Closed depressed-pho closed 1 year ago
rlauer6
commented
1 year ago I believe the intent of the eval around the require was to prevent $encryption_key from being set. If there is no encryption key then no attempt is made to encrypt or decrypt. Does this produce an error for you?
depressed-pho
commented
1 year ago Let me restate the problem. Amazon::S3 uses Crypt::CBC and Crypt::Blowfish but its META.json does not have them listed in its /prereqs/runtime/requires. This causes package managers to miss the fact that these two modules are in fact required to actually use Amazon::S3.
rlauer6
commented
1 year ago Thanks for the clarification, however the latest version (0.63) of the module does not use Crypt::CBC or use Crypt::Blowfish . The package requires them in order to make it an optional feature. You are not required to have these modules installed in order to use or install the package, however they are required if you want to have your credentials encrypted.
Unless I missed something here?...note that CPAN testers test the module in environments that only include the core packages and packages that are mentioned in the META.json. Test reports for this module have not indicated that installation of the package fails.
depressed-pho
commented
1 year ago Understood. Thank you for your explanation. I thought those requires were for loading modules lazily but I was wrong about it.
This module uses
Crypt::CBCandCrypt::Blowfish: https://github.com/rlauer6/perl-amazon-s3/blob/master/src/main/perl/lib/Amazon/S3.pm.in#L167But they aren't listed as dependencies: https://github.com/rlauer6/perl-amazon-s3/blob/master/cpan/requires