CPAN Security Group (CPANSec)

Welcome to the CPAN Security Group. This is a community effort for supporting and responding to security incidents on CPAN – the Comprehensive Perl Archive Network.

This group also cares about security-related topics around CPAN distributions, the CPAN/PAUSE infrastructure, and about tooling and the ecosystem in general. Over time, we aim to improve supply chain security, make CPAN a more secure and trustworthy publishing platform, and more.

Contact us

On CPAN, improving security is a volunteer-driven collaborative effort. If you care and would like to make a contribution, you can…

• Join us in our IRC channel, #cpan-security on irc.perl.org
• Send a mail to <cpan-security@perl.org>
• Subscribe to @cpan_security@perl.social on the Fediverse

Resources

• Our main website
• IRC channel (web client)
• Github organization
• Projects
• Documents
  • Group charter (Work in progress)
  • Reading list (Work in progress)
  • Pre-Release Disclosure Agreement
  • How to Report a Security Issue
• Presentations about us and our work