Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

comment on

( [id://3333]=superdoc: print w/replies, xml ) Need Help??

OK, so I'll go and take the flak...

I don't think the problem is necessarily with security, I think it is with the total absence of quality control or at least ranking on CPAN.

I use quite a few modules from CPAN, and I am usually pretty satisfied with them... as long as I stick to "reputable" modules. On the other hand a cursory analysis of a somehow random sample of CPAN modules shows, as Dominus puts it so nicely "a lot of crap"!

Now how do I determine that a module is "reputable"? Well I've heard CGI.pm was used by a bunch of people ;--) so it is reputable, then everybody keeps yelling "use LWP!" and "use File::Find" so I guess they are OK too, and MJD's ego is too big to release a piece of crap with his name on, so Text::Template qualifies and if not, Template::Toolkit won a prize so it should be OK. Oh, and there's books about DBI and TK, so maybe I'll add them. Add a couple more and you have the list of those modules I use (or would use) with a reasonable degree of confidence.

On the other hand when I look at the number of XML modules on CPAN and the general level of quality and support you get for them I am a little scared. It goes from a widely used module changing interface and no longer backward compatible without changing major version, to the maintainer of another widely used module disappearing from the surface of this Earth (and thus his module not being able to cope with the aforementioned loss of compatibility), to "things" that are not (and apparently will never be) a complete module stored on CPAN, to (my personal favorite) maintainers unable to support a module because they "will do an internship at Microsoft so (they) won't have access to a computer this summer"... and all of those modules are presented the same way to unsuspecting users.

Now you tell me, how is joe user supposed to know which module he can safely use and which one will result in terrible pain and suffering debugging a module's code? For an unknown module, written by an unknown author, I'd say only thorough testing can help, and I see no shame in weighting this against rewriting the module (or at least the parts of the module that cover the required functionalities).

So yes CPAN is great, there's some great modules and an unbelievable amount of work in there. But there's also a good deal of crap and no easy way to figure out which is what.

That's it for my fit against CIH (CPAN Is Holy) ;--)


In reply to Re: A Fit on NIH by mirod
in thread A Fit on NIH by footpad

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (7)
As of 2024-03-28 14:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found