Re^3: Project Metadata Model

Except that Makefile.PL is an executable file, and if you want the data it contains, you need to run it. Run it and hope that it doesn't hose your system.

Module::Package (which I use) is just a wrapper for Module::Install - which itself is mostly a wrapper for ExtUtils::MakeMaker.

Comment on Re^3: Project Metadata Model

Replies are listed 'Best First'.
Re^4: Project Metadata Model by educated_foo (Vicar) on Jan 30, 2012 at 00:02 UTC
It's not that hard to parse a simple Makefile.PL, and a pile of RDF can't represent a complicated one anyways (e.g. can RDF prompt the user for optional deps?). If you want to make things really easy for yourself, use a standard format for your Makefile.PL, which your tools know how to parse. Besides, if you're honestly dealing with modules you trust so little, you should probably audit all the code, including both Makefile.PL and the big pile of stuff in inc/. In any case, CPAN Testers somehow manages to run oodles of untrusted code without any systems being hosed.	[reply]

Replies are listed 'Best First'.

Re^4: Project Metadata Model
by educated_foo (Vicar) on Jan 30, 2012 at 00:02 UTC

all

In any case, CPAN Testers somehow manages to run oodles of untrusted code without any systems being hosed.

[reply]