Audit CPAN distributions for known vulnerabilities
Changes for 20240401.002 - 2024-04-01T12:27:17Z
- Fix some incorrect data in CPANSA-HTTP-Body-2013-4407 (CVE report is wrong). From Stig in briandfoy/cpan-security-advisory#150 .
Audit CPAN distributions for known vulnerabilities
Changes for 20240401.001 - 2024-04-01T11:50:11Z
- data update for 2024-04-01
- fix data issue for Mojolicious report (briandfoy/cpan-security-advisory#149) (Timothy Legge)
cat-v command implementation
Changes for 0.9901 - 2024-04-01T10:20:20Z
- organized docs directory
PDF DateTime Parser and Formatter.
Changes for 0.01 - 2024-04-01T11:22:08+02:00
- First version.
Synthesizer settings librarian
Changes for 0.0042 - 2024-03-31T20:12:33Z
- Fix eg/visualize.pl and Module.yaml.
Validate Japanese zip-codes
Changes for 0.20240329
- Update some table classes.
Libdeflate compression library
Changes for 0.08_01 - 2024-04-01
- Try to do something about version mistakes
Schemas related to filesystem path
Changes for 0.031 - 2024-02-16
- Rename module/dist Sah-Schema{s,Bundle}-Path following rename of Sah-Schema{s,Bundle} (for visual clarity and consistency with naming of other bundles).
Throttle requests to a site
Changes for 0.10
Validate data against a schema using a JSON Schema
Changes for 0.583 - 2024-03-30T17:56:17Z
- further optimization of error and annotation construction, which should significantly improve evaluation performance of large documents which heavily use the 'unevaluated*' keywords (such as a schema evaluated against its metaschema, or an OpenAPI document evaluated against its schema)
find perl root and push lib modules path to @INC
Changes for 0.02 - 2024-03-30T17:41:49Z
- update doc with default .libroot file and list similar projects
find perl root and push lib modules path to @INC
Changes for 0.01 - 2024-03-30T17:26:22Z
- initial version
Tied objects
Changes for 0.21 - 2024-03-30
- Fix a bug with after hooks that were always getting set as before, also fix the order that they are called
- Adds factory properties via Rope::Factory
- Adds chained properties via Rope::Chained
 | submitted by /u/davorg [link] [comments] |
Amazon Links and Buttons - Perl Hacks
I’ve spent more than a reasonable amount of time thinking about Amazon links over the last three or four years. It started with the Perl School web site.Dave Cross (Perl Hacks)
Shamelessly copied Tk::Tree widget
Changes for 0.02
- Configured Left and Right key to open and close branches. Corrected documentation.
Tied objects
Changes for 0.20 - 2024-03-30
- Adds clear_meta and set_meta on Rope so that you can manipulate an Objects meta definition
- Extends CONFIGURE PROPERTIES with predicates and clearers
create diffs between HTTP requests
Changes for 0.07 - 2024-03-30
- Switch tests from YAML to YAML::PP This is mainly to avoid YAML::Syck being loaded, which can't handle some of our YAML (?!)
This isn't directly perl-related, but it's a good reminder that as the bus-factor of our projects dwindle down to 0, the danger of a dependency attack goes up.
The story is still unfolding, and I've just been reading it from the HN post
In this case, it appears that the maintainer of xz-utils, who has been maintaining it since 2009 and mentioned online that they don't really have the capacity for it anymore finally had a motivated helper show up to assist with the work 2.5 years ago. That motivated helper now appears to either be a long-con state actor, or a compromised account.
liblzma is used by libsystemd. Redhat and Debian patch ssh to use libsystemd. The startup code of libxz detects when it is loaded into sshd during initialization and replaces a core auth function of sshd with its own copy. The malicious code comes from compressed compiled code within one of the libxz unit test files that gets sneakily injected into the build during the ./configure script. The person who discovered it only found it due to valgrind errors and a slower startup time for ssh, which are mistakes a more sophisticated attacker might not have made.
Oh, and of course the question on everyone's mind, you're probably not affected yet because the latest liblzma is only used in pre-release distros right now. But check if you have xz 5.6 or later. However, the author has been contributing to xz for 2.5 years so who knows if this is the first attack or not...
submitted by /u/nrdvana
[link] [comments]
Libdeflate compression library
Changes for 0.08 - 2024-03-30
- Check compiler when installing and exit if version is too low
- Include a missing file
Sah schemas related to ArrayData
Changes for 0.005 - 2024-02-16
- Rename module/dist Sah-Schema{s,Bundle}-ArrayData following rename of Sah-Schema{s,Bundle} (for visual clarity and consistency with naming of other bundles).
Interface to the Qhull convex hull, Delauny triangulation, Voronoi diagram software suite
Changes for 0.06 - 2024-03-29T17:56:08-04:00
- BUG FIX
automate the Chrome browser
Changes for 0.73 - 2024-03-29
- Tests should not hang when run as root now
- Sandbox is automatically disabled when running as root
Multi column file system explorer
Changes for 0.01 - 2024-03-01T10:42:59Z
- original version; created by h2xs 1.23 with options -X Tk::FileBrowser
Hi all,
I have most difficulties to make my LWP::UserAgent to use TLS 1.2/1.3
I tried :
my $ua = new LWP::UserAgent( 'ssl_opts' => { SSL_version => 'TLSv12:!SSLv2:!SSLv3:!TLSv1:!TLSv11', } );
but no success .....
also tried :
$ENV{https_version}=3;
perl v5.32 is not that old, I am very surprised I can't establish connecting to TLS 1.2/1.3 server
Is it a known problem with openSSL version used to compile v5.32 ? if so, can I upgrade the SSL libs only ? or is there an option to pass on to force TLS 1.2/1.3 ?
Windows 10 - strawberry v5.32.1 MSWin32-x64-multi-thread
Thank you very much !
submitted by /u/lowpowerdesign
[link] [comments]
Read environment variables from .env file
Changes for 0.012 - 2024-03-29T18:05:10+02:00
- Fix lib and test code to use Cwd::abs_path with File::Spec->catdir|catfile.
Class for conversion between percent number to star visualization
Changes for 0.03 - 2024-03-29T16:01:21+01:00
- Add missing dot in doc.
- Improve doc for constructor.
- Move bugtracker to Github.
- Move valid tests to top.
- Rewrite check of error to Mo::utils.
I have a bunch of YAML config files (using YAML::XS) which are multidimensional, and the values can be HASH, ARRAY, or SCALAR. Right now, I have a kind of a template YAML that defines the layout that someone can use as a reference to write a config file. The keys and layout are the same, except instead of having values it has two keys: 1) required (boolean) and 2) type (ARRAY, HASH, STR, etc). What I would like is for a sub to just verify the tree and spit out an error on which key is the problem, but I'm getting kind of lost on trying to loop both trees together.
Here is a small example from a part of a YAML config.
split: level: 3 filter: directories: delete: - \/main.assets$ keep: - S2589004224001688 files: keep: - issue.xml - main.xml - main.pdf And here is a small example from the YAML config template that someone uses as a reference.
split: required: True type: HASH group: required: False type: HASH by: required: True type: STR count: required: True type: STR level: required: True type: INT filter: required: False type: HASH directories: required: False type: HASH delete: required: False type: ARRAY keep: required: False type: ARRAY files: required: False type: HASH delete: required: False type: ARRAY keep: required: False type: ARRAY
submitted by /u/sirhalos
[link] [comments]
A Latemp Utility Module.
Changes for 0.12.0 - 2024-03-29
- Deprecate.
- Add deprecation note.
Audit CPAN distributions for known vulnerabilities
Changes for 20240329.002 - 2024-03-29T12:08:01Z
- Data update for 2024-03-29
create diffs between HTTP requests
Changes for 0.06 - 2024-03-29
- Use "stable" instead of "experimental"
Some fun with chatgpt (note that you can get the same information with a rudimentary search across various research databases followed by statistical analysis of the tags)
When reading the chat bot response note that
legacy systems include many/most of the research tools in many fields many of the legacy systems are heavily dependent on bash for gluing their individual components many of these legacy systems include a noninsignificant amount for web programming Python / R etc just glue over code written in C and Fortran, ie they just provide an API
Prompt: can you suggest a few application areas for perl as glue in scientific component based software engineering?
Perl can be effectively used as "glue" in scientific component-based software engineering due to its strong text manipulation capabilities, mature ecosystem, and ability to interface with various systems and languages. Here are a few application areas where Perl can excel as a glue language:
1. Bioinformatics Pipelines
Perl has been traditionally strong in bioinformatics, where it is used to connect different software components for tasks like DNA sequence analysis, protein structure prediction, and genetic data processing. It can orchestrate workflows that involve calling various tools, parsing their output, and preparing it for the next step in the analysis pipeline.
2. Data Transformation and Integration
In scientific computing, there is often a need to transform data between different formats or integrate data from various sources. Perl can serve as a glue language to script these transformations and integrations, handling formats like CSV, JSON, XML, and proprietary binary formats commonly used in scientific instruments.
3. System Administration for Research Computing
Perl can automate and manage tasks in research computing environments, such as scheduling jobs on a compute cluster, monitoring resource usage, and managing file systems. It can glue together various system components, ensuring they work seamlessly to support scientific computation.
4. Legacy Scientific Software Integration
Many scientific research fields have legacy software components written in Perl or that provide Perl interfaces. Perl can be used to integrate these components with newer systems, preserving the value of previous investments in software development.
5. Automated Reporting and Visualization
Perl can be used to generate automated reports and visualizations from scientific data. By gluing together data extraction, analysis, and reporting tools, Perl scripts can produce regular, up-to-date reports or visualizations of ongoing scientific research or experiments.
Limitations to Consider
While Perl is useful in these areas, it's essential to consider its limitations. The ecosystem around Perl, particularly in scientific computing, may not be as vibrant as it once was, with many new developments occurring in other languages like Python. Therefore, while Perl remains a powerful tool for certain tasks, its role in new scientific software projects might be more limited compared to its peak usage times.
In conclusion, Perl's role as glue in scientific component-based software engineering is well established, particularly in areas where text processing and legacy system integration are paramount. However, the choice to use Perl should be balanced with considerations about the current and future needs of the project, as well as the availability of skills and community support.
submitted by /u/ReplacementSlight413
[link] [comments]
Class library for rapid development
Changes for 1.215 - 2024-03-28
- Quiq::Confluence::Client
- Quiq::Database::Connection
- Quiq::Hash
- Quiq::Path
- Quiq::PhotoStorage
- Quiq::Url
Simplified abstracted chained DBI subclass
Changes for 1.15 - 2024-03-28T12:26:27-07:00
- Carp SQL parsing errors
- Ignore reserved words SQL parse errors when not specifying an explicit dialect
- Add abstract() method
- Move parsed query cache to the connection object (instead of global)
Generate complete SQL from Perl data structures
Changes for 1.09 - 2024-03-28T12:22:27-07:00
- Slightly better handling of columns in get()
