in reply to Re^3: Getting Fed Up with ActiveState
in thread Getting Fed Up with ActiveState
Addressing your remark about special cases: It wasn't me who started doing those binary releases of PAR. I just became responsible for the PAR releases and continued ongoing practice.
Whether 15 versions of Template::Toolkit should be supplied via CPAN is an entirely different question than whether we should add various PPM packages per distribution.
Furthermore, I do know organizations who only allow thoroughly inspected code to be used. But that doesn't matter. It's a question of principle.
Why would you view the authors of source distributions as trustworthy, and those same people packaging those same modules in binary form as untrustworthy? If you have the processes and procedures in place to verify the integrity of your systems when you build a module from CPAN via a source distribution, those same processes and procedures should also be used to detect miscreant binary installations.
That's ridiculous. Disassemble shared libraries? I don't think so. Also, you suggested that anybody should be able to upload PPMs for any modules.
Steffen
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^5: Getting Fed Up with ActiveState
by BrowserUk (Patriarch) on Dec 03, 2006 at 21:00 UTC | |
by tsee (Curate) on Dec 03, 2006 at 22:02 UTC |
In Section
Meditations