While Mojo::ACME was a fun experiment, it has several shortcomings at this point and I’ve officially stopped using it. If someone is interested in maintaining it, and if I’m sufficiently convinced of your credibility since this is a security module after all, I can hand it over. Otherwise I will be marking it as deprecated soon.

I had really wanted to stay out of the recent commentary on CGI. I really did. I was going to be able to until a recent article was published in which the authors try to step in on the side of CGI. I believe the authors to be talented perl developers posting in good faith, but the result really pushed me to reply. The application developed as a case for CGI and preventing “overkill” is a perfect example of why a framework is needed.

Do you want to post an article in this year’s #mojolicious #AdventCalendar? I’ve just posted a call for articles in the mailing list. You do and know things that other people want to learn about, I promise!

Read more in Call for posts: Advent Calendar 2018!

(Please reply there, as I don’t get notifications from this site on comment.)

I’m happy to announce that this year I’m going to be running a Mojolicious advent calendar from my new “semi-official Mojolicious website” at https://mojolicious.io/blog/. I won’t cross post here every day, though maybe I will do a few, say the most interesting/code-filled ones.

The first one is already up, a quick Getting Started to get the ball rolling.

The site itself is brand new, using Statocles and a nice theme I found online. The main pages are starkly lacking in content so far, but the blog is off and running! Hope to see you there!

There has been some discussion this week about forks of pieces of Mojolicious. Frustrating discussions over what is proper and how to discourage forking. It has been a long week to be honest (and thankfully the recent incident has been peacefully resolved, see postscript).

But then finally, just today, I’ve chosen to see things a different way. I’m really happy to see what lengths people are willing to go to in order to use Mojolicious. This includes addressing a perceived need for streamlining by taking a maintenance burden onto themselves and forking that code that which they need. They see the value in Mojolicious’ code, if not the value in the toolkit as a whole.

I’m assuming that by now you’ve probably heard of Let’s Encrypt. If you haven’t, they are a brand new Certificate Authority that issues SSL certificates for free via an automated system!

There has to be a catch right? Well kinda, but it’s a small one. The certificate is only valid for 90 days. They mention two reasons for this in a blog post: to encourage automation and to contain the damage of a compromised cert.

If you need to renew every 90 days, you don’t want to be doing that by hand right? By encouraging automation, they can effectively force you to investigate how to make security easier for yourself over the long term. You may have read the famous Ten Immutable Laws Of Security but the related Ten Immutable Laws of Security Administration tells us in Law #2 that

Security only works if the secure way also happens to be the easy way

Once you have automated your SSL cert generation then the easy way will be the standard way.

Also, the shorter the duration of the cert, the less time that a compromised cert can be used to wreak havoc. But once we all have automation, they can actually tighten that time eventually to even shorter times, which would further contain the damage of compromised certs.

So let that sink in: all you have to do to have a secure website for free is to setup the automation to issue and renew the certificate.

The article itself is published at PerlTricks. This is the second article I’ve published there (the first was about How to send verification emails using Mojolicious). Hopefully more to come!

I have found myself in a bit of a CPAN exuberance these last few months. While I have released several new modules, I haven’t found time to announce them individually. Here then is a joint announcement of what I’ve been doing on CPAN lately.

Maybe you are already registered for this year’s MojoConf in New York City (June 4th-6th) or maybe you are still thinking about it. Either way, a great way to introduce yourself to the Mojolicious community is to give a talk! But what should you talk about? The cool stuff you do with Mojolicious!

Last years talks were on a wide range of topics. When I write a talk, I usually write really technical talks; I’m always trying to pack too much code into each slide. But when I’m in the audience, the ones that really knock my socks off are the ones I don’t expect.

Last year, Rich Elberger (this year’s host, incidentally) gave a talk that took me completely by surprise, he’s gaining traction using Mojolicious in an Enterprise system! How cool is that?!

So this year I’m really looking forward to seeing all the interesting ways that people are using Mojolicious! Maybe you wrote a cool app, or an interface to an API that’s popular or one that going to be. Maybe you are using Mojolicious to do some system task or solve a real-world problem.

Then again, tutorials are useful too. There are going to be lots of newcomers to Mojolicious. Maybe you want to tell us about your favorite Mojolicious feature and how to use it. Maybe you wrote a module on CPAN that you would like to show off. Maybe a construction technique that you find useful.

I’m really looking forward to this year’s MojoConf and I’m hoping to be delighted by new things, big or small! I hope to see you (and maybe even hear you) there!

Perhaps a misleading title. Seeing as this is not a political blog but a Perl one, I’m going to talk about method chaining, not worker’s unions.

Method chaining is the practice of consecutively calling methods on the return of a previous method. This comes in primarily two flavors. The first isn’t as common in Perl, though it is used extensively in Mojolicious, is when a method has nothing useful to return, it can return itself. This allows for say chaining setter methods $self->set_foo("FOO")->set_bar("baz"), or chaining related test methods

my $t = Test::Mojo->new;
$t->get_ok('/page/1/')
   ->status_is(200)
   ->text_like('#id' => qr/foo/);

While this is useful, it’s not my topic today. I’m going to talk about the more simple form, calling a method that returns an object, then calling a method on it, and so on.