You could indeed use eval, but you then have the tricky task of validating the name of the dependency first.

I think that you should validate the name in any case. BTW: Taint mode enforces that you validate the name.

/tmp>cat taint-require.pl
#!/usr/bin/perl -T

use strict;
use warnings;

my $mod=<STDIN>;
chomp $mod;

$mod.='.pm';
$mod=~s!(::|')!/!g;
require $mod;

print $mod->VERSION;

/tmp>chmod +x taint-require.pl

/tmp>echo Data::Dumper | taint-require.pl
Insecure dependency in require while running with -T switch at ./taint
+-require.pl line 11, <STDIN> line 1.

/tmp>

[download]
      $dep =~ s{::}{/}g;
      $dep .= ".pm";
      require $dep;

[download]

That's strictly speaking not sufficient. ' can be used as a separator in module names in place of :: (perl4 legacy). Some fun modules, like Acme::Don't, still use this feature. And perl still accepts ' in place of :::

/tmp>cat perl4-mod.pl
#!/usr/bin/perl

use strict;
use warnings;

use Data'Dumper;

print Dumper(\%INC);

/tmp>perl perl4-mod.pl
$VAR1 = {
          'warnings/register.pm' => '/usr/share/perl5/warnings/registe
+r.pm',
          'strict.pm' => '/usr/share/perl5/strict.pm',
          'constant.pm' => '/usr/share/perl5/constant.pm',
          'warnings.pm' => '/usr/share/perl5/warnings.pm',
          'overload.pm' => '/usr/share/perl5/overload.pm',
          'Exporter.pm' => '/usr/share/perl5/Exporter.pm',
          'overloading.pm' => '/usr/share/perl5/overloading.pm',
          'Carp.pm' => '/usr/share/perl5/Carp.pm',
          'XSLoader.pm' => '/usr/local/lib64/perl5/XSLoader.pm',
          'Data/Dumper.pm' => '/usr/lib64/perl5/Data/Dumper.pm',
          'bytes.pm' => '/usr/share/perl5/bytes.pm'
        };

/tmp>perl -v

This is perl 5, version 22, subversion 2 (v5.22.2) built for x86_64-li
+nux-thread-multi

Copyright 1987-2015, Larry Wall

Perl may be copied only under the terms of either the Artistic License
+ or the
GNU General Public License, which may be found in the Perl 5 source ki
+t.

Complete documentation for Perl, including FAQ lists, should be found 
+on
this system using "man perl" or "perldoc perl".  If you have access to
+ the
Internet, point your browser at http://www.perl.org/, the Perl Home Pa
+ge.


/tmp>

[download]

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

In reply to Re^2: Use 'use' in foreach by afoken
in thread Use 'use' in foreach by zidi

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.