CPAN is for sharing, not for perfection

Of course, and who said anything about perfection - if you've read my posts here, I've never demanded perfection. Software always has, and always will, contain bugs (Apart from TeX, supposedly :)

But CPAN is one of our most important plus points - perl without CPAN would be far less attractive. I've checked inside a few modules and have been a bit alarmed by some of them.

Have you ever just installed something with CPANPLUS and gone with it? If not, I'll respectfully suggest you're probably in a minority. If, as you seem to suggest, CPAN authors can do what they want, is it ok to release a module containing a few system rm -rf calls in it? An extreme example, but little or no error checking can create real problems that are tricky to track down and may not become apparent until much later.

This draconian sense of entitlement that you have is really repulsive and won't convince anyone

Well that's IYHO - what draconian sense of entitlement exactly? Have you really read what I'm saying?

I'm hardly being draconian by stating that it would be a good idea if CPAN authors always thought about error checking before releasing a module. That's good for everyone (ok, nearly everyone - I'm not attempting to be a spokesperson for anyone but myself), not just me, isn't it?

I'm not arguing to prevent authors from posting code to CPAN, but maybe code should go through a basic audit (security, error checking etc) of somekind before reaching CPAN.

If the argument is that anything can, and should go onto CPAN, then maybe ratings needs to be expanded to include security and error checking ratings - with the author always being given time to correct any problems before ratings are made public. That's the way a lot of commercial security issues are handled - maybe something similar could be introduced.

Ok you don't like what I'm saying - that's fine. Please post your view instead - not a one liner if possible, but a more detailed discussion. I'm happy to try to understand where you're coming from, and based on that I'm open to modifying my own viewpoint - I really *don't* have fixed views on this, but what I'm saying *is* based off using code in production environments.

Thanks

In reply to Re: Re: Re: Re: Re: Re: <rant>CPAN modules failing to check for write errors</rant> by Anonymous Monk
in thread <rant>CPAN modules failing to check for write errors</rant> by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.