Digital Mages

Digital Mages News

May 23, 2016


I'm not really trying to blow my deadlines, but I figured, hey, here's a program that's already using the new API. You may find it moderately useful: yapw.

May 19, 2016


Parse::PlainConfig is also live. This is updated to not only use the new Paranoid API but is a complete rethink on config parsers. This is tremendously nicer to use as a developer, but it does give up generation capabilities and the ability to parse arbitrary, free form configs. This now assumes that you have a well defined set of configuration parameters that are strongly typed by default. Much better suited for all of my use-case scenarios, at least. YMMV.

May 18, 2016


Paranoid v2.00 is now live, It should be up on CPAN soon as well. Please be aware that with this update I've also split out three modules into their own distributions since they required optional dependencies. This removes that ambiguity:

May 13, 2016


After quite the hiatus from posting it's time to get this site up to date. While I loathe updating web sites it's not like I haven't been coding, I've just haven't been sharing. If there ever was a time to share, however, it would be now.

I've spend most of the last ten years eating my own dog food, building most of my internal (and professional) code bases on my libraries. While those libraries have been effective, they haven't always been pleasant. As I've evolved as a hacker I've had to resign myself to dealing with a pragmatic reality that has refused, in many cases, to bend to my will.

Any of you who know me personally -- apologies for that, btw -- know that I've had a very long fixation on secure programming. All effective security has a cost and finding the sweet spot between effective security and usability is a constant balancing act. Both for the user and the developer.

I have been guilty for a long time of erroring on the side of the user. Not so much in usability -- again, sorry for that ;-) -- but in trying to guarantee effective security. It is in that obsessiveness that I managed to cross both the users and the developers. The best security in the world means nothing if it's so unpleasant that no one wants to use it.

All of which brings me to one of the most important lessons I could learn as a library developer: Don't be a dick, especially to other developers. It is perhaps ironic that as a cyber-recluse it took some time for me to recognize while slinging code that "that Paranoid guy's a dick." When I don't like using my own code, there's a problem. Therefore, I must reform.

I have spent considerable time over the last year rewriting my libraries, sometimes rewriting them entirely from scratch. The intent was to make the API more enjoyable to use while minimizing any adverse impact on the security goals.

For my Perl modules most of this is in the little details. Eliminating the use of function prototypes to make it easier to pass in arguments in list form, rather than explicitly by value. Or deploying prototypes only where it makes syntax more pleasant so the developer doesn't have to explicitly pass data structures by reference. By not croaking at every imagined offense, instead just exiting with a false return value.

With some of my foundational libraries already updated the race is now on to port the rest of the software that relies on it to the new API. That does mean, unfortunately, that software on this site is effectively broken if you grab the last revs of everything and try to build with it. My commitment to you is that I finish porting the broken software to the new API by the end of the month.

So there we have it. The ogre pokes his head out of his cave and has makes his proclamation. I have no intention of stopping my existence as an ogre, but in a small deviation I am very interested in feedback to these updates as I upload them. I am very excited about these changes, it's been a revelation -- to me, at least -- how much an API can affect one's eagerness to sling new code. The old APIs had really worn me down.

I'll leave it at that. Thank you for your time. Happy hacking!