Yes, and it shows how your security rules keep you safe: Just copy the code from the modules manually into your codebase. It means you won't get any security fixes, but hey, you're safe ;-)
($q=q:Sq=~/;[c](.)(.)/;chr(-||-|5+lengthSq)`"S|oS2"`map{chr |+ord
}map{substrSq`S_+|`|}3E|-|`7**2-3:)=~y+S|`+$1,++print+eval$q,q,a,
| [reply]
[d/l] |
Of course. Everything on CPAN is open source. Simply read the source, understand it and re-implement it in your protected environment.
| [reply] |
Maybe the code-stack then suddenly claims to be company-owned, so their company could claim our open source to be their code and thus try to put their rights to it, which is not allowed.
So just copying the code is allowed and would work as long as the original attributions are maintained, at which point he might not be allowed to copy open source code into their code-base.
Safety is sometimes subjective :)
I don't know if having a git repo with 10 years of history is enough proof to lawyers to acknowledge code property rights.
Enjoy, Have FUN! H.Merijn
| [reply] |
We have security requirements in our industry to not install additional modules.
Incredible stupid policy. How should that make anything more secure? People will find crappy workarounds, like copying existing code from CPAN or poorly reimplementing the wheel. Copying code will prevent any security and bugfix updates from happening, so that policy makes your software insecure. And please don't make start ranting about reimplementing wheels. I've seen far too much crappy code written by incompetent people in areas where bugs could hurt or kill people.
With policies at this stupidy level, I would try to get the policies removed. If that fails, I would quit the job.
Alexander
--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
| [reply] |