This Week in PSC (138)

Back to the usual three of us

  • Further chats on allowing a subsequent use VERSION of the same value as is already prevailing

  • We continued going through the bug list to tag release blockers

Perl Weekly Challenge 272: Defang IP Address

These are some answers to the Week 272, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on June 9, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Defang IP Address

You are given a valid IPv4 address.

Write a script to return the defanged version of the given IP address.

A defanged IP address replaces every period “.” with “[.]".

Example 1

Input: $ip = "1.1.1.1"
Output: "1[.]1[.]1[.]1"

Example 2

Input: $ip = "255.101.1.0"
Output: "255[.]101[.]1[.]0"

This the first time that I hear that an IP address could be "defanged."

Defang IP Address in Raku

(repost) TPRC 2024 Call For Papers is now open!

If you have been following along with the efforts to add a Science Track to the TPRC, now is the time to seriously consider submitting a peer reviewed paper. The TPRC Call for Papers has opened with information on submitting to any of the 3 tracks. Note that the science papers are submitted to the Perl Community's Science Perl website, which is linked in the TPRC's announcement.

Repost from, https://news.perlfoundation.org/post/cfp2024

You can submit your talk Ideas at https://tprc.us/talks Talk submission deadline is April 5th, Midnight UTC. Talks must be given live and in-person. If you are looking for any talk ideas, try out the conference wiki.

New this year, we are accepting submissions for a peer reviewed Science track. Those talks should be submitted at https://science.perlcommunity.org/

Visit the TPRC 2024 website at https://tprc.us/ Follow us on Twitter: @PerlConferences Like us on Facebook: The Perl Foundation (@tpf.perl) Subscribe to the mailing list: https://tprc.us/subscribe

Any questions about the Science Track should be directed to "science at perlcommunity.org" or visit us at #science on irc.perl.org.

Looking forward to seeing all the submissions!

Cheers,

Brett Estrade (OODLER)

Chairman, Science Perl Committee

Using peppers with Crypt::Passphrase

Crypt::Passphrase

Crypt::Passphrase is a module for managing passwords. It allows you to separate policy and mechanism, meaning that the code that polices authorization doesn’t have to know anything about what algorithms are used behind the screen, and vice-versa; thus making for a cryptographically agile system.

It’s not only handling the technical details of password hashes for you but also it deals with a variety of schemes. It’s especially useful for transitioning between them.

A configuration might look like this (Koha):

YAPC::Hiroshimaの参加記録 | I attended YAPC::Hiroshima in Japan

日本のYAPCに参加したのは18年ぶり2度目。

イベント参加者として

  • 世界一成功しているYAPCであるYAPC::Japanの運営を見習うためにボランティアで参加させてもらった。一般参加者の切符を買いますと言ったのだが、主催のkobakenさんに固辞された。神のようなお方
  • YAPCという名前はやはり良い

ボランティアとして

  • 朝7:30に集合だった。早めの行動をしようと7:25に着いたらほとんどのスタッフがすでに到着していた。アメリカではありえない
  • メインは部屋の進行係。さらに登壇者向けの受付という重大な任務もまかされて光栄です

TPFの人間として

  • 運営の方がTPFへの寄付を繰り返し呼びかけてくれて、さらに受付でも寄付コーナーを設置してくれてお礼の申しようもない https://blog.yapcjapan.org/entry/2024/02/10/100000
  • もちろん、寄付をしてくださった方にも本当に感謝している

トークについて

  • ボランティアをしていたのでほとんど聞いていない。あとで録画を見る
  • 広島のYAPCのキーノートを誰にしてもらうかという疑問に対して、とほほさんというパーフェクトな答えを出した運営チームは偉すぎる
  • 私がこのコミュニティに入る前から登壇していてまぶしい存在だったcharsbarさんとtakesakoさんのトークをまた見られてありがたかった。かるぱねるらさんが同じようなことを書いている。https://x.com/karupanerura/status/1756575196369260893
  • ずっと前から有名人という点ではmalaさんのトークが聞けてよかった。タイムリーでYAPCにぴったりな内容。弾さんのトークは聞き逃した
  • もちろん新しい登壇者が半分以上で、それもいいこと
  • YAYAPCはYAPC以上に良かった。録画とSNS公開が禁止のトークは実に面白い
  • 私のトークは過去に20分でやったものを5分に圧縮した。ボーナススライドは時間が余れば見せようかと思っていたところまったく無理だった。内容は「日本発のPerlのスローガンを提案する」だった

アメリカのカンファレンス主催側の者として

  • 日本のYAPCが米国のYAPC(最近はTPRCという)より規模が大きいのは、人口が世界一の都市である東京で開催するからだというのがかつての通説だった。その後YAPC::Japanチームは東京から飛び出して他の都市でも世界一大きいなYAPCができるのだということを証明した
  • YAPC::Japanがなぜこれだけ人が集められるかというというのは別記事で長い考察が必要だが、毎年来る人でも10年に一度しか来ない人でも初参加者でも楽しめるイベントであるのは事実
  • スケジュール通りにトークが進行するのは素晴らしい。あれは、参加者が開始前に着席していないと無理。日本人がどうやって5分の休憩時間で遅れなく部屋を移動するのかは謎
  • YAPC::Hiroshimaの広報は優秀
  • YAYAPCでkobakenさんが少しだけ言っていたように、自分は客だという気持ちの入場者がいるのは残念。チケットの売り上げでは全然赤字なのがYAPCなので、一般入場者はお客様ではないのです(これは私の意見)

まとめ

  • 家から広島の会場まで最短でも24時間かかるので移動は大変だったがその価値はあった
  • また来たい

Perl Weekly Challenge 271: Sort by 1 Bits

These are some answers to the Week 271, Task 2, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on June 2, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 2: Sort by 1 Bits

You are given an array of integers, @ints.

Write a script to sort the integers in ascending order by the number of 1 bits in their binary representation. In case more than one integers have the same number of 1 bits then sort them in ascending order.

Example 1

Vulnerable Perl Spreadsheet Parsing modules

A longer version of this post, including the full timeline as we know it, is available at security.metacpan.org

Between Dec 2023 and Jan 2024, vulnerabilities in Spreadsheet::ParseExcel and Spreadsheet::ParseXLSX were reported to the CPAN Security Group (CPANSec).  This document describes the timeline and analysis of events.

CVE-2023-7101: Spreadsheet::ParseExcel arbitrary code execution vulnerability

Đình Hải Lê discovered an arbitrary code execution (ACE) vulnerability in the Perl module Spreadsheet::ParseExcel, version 0.65 and earlier.

An attacker, exploiting this vulnerability, would craft an Excel file containing malicious code encoded as a number format string, which is executed when the file is parsed by Spreadsheet::ParseExcel.  Basically, untrusted data is passed to the Perl eval function enabling arbitrary code execution. A detailed write up of the vulnerability and Proof of Concept (PoC) is available at https://github.com/haile01/perl_spreadsheet_excel_rce_poc

Announcing the Perl Toolchain Summit in 2024!

After three years of not organising and one successful PTS in Lyon last year, we might have become a bit complacent and forgotten how taxing organizing an event is... After a very slow preparation, we are very pleased to announce the fourteenth edition of the Perl Toolchain Summit!

In 2024, we will be meeting in Lisbon, Portugal, from Wednesday April 25 to Sunday April 28. As has become customary, participants will stay at the hotel, and work in the meeting rooms dedicated for the event.

This Week in PSC (135) | 2024-02-08

This week, the three of us:

  • noted that use VERSION restrictions have had mostly positive responses
  • thought that Data::Printer can’t go in core as-is, but there’s a use case for a debugging helper, some of which might be hidden in D:P’s core
  • discussed adding a builtin::numify function (and the corresponding OP in core)
  • quickly reviewed the PPCs currently being implemented:
    • we should ping the implementors of PPC0014 (English names) and PPC0021 (optional chaining)
    • PPC0022 (meta) has an implementation on CPAN
    • PPC0019 (qt strings) implementation is in progress, but unlikely to be done by 5.40
    • PPC0013 (overload in join) is currently stalled

Perl Weekly Challenge 271: Maximum Ones

These are some answers to the Week 271, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on June 2, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Maximum Ones

You are given a m x n binary matrix.

Write a script to return the row number containing maximum ones, in case of more than one rows then return smallest row number.

Example 1

Input: $matrix = [ [0, 1],
                   [1, 0],
                 ]
Output: 1

Row 1 and Row 2 have the same number of ones, so return row 1.

FOSDEM 2024 TPRF Community Dinner

Get ready for a night of code, community, and culinary delights at the TPRF Sponsored Dinner during FOSDEM! 🍽️✨ Join us on Saturday, February 3rd, for a three-course feast and vibrant conversations.

📅 When: Saturday February 3rd, evening

📍 Where: Bruxelles

🎉 What's Cooking: An unforgettable evening filled with tech talks, networking, and delicious bites!

🤩 How to Join:
RSVP now by filling in this form below and secure your spot! Let's make this dinner a celebration of code and camaraderie.

Google Forms

February 08, 2024 @ 6pm CT ~ Houston Perl Mongers Zoom Meeting

February 08, 6pm CT ~ Houston Perl Mongers Zoom Meeting 🔗 Thu Jan 25 2024
Title: Using Perl Prototypes

When: Thur February 8th at 6:00-8:00 PM CT (+6 UTC)

Where: (virtual, see below):

https://us02web.zoom.us/j/920069702
Meeting ID: 920 069 702
Password can be found by running this statement.
perl -e 'print +(0b1000100).((3<<2)*10).(010)."\n"' # 681208
Original post:
https://houstonperlmongers.org/posts/3a99ac5b-f9f9-4409-a38c-e9ef91d972c8

This Week in PSC (133) | 2024-01-25

Just me and Graham this week.

  • builtin::nan needs better documentation on the kind of NaN it provides.
  • We discussed lots about builtin and lexical imports, and how to handle a few odd cornercases.
  • Perl 5.39.7 is now out; we need to work out the schedule for the final few devel releases and the real thing in May.

# Perl Weekly Challenge 270: Special Positions

These are some answers to the Week 270, Task 1, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on May 26, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 1: Special Positions

You are given a m x n binary matrix.

Write a script to return the number of special positions in the given binary matrix.

A position (i, j) is called special if $matrix[i][j] == 1 and all other elements in the row i and column j are 0.

Example 1

My 2023 in Perl

2023 was a rather productive year for me on CPAN. Aided by taking some time off I managed to release a whopping 18 new modules.

Passwords

Half of my new modules were related to my password framework Crypt::Passphrase. To be honest most of them are either small (± 100 LOC) glue two or three other pieces of code together. And then there was Crypt::HSM, a PKCS11 interface (to use cryptographic hardware without exposing cryptographic keys) that was probably more work (2600 LOC of XS) than the others combined.

Most of this was with the aim to add peppering support to Crypt::Passphrase, a subject extensive enough that I should probably dedicate a separate blogpost to it.

Live streaming the release of Perl 5.39.7

I missed last year but in 2024 I'm doing a dev release of Perl again. This time it is version 5.39.7.
And again, you can watch it live on Saturday 20th of January on Twitch.

This Week in PSC (130) | 2024-01-04

Happy New Year!

This week, we discussed some recent mailing-list threads:

  • meta experiments continue. They should probably provoke some kind of runtime warning about being experimental, but exact details need discussion
  • Ovid requests to write another PPC about value constraint checks. We don’t object as such, but would remind that a specification alone does not guarantee an implementation and we’re still busy implementing the previous big idea (class)

Perl Weekly Challenge 269: Distribute Elements

These are some answers to the Week 269, Task 2, of the Perl Weekly Challenge organized by Mohammad S. Anwar.

Spoiler Alert: This weekly challenge deadline is due in a few days from now (on May 19, 2024 at 23:59). This blog post provides some solutions to this challenge. Please don’t read on if you intend to complete the challenge on your own.

Task 2: Distribute Elements

You are given an array of distinct integers, @ints.

Write a script to distribute the elements as described below:

1) Put the 1st element of the given array to a new array @arr1. 2) Put the 2nd element of the given array to a new array @arr2.

Once you have one element in each arrays, @arr1 and @arr2, then follow the rule below:

If the last element of the array @arr1 is greater than the last element of the array @arr2 then add the first element of the given array to @arr1 otherwise to the array @arr2.

When done distribution, return the concatenated arrays. @arr1 and @arr2.

Never matching: everybody is doing it wrong

Well, not actually wrong, just slow. But the exaggeration makes a punchier headline, you’ll admit.

This comes up when an interface takes a pattern to match things against. Sometimes you have some reason to want this match to always fail, so you want to pass a pattern which will never match. The customary way of doing this is to pass qr/(?!)/. There is a problem with that, though.

I’m not talking here about the fact that if possible, you really don’t want to pass an actual qr object. We’ve already covered that. It was a surprising enough discovery that I’ll take this opportunity to signal-boost that while we’re here, but this article is not about that.

Geizhals Preisvergleich unterstützt den Deutschen Perl/Raku-Workshop

We are happy to announce that Geizhals Preisvergleich supports the German Perl Workshop in 2024!

About blogs.perl.org

blogs.perl.org is a common blogging platform for the Perl community. Written in Perl with a graphic design donated by Six Apart, Ltd.