coming soon.

• We went over our findings so far regarding Perl 42. It looks like Perl versions will have to continue to be written with three components, so we will be stuck with a fixed .0 at the end. It’s slightly annoying, but we can live with it. We strategized about how to get more real-world data about feasibility, and discussed the possibility of releasing a perl-41.8 tarball alongside the regularly scheduled perl-5.41.8.

[P5P posting of this summary]

We are delighted to announce the new release, which includes 57 significant bug fixes compared to the previous 2.1.8 version. This update addresses a range of important issues and enhances the overall stability and performance.

More details at https://blog.foswiki.org/Blog/Foswiki219IsReleased

A quick introduction to Docker Secret. Please check out the post for more information:
https://theweeklychallenge.org/blog/docker-secret

Next PCC: July 3-4, 2025 in Austin, Texas USA

See entire the post to learn about our future plans, in perpetuity.

The very first Perl Community Conference was a tremendous success thanks to everyone of you authors and speakers. Many thanks to PCC Co-Organizer Will "The Chill" Braswell, our friends at the Diogenes Hackerspace (in Austin, Texas), and all the participants both online and in person! We'll be following up soon about posting the videos. The next stage will be editing and publishing Issue #2 of the Science Perl Journal. The schedule from the Winter'24 PCC should be a clue about some of its contents. We have discussed offering a "Letters to the Editor" section to address feedback from friends and foes alike. More on this will be announced in future posts.

Future Plans in Perpetuity

Prioritisation of Panic

Let me start off by asking the folk on this platform one question. Imagine a scenario that you had lost something important with multiple potential negative consequences. For instance losing a bunch of keys including your car keys, your house keys, your changing room locker keys and a USB stick. What would be the greatest cause for alarm? I suspect that while there may be many possible answers aligned with each individual’s life priorities, the real men in this group know that the most feared is the reaction following the revelation to the wife. For while any calamitous occurrence may be approached objectively, with rationality, reflection and hopefully recovery, this particularly troublesome phase involves heightened emotions, reactivating Mrs Saif’s indelible memories of my many past failings. Objectivity, while desirable in principle, has to deal with such a tainted history.

Do you want LPW to happen again in 2025? Then you need to make it happen. You need to start thinking about this now. After Lee's closing talk, which detailed how organisation of the 2024 workshop worked and effectively put out a call for organisers for the future, a small number of attendees hinted they would be able to help out in one way or another. For that we are grateful.

However there is no core organising team yet for 2025. Someone, ideally two or three people, need to step up and explicitly say "we are going to organise LPW 2025". If you need help around any of this then we (the 2024 organisers) can guide you. The TPRF have also said they would like to explore how to support LPW 2025 and welcome potential organisers to join the monthly community meeting to discuss this.

Failing that LPW will be going on an indefinite hiatus again.

I have detailed the process of building docker image for The Weekly Challenge website.
Please check out the post for more details:
https://theweeklychallenge.org/blog/build-docker-image

Three of us again. Aristotle had limited time, Philippe and Graham stayed longer.

Some end of year reminders for CPAN Authors:

Do all of your modules have up-to-date contact information? If not, please release new versions with an updated email address in the AUTHOR section.

(And while you're at it, why not add a security policy to your distribution, so that people know how and where to report a security issue with your module.)

If you have a cpan.org email alias, does it forward to the correct email address?

And most importantly, if you are taking time away from maintaining Perl modules, please add ADOPTME or NEEDHELP as co-maintainers to mark your modules as available.

Thanks, and best wishes for 2025.

Happy birthday Perl!

The Perl Community Conference is a hybrid in-person-and-online event held on December 18th from 10:30a-4:00p CST, Perl's 37th birthday, featuring talks from the world's top Perl programmers and community members. Topics include artificial intelligence, bioinformatics, web applications, chemometrics, genetics, data science, high performance computing, ethics, and much more!