blogs.perl.org

Over the past year, I’ve been self-studying XS and have now decided to share my learning journey through a series of blog posts. This eighth post introduces you to Perl regular expressions in XS.

Just Aristotle and Graham this week.

• This week CVE-2025-40909 was assigned, for an issue we were already tracking (GH #23010). We coordinated during the week to get a fix merged (GH #23019) before 5.41.13. Thanks to Vincent Lefèvre for the report and Leon Timmermans for the fix. During the meeting we discussed getting out security releases for this soon.
• We caught up on release blocker triage. We are tentatively all clear: all previously identified release blockers are now resolved, and there were no new blockers in recent issues and pull requests – except possibly a 32-bit Windows build issue we are not yet certain about. We are keeping an eye on that.

[P5P posting of this summary]

Quick refresher about Array and List in Perl.Please check out the link for more information: https://theweeklychallenge.org/blog/array-vs-list

I was inspired by Daniel Stenberg's recent article Detecting malicious Unicode to write Test::MixedScripts, which tests Perl source code and other text files for unexpected Unicode scripts.

Why should you care about this?

There are Unicode characters in different scripts (alphabets) that look similar and are easily confused.

A malicious person could replace a domain name or other important token with one that looks correct, for is associated with a host or other resource that they control.

Consider the two domain names, "оnе.example.com" and "one.example.com". They look indistinguishable in many fonts, but the first one has Cyrillic letters.

Confusing Unicode might be added to your codebase through a malicious patch submission or pull request. Or it could be added as text from an email or web page that you copied and pasted into your code.

The module is easy to use, and defaults to testing for Latin and Common characters:

This extended meeting took place between the three of us in person over several days at the PTS 2025 in the beautiful city of Leipzig.

Returning from the 27th installment of the German Perl or Perl/Raku Workshop, this time in Munich, I'd like to share some impressions.

Re-creating CVE-2024-56406 using docker container with affected Perl versions.
Please check out the link below for more information.
https://theweeklychallenge.org/blog/cve-2024-56406

Over the past year, I’ve been self-studying XS and have now decided to share my learning journey through a series of blog posts. This sixth post introduces you to subroutine invocation in XS.

A week ago I attended the 2025 PTS. For me it was a different PTS than the previous ones.

Firstly because it was my first PTS without Abe Timmerman. He was a regular in both the PTS (as maintainer of Test::Smoke), and of the Amsterdam Perl Mongers. In fact the last time I saw him was on our flight back to Amsterdam after the PTS in Lisbon last year. He was greatly missed.

Secondly, because of a question that Book asked at the very beginning of the PTS: how often we had been to the PTS before. I was one of the few who had attended more than 10 of them. Combined with the fact that several other regular attendees couldn't make it that meant that this PTS I spent more time than ever on helping others with various issues.

This is a hybrid (in-person and virtual) conference being held in Austin, TX on July 3rd-4th.

Did you miss your chance to speak or have wish to speak at the only available Perl Science Track (and get published in the Science Perl Journal)? Or maybe you just can't get enough Perl this summer??? Submit here ... or get more information on the PCC, including registration, special event registration, and donation links click here. For questions you may email us at science@perlcommunity.org or find us in the Perl Applications & Algorithms discord server.

The following lengths will be accepted for publication and presentation:

• Science Perl Track: Full length paper (10-36 pages, 50 minute speaker slot)
• Science Perl Track: Short paper (2-9 pages, 20 minute speaker slot)
• Science Perl Track: Extended Abstract (1 page, 5 minute lightning talk slot)
• Normal Perl Track (45 minute speaker slot, no paper required)

You may ask, where is the Winter SPJ or videos? We are working on them, promise! (it's a lot of work as some of you know. See also on Perlmonks and r/perlcommunity.

Perl Toolchain Summit 2025, my first time, thanks to the organisers.
Here is my event report: https://theweeklychallenge.org/blog/pts-2025

Over the past year, I’ve been self-studying XS and have now decided to share my learning journey through a series of blog posts. This fifth post introduces you to subroutine(method/function) prototypes in XS.

A Futility Closet post references a Perl "poem" over two decades old. I remember chuckling at it when it first appeared. Although it was published "anonymously", I'm pretty sure I know who wrote it. :)

This weekend I was once again privileged to attend the Perl Toolchain Summit (PTS). This year it was held in the lovely city of Leipzig.

The PTS continues to be my favourite technical event of the year. In part this is because I get to meet old friends and make new ones, but it's also because the summit really serves its purpose and I am able to make so much progress on the projects I have which belong in Perl's toolchain ecosystem.

PTS isn't a conference - it's a four-day working meeting. It brings together people working on toolchain projects to solve common problems and push the work forward. I did get a lot of work done, but that's not the main focus, for me anyway. I see it as a time to solve problems and plan the way forward, and for me PTS facilitates that in the most wonderful fashion.

Parenting aint easy. Certainly it is often something your kids teach you. Even worse, it often starts with ”<INSERT_KIDS_FRIENDS_NAME>’s dad lets him do <INSERT_CURRENTLY_PROHIBITED_ACTIVITY>”. In this constant battle to shape your offspring into a model citizen, with the values you value, and turning him/her into a self-sustaining organism, one applies tools that enhance particular features, remove the superfluous or the undesirable.

Over the past year, I’ve been self-studying XS and have now decided to share my learning journey through a series of blog posts. This fourth post introduces you to overloading operators in XS.

All three of us attended.

• We discussed the situation with readline and the filehandle error flag once again, starting over by revisiting the basic premise of the error flag. We think we now have a better understanding the overall situation, and this led us to a different approach about how to correct the overall situation, which we will outline as a proposal soon.
• We have been wanting to revert #22465 but wanted to include a testcase that demonstrates why, which we hadn’t gotten to. In order to get this into the looming final dev release, we talked through what the testcase needs to look like, and will submit a pull request ASAP.
• We caught up on new issues and pull requests for release blocker triage. We then reviewed the state of our current release blockers, some of which have been resolved, and one of which (#23026) we demoted based on our new understanding about the readline situation.

[P5P posting of this summary]

Here is the final post about AWS S3 Server Side Encryption where I demo encryption using Customer Key.Please check out the link for more information: https://theweeklychallenge.org/blog/aws-customer-key-encryption

Here we go: Download me