Tell me, what would be the advantages of an all-controlling CPAN site?

A quality-control mechanism of some kind. Whether this is through authorized people reviewing the source code of modules or through some sort of module or author voting/ranking system. I'm aware CPAN isn't currently doing this, and it would involve a very large amount of work, but I believe it would prove advantageous.

Think of the current situation, do you conduct testing and thorough code reviews of every CPAN module you use? I do because I'm required to (and trust me, it sucks). This is a rather major problem facing large businesses wanting to use Perl. If you're wondering, oddly enough, my company's policy does not require I do this for core modules.

I don't see a relation between a centrally controlled CPAN site, and a quality control mechanism. You can now start a quality control mechanism, and for that, you do not need to modify how CPAN works. OTOH, turning CPAN into an all-controlling site doesn't make quality control happen.

Well, I don't think it's odd for large business to do some testing before using random pieces of code downloaded from the internet before using them in their programs. In fact, I would find it odd for a business *not* to do so. Regardless whether that piece of code was written in Perl, C, Java or vi macros. Core modules are part of the main distribution, and those have been through the hands of p5p - who has a proven track record of producing good code. But Joe Random Hacker does not.

Abigail

Thanks for the reply. With regards to being able to start a quality control mechanism now, are you just referring to signing the modules? If so, how would you deal with other CPAN mirrors not following the practice? Any other suggestions how to go about creating a quality-control mechanism?