Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Comment on

( #3333=superdoc: print w/replies, xml ) Need Help??

Your premise appears to be that loading the module in order to obtain it's $VERSION is inherently unsafe; and you are attempting to reimplement some subset of the perl parser in order to avoid that "risk"; but if your module library is compromised enough that the risk of loading the modules it contains is real, how are you going to cater for the risk that your module is the one that has been compromised?

Further, what is the point in determining a module's $VERSION safely, when to use that module, you will need to load it? At which point it's version would be available to you, but you would of course have exposed yourself to the risk of it's being evaluated.

The only useful, non-paranoia uses I can see for this, would be: a) scanning the entire installed library and obtaining the versions of all the modules without ending up with them all loaded in your process; or b) risking 'collisions' between modules by loading them all simultaneously; but that would more easily be done by spawning one-liners that load the modules and print their $VERSION thereby isolating each from the next.

my @allmodules = map{ ... } @INC; ... for my $module ( @allmodules ) { print "$module :", `perl -M$module le"\$${module}::VERSION"`; }

I agree with Schwern.


Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
Lingua non convalesco, consenesco et abolesco. -- Rule 1 has a caveat! -- Who broke the cabal?
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.

In reply to Re: Is Module::SafeVersion a Waste of Time? by BrowserUk
in thread Is Module::SafeVersion a Waste of Time? by Ovid

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    [ambrus]: Today I accidentally cut my hand while carrying a computer. On the display part of the motherboard that sticks out at the back of the chasis and has ports, there's this thin metal sheet with holes cut for the ports, to guide plugs into the sockets.
    [ambrus]: This sheet has sharp needle-like parts, 0.004 long and less than 0.001 wide, that can get bent to point outwards, and one of these cut into my palm when I lifted the box.
    [ambrus]: So now when I choose what motherboard to buy for my new home computer, I have one more specific property to guide me. Useful, because there's so many different boards to choose from.

    How do I use this? | Other CB clients
    Other Users?
    Others surveying the Monastery: (10)
    As of 2017-01-16 19:36 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      Do you watch meteor showers?




      Results (151 votes). Check out past polls.