• Help keep the world safe from SQL injection

    A while back, I put up [bobby-tables.com](http://bobby-tables.com) as a repository for showing people the right way to handle external data in their SQL calls. Whenever someone pops up on a mailing list or IRC and they're building SQL statements using external tainted data, you can just refer them to the site. In the past few days, I've spiffed up the site (with design help from [Jeana Clark](http://jeanaclark.org/)) and added pages on [Perl](http://bobby-tables.com/perl.html) and [PHP](http://bobby-tables.com/php.html). I need more examples, though. It's 2010, and there's no reason anyone shouldn't know about parameterized SQL calls. The site source is [hosted on github](http://github.com/petdance/bobby-tables), so if you have any contributions, please fork it and let me know about your applied changes, or you can email me directly. Thanks! P.S. In the next few days, I hope to fire up some redesign on [perl101.org](http://perl101.org/), too.
  • Devel::NYTProf 3.0 is out, more mindblowing than ever

    Go run to the [announcement about Devel::NYTProf v3.0](http://blog.timbunce.org/2009/12/24/nytprof-v3-worth-the-wait/). Marvel at the code profiling goodness. Highlights include: * Ability to profile opcodes, which means... * NYTProf can now profile slow regular expressions * More detailed stats on BEGIN blocks * Treemap of subroutines * Tracking of which subs called which other subs * Graphing of sub calls * Improved report output * Ability to merge profile runs, such as when a process spawns other processes like mod_perl code does. Already I have found that my regular expression compilation is taking 6% of the runtime in my sample runs in [ack](http://betterthangrep.com). I had no idea. Just amazing. Go try it now, and buy Tim Bunce and the other contributors a beer.
  • Advent calendars galore

    *By Matt Follett* It's the time of year for Advent Calendars and it looks like the Perl community isn't disappointing this year. [Perl Advent Calendar](http://perladvent.pm.org/2009/) > The first day talks about using Package::Alias to alias Mouse to Moose. [RJBS Advent Calendar](http://advent.rjbs.manxome.org/) > Ricardo Signes' calendar to showcase things he has been working on. His first entry is about Sub::Exporter which looks very powerful. [Catalyst Advent Calendar](http://www.catalystframework.org/calendar/2009) [Perl 6 Advent Calendar](http://perl6advent.wordpress.com/) > This one starts off with setting up Rakudo, so it requires very little prior knowledge. [SysAdvent](http://sysadvent.blogspot.com/) > Tips for system administrators All of these have RSS feeds, so they'll be easy to follow. Have fun! *[Matt Follett](http://search.cpan.org/~mfollett/) is a developer in the Informatics team at The Genome Center at Washington University School of Medicine, where he works on high-throughput DNA sequencing projects. He is a graduate of the University of Missouri at Rolla, where he majored in Computer Science & Computer Engineering. He has worked for Monsanto, Boeing, and Beck Automation as a software engineer. He was the head of the 2009 St. Louis BarCamp. He currently resides in St. Louis, where he heads the local chapter of Perl Mongers.*
  • Christmas brings the RJBS Advent Calendar

    *By Ricardo Signes* Back when I first started learning Perl 5, I was excited to find the [Perl Advent Calendar](http://perladvent.pm.org/archives.html). It was a series of 24 or so short articles about useful Perl modules or techniques, with one new entry each day leading up to Christmas. A few years later, the Catalyst crew started the [Catalyst Advent Calendar](http://www.catalystframework.org/calendar/2005). I always liked the Perl Advent Calendars, and kept meaning to contribute. Every time, though there were too many things I'd want to write about -- and mostly they were my own code, so I felt sort of smarmy and self-promoting and never did it. Finally, though, I'm glad to say I have tackled those feelings. I will not shy away from showing off my own code, and I will not worry about having to choose just one thing. This year, I will publish the [RJBS Advent Calendar](http://advent.rjbs.manxome.org/), 24+ full days of cool, useful, or stupid code that I have written and given as a gift to the rest of the CPAN community. I've had a lot of fun working on this project, and it's helped me find and fix a number of little bugs or imperfections in the software I'll be talking about. The first door opens in seven days. I hope it's as fun to read as it was to write. No returns will be accepted. Approximate actual cash value: $0.02 *Ricardo Signes has written [tons of modules on the CPAN](http://search.cpan.org/~rjbs/), including [Dist::Zilla](http://search.cpan.org/dist/Dist-Zilla/), the heir apparent to Module::Starter. He is also a total sweetheart, and has a fuzzy head.*
  • Perl gets modern community blogging platform at blogs.perl.org

    In a move of unparalleled beauty, Dave Cross and Aaron Crane have announced [blogs.perl.org](http://blogs.perl.org), a modern blogging platform for the Perl community. Go look. Enjoy the non-ugly color scheme. Marvel at the code syntax highlighting and ability to embed images. Navigate posts using thoughtful categories. A million thanks to Dave and Aaron for putting this together, and to [Six Apart](http://sixapart.com) for the design. Links to feeds will be going up here on Perlbuzz as soon as I have time.