Hashbang.ca

Posts

Book review: Site Reliability Engineering
Diagnosing performance degradation under adverse circumstances
CSRF vulnerability at CloudAtCost.com
Legal issues in computer security research
Recovering from Heartbleed
Mike will be a Googler
Upgrading encrypted Android devices
Exploring Canada's computer crime laws: Part 3
Exploring Canada's computer crime laws: Part 2
Exploring Canada's computer crime laws: Part 1
How to run a question period
Validating SSL certificates for IRC bouncers
Introducing Hack::Natas
Presenting my Natas solutions at NSLUG
SSL configuration on nginx
Server-side security war games: Part 16
Server-side security war games: Part 15
Server-side security war games: Part 14
Server-side security war games: Part 13
Server-side security war games: Part 12

Tags

acme activemq advocacy agile android apache atlseccon bash bdfoy biella book-review bug busybox c-11 canada cfaa chromatic cli co-op coding-freedom conference copyright corba cpan crime crypto csp csrf curl cyanogenmod dagolden dal dancer dbix-class debian deployment design dhcp docs doy drdc drm dzil font foss gedit git google hacking hci heartbleed ide incident infosec ingy irc jacinta jamesgannon java journalism kentnl lawful-access leagueofmovabletype leont linux luks lvm lwp marketing memcached mgeist miyagawa mmims mock mod_perl modern-perl module-build moose movabletype mst natas nginx nickdepetrillo noose nslug obra oo p5p patch path-tiny performance perl perl5i php plack politics prepan psych pythian quinnorton regex release rjbs roadmap rolsky rwstauner schwern scm sf spying sql sre ssl survillance talks techpolicy testing thanks tls twitter typography ui unicode updated utf8 vuln wall waterfall wifi windows wordpress xss yanick yapc youtube

Customise

White
Black
Blue
Green
Grey

Dist::Zilla::Plugin::Twitter gets an OAuth update

My pluginbundle for Dist::Zilla includes, among other things, the Twitter plugin so I can brag on Twitter every time I release a module. Mysteriously, it broke one day. Looking at the code, I realized that it was sending my username and password to authenticate. I remember being uneasy with that at the time I set it up, but I quickly forgot, and continued along blithely. OAuth is an authorization standard that allows users to avoid giving their username & password to a potentially-untrusted application. Using OAuth has been requested since 2011, and the 401 Unauthorized error I got indicates that now it is mandatory for Twitter.

David Golden offered to let me maintain the module, and I’m a sucker, so… :D

Another word on namespaces

Kent Frederic’s recent post about Dist::Zilla minting profiles was a great overview of the subject, but because I try to follow best practices, I was struck by the section “A word on namespaces.”

Kent recommends that if you’re making an author pluginbundle, you should name it Dist::Zilla::PluginBundle::Author::$CPANID. This extra bit of namespacing makes life easier for many people in many ways. I was immediately convinced that he was right, and moved my author stuff into appropriate author namespaces.