H.Merijn Brand (‎Tux‎)

• Analysis of the Test::Smoke database
• Attempt to convert that to Test2::Builder architecture (proved to be of no use)
• Extract binary data out of that 150 Gb+ database into local files
• replace bytea entries with locations of those files (new size is just over 300 Mb + 77 Gb of files on disk
• Discuss and help with new maint setup for webUI and API for Test::Smoke results. Thanks Todd Rinaldo (‎toddr‎) for picking this up!!!!
• Talk about Configure and its bus factor. Incl a podcast recording with Philippe Bruhat (‎BooK‎))
• Evaluate new Devel::Cover and help digging into failures
• Digging into Test2::Harness fallout due to installation of an old(er) version-conflict
• Fix stack corruption issue in Text::CSV_XS (Thanks Leon Timmermans (‎leont‎)!
• Many many useful discussions

Shoichi Kaji (‎skaji‎)

• Released cpm v1: https://metacpan.org/pod/App::cpm

Tina Müller (‎tinita‎)

• YAML::XS
  • Fix memory leak for trailing UTF8 octets
  • Fix detecting floats in YAML 1.2 Core Schema
• YAML::PP
  • Security: Limit default allowed maximum nesting level.

• libyaml
  • Fix Denial of Service vulnerability: Limit depth of nesting by default
  • Handle closing flow sequence after explicit key

atoomic

• Quick Summary for PSC26: Open 42 issues ; Worked on 141 PRs ; 86 Merged
• Mainly focused on Test-More/Test2-Harness refactor with 27 PRs merged
• but also updated, modernized and released v2 for perl-actions/install-with-cpm, perl-actions/install-with-cpanminus
  • update node to v24
  • several security updates
  • upstream stack up to date
  • added a few extra features: retry, cache, mirror...
• TimeDate -Worked on 14 issues
• Clone: merged 4 PRs ; release pending
• helped modernized Perl-Toolchain-Gang/Test-Smoke
• exchanged on feature requests for metacpan/metacpan-grep-front-end
• workshop: collaborate with Robert on automation Policy
• talk: AI discussion, attended Perl Core features talk from Leonerd

Thomas Klausner (‎domm‎)

• Added a local-dev setup using docker-compose to PAUSE: https://github.com/andk/pause/pull/588, already merged!
• Might have been shanghaied to look into making PAUSE an OAuth2 identity provider
• Attended a interview podcast recording about Vienna.pm with Philippe Bruhat (‎BooK‎)
• Running errands, un/locking doors, organize food etc

Paul Evans (‎LeoNerd‎)

• Presented two talks outlining upcoming or potential future core perl ideas and designs
• Lots of discussions about class/role feature design
• Fixed a small bug in the `Socket` dual-life module
• Pointed atoomic+Todd Rinaldo (‎toddr‎) at the "static cow" ability of newer perls as a nicer way to solve a `B::C` issue
• Looked into `Devel::Cover` interactions with perl's `PL_perldb` variable with Paul Johnson (‎pjcj‎)
• Lent some words on the theme of the ever-looming "AI tools" discussions
• Held an in-person PSC meeting to triage the release-blocker queue and manage some outstanding issues
• Attended a interview podcast recording with the PSC with Philippe Bruhat (‎BooK‎)

Robert Rothenberg (‎rrwo‎)

• Worked with CPANSec on various projects
  • Vulnerability discovery
    • Released a fix for Text::Minify::XS (thanks to Karl Williamson for helpful advice on handling Unicode in XS)

• CNA improving the vulnerability to fix and disclosure workflow
  • We want to reduce delays to releasing fixes and disclosing vulnerabilities, but we also want to communicate with authors in a way that does not put pressure on them.
    • CPANSec is a resource to assist authors with security issues.

• Working on a ideas with @sjn about where new kinds of metadata should go, so that authors can experiment with it over the next year.
  • Blog post(s) will be forthcoming
  • A proposal for documenting how AI and automation fits into a project (with @atoomic)
• Joined the DBI core maintenance team
• Participated in various discussions
  • AI usage meeting was lively but productive.
  • Paul Evans talks about upcoming and potential improvements.
  • Karl Williamson on UTF-8
  • Salve Nilsen's (@sjn) talks on CRA and steward organization
  • META v3 and Community Health Documentation

Christian Walde (‎Mithaldu‎)

• PPI - several releases with:
  • two separate performance fixes for features/signature parsing in large files (thanks mauke)
  • support for dotted bitwise operators (thanks BooK)
  • fixes for code location indexing (thanks myrrhlin)
  • many other small things
• had toddr help me automatically generate a lot of PPI tests (and some fixes) for currently broken behaviours
• several conversations with Leonerd on the relationship between classes and roles and better replacements for roles, as well as what makes acceptable behaviours in po syntax; and advice on how to get feedback with little effort

Andreas Koenig

• released CPAN.pm-2.39-TRIAL
• Security fixes on PAUSE
  • Ignore README or META.xxx in uploaded distributions when they are symlinks (Stig Palmquist)
  • Fix Possible timing attack in ABRA lookup (Thibault Duponchelle)
  • replace rand() with Crypt::URandom::urandom() (Thibault Duponchelle)
  • discussed some more potential security issues with Stig Palmquist and Graham Knop
• applied circa 15 pull requests to PAUSE together with Kenichi

Ishigaki

• participated in discussions about deprecation of Module::Signature

and shutdown of the email forwarding service for the CPAN*