Closed toddr closed 7 years ago
Under normal circumstances you could just patch the load line from:
use builder::MyBuilder;
to:
require './builder/MyBuilder.pm'
But this seems to produce a file in _loader which also has to be patched so I don't know the suggested patch just yet.
Looks like we'd need about 40 dists to re-roll once this is fixed. http://grep.cpan.me/?q=file%3Dminil.toml+build_class
Looks like we'd need about 40 dists to re-roll once this is fixed.
Hopefully most of those can just switch to ExtUtils::MakeMaker or Module::Build::Tiny -- Module::Build is no longer the default builder in Minilla.
Looks like we've merged the pull request. Just needs to be released.
As a result of CVE-2016-1238, In 5.26 it will be a build option to make a perl without . in @INC. This requires the script writer to be explicit if they want to load modules from relative paths.
For more info you can also see https://rt.perl.org/Ticket/Display.html?id=130467 and https://rt.perl.org/Ticket/Display.html?id=127810 for core perl discussions.
My doc is here http://blogs.perl.org/users/todd_rinaldo/2016/11/how-removing-from-inc-is-about-to-break-cpan.html
I've opened this ticket to start a discussion about fixing Minil based modules that cannot run Build.PL without . in @INC.
I've reported this in the following places: https://github.com/goccy/p5-Compiler-Lexer/pull/78 https://github.com/gfx/p5-Hash-FieldHash/pull/2 https://github.com/kazeburo/WWW-Form-UrlEncoded/pull/4 https://github.com/gfx/p5-Mouse/issues/69
The typical failure is: