Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Perl News

( #23771=superdoc: print w/replies, xml ) Need Help??

For the latest news on what's happening in the Perl world, check out these sites:

If you have a Perl-related news item you'd like to share, you may post it in the Perl News section. Please try to avoid duplicating news; but pointers (with summaries) to important stories on other sites are acceptable here.

Perl News
Happy advent!
2 direct replies — Read more / Contribute
by hippo
on Dec 01, 2023 at 04:05
THREE new perl releases
5 direct replies — Read more / Contribute
by Tux
on Nov 26, 2023 at 04:33

    Today, three new perl versions have been released:

    The main reason is two fixed CVE's:

    • CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
    • CVE-2023-47039 - Perl for Windows binary hijacking vulnerability

    CVE-2023-47038 is only relevant during the use of \p in regexes. This is only a problem if you accept regular expressions from untrusted sources.

    update 2023-11-29: Now that the CVE's are getting public, I could add one link.

    update 2023-12-02:


    Write past buffer end via illegal user-defined Unicode property

    This vulnerability was reported directly to the Perl security team by Nathan Mills

    A crafted regular expression when compiled by perl 5.30.0 through 5.38.0 can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer.


    Perl for Windows binary hijacking vulnerability

    This vulnerability was reported to the Intel Product Security Incident Response Team (PSIRT) by GitHub user ycdxsb PSIRT then reported it to the Perl security team.

    Perl for Windows relies on the system path environment variable to find the shell (cmd.exe). When running an executable which uses Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory.

    An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData. By doing so, when an administrator attempts to use this executable from these compromised locations, arbitrary code can be executed.

    Enjoy, Have FUN! H.Merijn
Recordings of the German Perl Workshop 2023 (gpw2023) are online
No replies — Read more | Post response
by Corion
on Oct 20, 2023 at 15:23

    After a long time of work, the videos are finally available on Youtube. 20 presentations with a total of 14 hours of airtime review the three days of the workshop and you can watch the things you missed on site.

    We would especially like to thank Lee Johnson, who made the recordings, and the presenters, of course, without whom the workshop would not have taken place. The support from our sponsors helps us make the workshop take place.

    united-domains Renée Bäcker
    Geizhals Preisvergleich

    The recordings of the German Perl Workshop 2023 are organised in the order of the day in a playlist available at gpw2023.

    We are planning the German Perl Workshop 2024 again and are already in the final negotiations. As soon as we have a place and date fixed, we will update this post and also make a separate announcement.

A Roguelike in Perl Tutorials by Chris Prather
1 direct reply — Read more / Contribute
by ait
on Aug 08, 2023 at 05:19
berrybrew version 1.40 released
1 direct reply — Read more / Contribute
by stevieb
on Aug 02, 2023 at 13:38

    I have released version 1.40 of berrybrew. It comes with some extensive changes over this, and the previous 1.39 version. (See the changes list).

    User facing changes include:

    • Ability to install and use the new 5.36 and 5.38 releases of Strawberry Perl
    • berrybrew archives hidden command. It displays the list of portable Strawberry Perl zip files previously downloaded
    • berrybrew download hidden command. Download, but do not extract the zip archive of a perl version
    • berrybrew snapshot command. Export an installed perl version to a zip archive, and import a previous zip snapshot to a new installed instance

    berrybrew snapshot usage:

    • bb snapshot export <perl version> [snapshot name]
    • bb snapshot import <snapshot name> [new instance name]

    As far as changes on the developer side, the changes are significant. Here's a high-level list:

    • Broke out like functionality in the main berrybrew.cs source file, and spread it across several new classes, each in their own source file
    • Removed the deprecated berrybrew upgrade command. Upgrades shall be done via the installer
    • Created a very extensive MANIFEST checking system for the installer. This ensures that all files that need to be installed are, those same files are removed upon uninstall, and no rogue files when building the installer are accidentally leaked in
    • Added a significant amount of documentation for the development, build, test and release lifecycle of the project. If I get hit by a bus, I've created a fantastic roadmap for someone to carry on the project quite readily (bb dev docs)
    • A few minor bug fixes, and one major one


Another interview with our illustrious founder (aka Slashdot is 25)
No replies — Read more | Post response
by jdporter
on Jul 31, 2023 at 10:49
berrybrew can now use 5.36 and 5.38
2 direct replies — Read more / Contribute
by stevieb
on Jul 20, 2023 at 17:43

    Update: The most recent release of berrybrew now includes the 5.36 and 5.38 version information, so no change of options are required to use them. As always, you can if you like review the Changes log to see what else has changed.

    I forked the Strawberry Perl repo and updated the releases.json file, which berrybrew uses to know what perls are available.

    One small gotcha... normally it gets this file from Strawberry Perl website, but nobody currently has access to manage it. I've created a PR to get the releases.json updated, but until the PR is merged, we can use my forked version (I will update this thread with what will become the official URL after the PR is merged. After the Strawberry site is back to being actively maintained, the temporary link can be removed, but will going forward remain valid).

    To use the new perls, we have to update a berrybrew option that specifies where we get our version information:

    berrybrew options download_url +eb9/

    Then fetch the new versions:

    berrybrew fetch

    Now they're available:

    berrybrew available

    Here's the entire operation:

    > berrybrew options download_url +vieb9/ download_url: > berrybrew fetch Attempting to fetch the updated Perls list... Successfully updated the available Perls list... > berrybrew available The following Strawberry Perls are available: 5.38.0_64 5.38.0_64_PDL 5.36.1_64 5.36.1_64_PDL 5.32.1_64 5.32.1_64_PDL 5.32.1_32 … > berrybrew install 5.38.0 Downloading +eases/download/SP_5380_5361/strawberry-perl- +ip to C:\berrybrew\temp\ Confirming checksum ... Checksum OK Extracting C:\berrybrew\temp\strawberry-perl- +ip The following Strawberry Perls are available: 5.38.0_64 [installed] … berrybrew switch 5.38.0 Switched to Perl version 5.38.0_64... > exit > perl -v (new CLI window) This is perl 5, version 38, subversion 0 (v5.38.0) built for MSWin32-x +64-multi-thread
TPRC 2023 - Videos on YouTube
No replies — Read more | Post response
by marto
on Jul 12, 2023 at 10:02

    Videos for The Perl & Raku Conference 2023 in Toronto have begun to appear on YouTube.

perl v5.38.0 is now available
3 direct replies — Read more / Contribute
by Corion
on Jul 03, 2023 at 03:16

    rjbs has released 5.38:

    Take my advice and live for a long, long time. Because the maddest thing a man can do in this life is to let himself die.

    — Miguel de Cervantes, Don Quixote

    We are happy to announce version 38.0, the first stable release of version 38 of Perl 5. In other words: v5.38.0 has been released, and this is good!

    You will soon be able to download Perl 5.38.0 from the CPAN at:

    SHA256 digests for this release are:

    5c4dea06509959fedcccaada8d129518487399b7 perl-5.38.0.tar.gz 2e7b1c56c1f795e8173c83a52e91218ba05ee72c perl-5.38.0.tar.xz

    The full announcement is at domain outage
No replies — Read more | Post response
by hv
on Jun 21, 2023 at 18:49

    BooK writes on perl5-porters:

    Just a PSA that the domain has not been renewed and its registrant is sadly still out of contact. I have an option on the domain which will allow me to take ownership in a month, but until then (or the domain is renewed) it will not function. Robert has updated to bypass the domain, so please update your links if you are still using


TPRC 2023 in Toronto / Room block closes June 19
No replies — Read more | Post response
by talexb
on Jun 02, 2023 at 10:05

    Howdy! We have a full three day conference planned in Toronto, running July 11-13 -- that's just 4 1/2 weeks away!

    If you haven't registered and grabbed a room yet, this is a reminder that our room block will disappear on Monday, June 19, so be sure to grab the room you want before that date.

    In addition to the conference, there's going to be a hackathon on Monday, July 10, and Dave Rolsky will be putting on a one-day Go class on Friday July 14. That's all taking place at the venue, the Doubletree Hilton on Chestnut, in downtown Toronto. Please visit the conference website for more information, and I hope to see LOTS of you there!

    Alex / talexb / Toronto

    Thanks PJ. We owe you so much. Groklaw -- RIP -- 2003 to 2013.

Raku is one of the few newbies in the top 100
2 direct replies — Read more / Contribute
by reisinge
on May 25, 2023 at 02:25

    "The only languages younger than 10 years in the current top 100 are: Swift (#14), Rust (#17), Crystal (#48), Solidity (#59), Pony (#71), Raku (#72), Zig (#88) and Hack (#92). None of them are less than 5 years old. In other words, it is almost impossible to hit the charts as a newbie. On the contrary, we see that golden oldies revive. Take for instance Fortran, which is back in the top 20 thanks to the growing demand for numerical computational power. So, if you have just invented a brand new language, please have some patience!" -- Paul Jansen CEO TIOBE Software

PDL 2.083 released and updates from a year of PDLing
No replies — Read more | Post response
by zmughal
on Apr 30, 2023 at 20:16
PDL 2.082_01 released
No replies — Read more | Post response
by etj
on Apr 27, 2023 at 21:28
    PDL 2.082_01 has just been released. Notable changes since 2.082:
    • fix some memory leaking - thanks Yury Pakhomov for report
    • fix various problems with empty ndarrays - thanks @falsifian for report/tests
    • no more HTML doc generation
    • PDL::Doc::add_module now adds all submodules of given namespace (#420)
    • OtherPars can now be incomplete arrays of pdl* (#421)
    • add sound demo - thanks @HaraldJoerg
    • inplace operations no longer copy input arg if inplace

    The IRC channel (#pdl on is a great virtual place to come and ask questions, or just watch the GitHub messages flow by.

    Please give the new release a try and report problems.

Strawberry Perl 5.36 developer release 20230420
2 direct replies — Read more / Contribute
by Corion
on Apr 25, 2023 at 04:24

    The Strawberry Perl project has put out a developer pre-release of Strawberry Perl. There are some modules missing still (DBD::Oracle, PDL, Crypt::OpenSSL::DSA for example), but if you use Strawberry Perl, please test it and provide feedback via Github.

    If you can help with the open tickets, your help getting the modules included in Strawbery Perl is certainly appreciated.

Add a piece of Perl News
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":

  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?

What's my password?
Create A New User
Domain Nodelet?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others musing on the Monastery: (7)
As of 2023-12-07 09:18 GMT
Find Nodes?
    Voting Booth?
    What's your preferred 'use VERSION' for new CPAN modules in 2023?

    Results (32 votes). Check out past polls.