There have been many, many mile-long threads about this on the module-authors mailing list. Everyone agrees there is a problem, but noone really knows how to effectively address it, and of course, anything has yet to happen.
One thing that is always agreed in these discussions, though, is that there will never be barriers to entry on CPAN. The fact that there is no policing is one of the major reasons for CPAN's success (much as it may be causing problems in turn), and is not going to change, ever.
Makeshifts last the longest.
| [reply] |
CPAN shouldn't allow modules that have been reliably reported to be buggy or a security risk without being documented as such, but the same goes for any other website with a collection of scripts. If it's not core, it's just another script from someone's website.
| [reply] |