Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"

Comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
What happens if there's a security bug in an underlying module which makes it necessary for you to upgrade it?

You have disqualified yourself from the target user if have multiple versions of the same things install, and you have a clue about security.

1. Find every instance of that module and update it in place, making sure that you break none of the applications in the process.
The part about "making sure you break none of the applications" is required step for all applications that use the module, whether you upgrade it one place or multiple places. And that's where most of the work. The "find every instance" would be a simple "find", if you didn't already know by memory or from documentation.
2. Wait for all applications to release a new version with the upgraded module, which can take days to months, leaving you vulnerable in the meantime.

This could be solved be the infrastructure. Remember the "auto generated packages"? When a new module is published to CPAN the package depends on, a new bundle could be available immediately. (Perhaps because the bundles would be generated on the fly or with smart caching). Like Linux distro packaging systems, the bundle name might include a revision in addition to the version, indicating that the bundled prereqs have been updated.

Additionally, encouraging the practice of using "private" versions of modules will lead to brittle applications which assume they know exactly which kind of environment they're working in, as well as a plethora of "tweaked" versions of modules for each app.
Remember the design? The distributions would be regular CPAN distributions with regular dependencies. I'm just talking about generating an additional alternate view for end users. Since the authors are CPAN uploaders, they won't suddenly lose a clue about good software practices.
Frankly, I don't consider [the shared web hosting] usage scenario important enough to make things harder for the rest of us.

Ouch. This attitude of not caring about end users may do something to explain why several PHP applications now at the top of my list for features and end-user ease-of-use, even though I would prefer a Perl solution: osCommerce, PhpPgAdmin, PhpBB, PhpAds, WordPress, Drupal.

The net effect is that I'm now learning some PHP to light customizations to osCommerce and Drupal, because as a pragmatic user, they already have extensions written for them that do about everything I want.

Unless I've missed something in my research, Perl's got some catching up to do in the end-user killer web-app category, and I think some infrastructure focused on that could really help.

The result would actually be better, because in the background we would be using many of the well-documented, well-coded and well-tested we're already familiar with from CPAN.

In reply to Re^2: A Vision for Easy Web Application Deployment for Perl by markjugg
in thread A Vision for Easy Web Application Deployment for Perl by markjugg

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?

    What's my password?
    Create A New User
    [Discipulus]: what about a good 'ol SOPW?
    [erix]: Giro d'Italia won by Dumoulin (peccato Nibali)
    [ELISHEVA]: csv_detect_bom doesn't work either
    [erix]: (SCNR)
    [ELISHEVA]: I may have to resort to SOPW - but was hoping that this would be something simple
    [erix]: I'd just remove the BOM, it is pretty simple
    [ELISHEVA]: Simple yes. and I did consider that. but this isn't one off . An important data source that I don't control is generating bom prefixed utf8 files and I'd rather not have to be munging files every few months.
    [erix]: on teh other hand a SOPW is pretty much garanteed to get an answer from tux (and probably the module fixed)
    [ELISHEVA]: plus it bugs me that something that *should* be simple, *should* work- unicode and noms aren't exactly the new kids on the block
    [ELISHEVA]: well then since the obvious possible mistakes on my part have been ruled out, SOPW it is.

    How do I use this? | Other CB clients
    Other Users?
    Others avoiding work at the Monastery: (9)
    As of 2017-05-28 20:32 GMT
    Find Nodes?
      Voting Booth?