in reply to Testing with Test::Mock::HTTP::Tiny

G'day Bod,

Not an answer to your question but a heads-up regarding a security vulnerability with HTTP::Tiny: CVE-2023-31486.

The module documentation discusses this. Two of the easiest fixes would be: 

# Change
use HTTP::Tiny;
# to
use HTTP::Tiny 0.083;

[download]

or

# Change
my $http = HTTP::Tiny->new;
# to
my $http = HTTP::Tiny->new(verify_SSL => 1);

[download]

— Ken

Replies are listed 'Best First'.
Re^2: Testing with Test::Mock::Tiny::HTTP
by Bod (Parson) on Sep 27, 2023 at 18:17 UTC

    Thanks Ken,

    I've changed to use HTTP::Tiny 0.083; and also set this as the minimum version in Makefile.PL

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom