-
The `@cpan.org` mail redirector is very unreliable, and unlikely to be improved. We should move away from using it.
Currently, logging in to a PAUSE account sends an email to their `@cpan.org` addr…
haarg updated
3 weeks ago
-
### Current Behavior
Dependency Track currently reaches out to various APIs for gather vulnerability data and to package managers for detailed component information. For certain deployments, it would…
-
If a module version is flagged by [CPAN::Audit](https://metacpan.org/pod/CPAN::Audit), then it might be helpful to see something in the UI for a module to indicate that it might have security issues, …
-
Once the cpan security charter is complete, we should include it on the website.
garu updated
3 months ago
-
How does one join the CPAN Security group?
For now we don't have a formal process, so no vetting or chain of trust.
-
### Description
I'm working on (and have published) a couple of stateDiagrams that seem to be broken with the v11.1.0 renderer.
**Found:**
You can find them "live" here: https://github.com/CP…
-
OWASP recommends that organizations adopt an [Open Source Policy](https://scvs.owasp.org/scvs/guidance-open-source-policy/) that takes Open Source dependencies into their security considerations.
I'm…
-
Transcribed verbatim from CPAN RT#122744, warts and all.
Tue Aug 08 05:20:08 2017 victor [...] vsespb.ru - Ticket created
Subject: HandleError receives statement handle, despite the docs
Doc…
-
I've been away from perl development for many, many years, but I'm wondering if there is really missed any possibility to check installed CPAN modules for reported security problems and update the mod…
-
Module: `Attribute::Handlers`
### Description
Basically what the title says. If an attribute is specified on a private subroutine (e.g. `my sub foobar : ATTR(CODE) {}`) symbols go missing and co…