Back in Februrary I posted an article in which I promised a follow up telling you how I now manage my certificates. We’ll all these months later I’ve finally published it to dev.to (to push its reach beyond just Perl) https://dev.to/joelaberger/no-magic-letsencrypt-certbot-and-nginx-configuration-recipe-3a97 .
While Mojo::ACME was a fun experiment, it has several shortcomings at this point and I’ve officially stopped using it. If someone is interested in maintaining it, and if I’m sufficiently convinced of your credibility since this is a security module after all, I can hand it over. Otherwise I will be marking it as deprecated soon.
I’m happy to announce that this year I’m going to be running a Mojolicious advent calendar from my new “semi-official Mojolicious website” at https://mojolicious.io/blog/. I won’t cross post here every day, though maybe I will do a few, say the most interesting/code-filled ones.
The first one is already up, a quick Getting Started to get the ball rolling.
I’m assuming that by now you’ve probably heard of Let’s Encrypt. If you haven’t, they are a brand new Certificate Authority that issues SSL certificates for free via an automated system!
There has to be a catch right? Well kinda, but it’s a small one. The certificate is only valid for 90 days. They mention two reasons for this in a blog post: to encourage automation and to contain the damage of a compromised cert.
If you need to renew every 90 days, you don’t want to be doing that by hand right? By encouraging automation, they can effectively force you to investigate how to make security easier for yourself over the long term. You may have read the famous Ten Immutable Laws Of Security but the related Ten Immutable Laws of Security Administration tells us in Law #2 that
Security only works if the secure way also happens to be the easy way
Once you have automated your SSL cert generation then the easy way will be the standard way.
Also, the shorter the duration of the cert, the less time that a compromised cert can be used to wreak havoc. But once we all have automation, they can actually tighten that time eventually to even shorter times, which would further contain the damage of compromised certs.
So let that sink in: all you have to do to have a secure website for free is to setup the automation to issue and renew the certificate.
A long while back (I’ll find the reference if I can) Stevan Little, author of Moose, commented that part of what he wanted for a p5mop was the ability to have truly private data in classes. Much in the way Perl 6 has
$!data attributes that are simply private data, he wanted to just be able to use Perl’s regular variables in this same way.
I took this as a bit of a challenge and several iterations later, I had a working system. I then spent months trying to decide if I wanted to put it on CPAN. I kept weighing utility vs practicality. Though it is an interesting thought exercise, I have no idea if its a good idea.
A few things happened which made me soften my view. Most importantly, the great Damian Conway released Dios which does bring lots more of the Perl6 style classes to Perl5. This lead me to stop worrying that people would actually try to use my module for real heavy lifting; if you need that use Dios. Also Stevan gave a talk at YAPC::NA which showed an exciting and I think very promising reimagining of the p5mop project.
With these two projects out there mine can just be a curiosity. I kept finding myself showing it off and wondering. Finally, today Yanick Champoux found himself pondering blessed-subref-based objects and I reminded him of my module, which I had shown him at YAPC. I mentioned that I still was on the fence about releasing it to CPAN, he replied:
So I did.
I’m happy — and a little scared — to introduce Class:Anonymous to the CPAN. It may be the strangest thing I’ve put there yet.
I have found myself in a bit of a CPAN exuberance these last few months. While I have released several new modules, I haven’t found time to announce them individually. Here then is a joint announcement of what I’ve been doing on CPAN lately.
Perhaps a misleading title. Seeing as this is not a political blog but a Perl one, I’m going to talk about method chaining, not worker’s unions.
Method chaining is the practice of consecutively calling methods on the return of a previous method. This comes in primarily two flavors. The first isn’t as common in Perl, though it is used extensively in
Mojolicious, is when a method has nothing useful to return, it can return itself. This allows for say chaining setter methods
$self->set_foo("FOO")->set_bar("baz"), or chaining related test methods
my $t = Test::Mojo->new; $t->get_ok('/page/1/') ->status_is(200) ->text_like('#id' => qr/foo/);
While this is useful, it’s not my topic today. I’m going to talk about the more simple form, calling a method that returns an object, then calling a method on it, and so on.
This post announces the release of Mojolicious::Command::nopaste, a clone of App::Nopaste using the Mojolicious toolkit. I wrote it mostly as an example of using Mojolicious and its command system, but it has the side benefit of having a much lighter dependency chain than the venerable original (I already have the only required dependency on every box I use).
It also has a few bugfixes that the nopaste author either hasn’t tripped on, or had the time to fix (mostly in the Clipboard interaction on Linux) (sartak if you want to ping me I’d be happy to work with you on it). It has a slightly different list of services, including the very fun MathB.in but lacking Gist for now since the OAuth is something I don’t want to deal with yet. Any other services that people are interested in may be contributed via a PR or even a decent api spec.
PDL (“Perl Data Language”) gives standard Perl the ability to compactly store and speedily manipulate the large N-dimensional data arrays which are the bread and butter of scientific computing.
PDL turns Perl into a free, array-oriented, numerical language similar to (but, we believe, better than) such commercial packages as IDL and MatLab. One can write simple perl expressions to manipulate entire numerical arrays all at once. Simple interactive shells, pdl2 and perldl, are provided for use from the command line along with the PDL module for use in Perl scripts.
It is with great pleasure that the PDL development team announces the release of the latest version of the PDL Data Language with 64bit platform support.
This release would not have been possible without the contributions of developersChris Marshall, Craig DeForest, Derek Lamb, Dima Kogan, Rob/Sisyphus, David Mertens, Diab Jerius, William Parker, and Henning Glawe.
A special thanks also to those who helped with bug reports, problem discussions, and, of course, participation in CPAN Testers which has helped to make the best tested PDL release ever!
Enjoy and Happy PDL-ing! The PDL Development Team
Mojolicious’s 4.0 release came with lots of shiny features but it also came with a lot of housecleaning. One of the old things swept away was the
memorize helper, which would cache a part of a template and prevent its repeated evaluation. Do you miss it, as some users undoubtedly do, or else does this helper sound useful to you? Then read on, because its back and better than ever!