Re^3: fetching asset files from github during installation of module from CPAN


Syntactic Confectionery Delight
	PerlMonks

Re^3: fetching asset files from github during installation of module from CPAN

by MidLifeXis (Monsignor)

on Mar 16, 2016 at 17:21 UTC ( [id://1157966]=note: print w/replies, xml )

Need Help??

in reply to Re^2: fetching asset files from github during installation of module from CPAN
in thread fetching asset files from github during installation of module from CPAN

From a code review standpoint, I would reject the use of any installation that went outside of the code provided in the package at installation time, as this would provide a mechanism to

identify users of the package
inject some unknown, unreviewed chunk of code into the dev (prod - hopefully not) environment
other creative attacks on an environment

Not saying that this is your intent, but use of that would be shot down in a heartbeat under any cursory review here.

--MidLifeXis

Comment on Re^3: fetching asset files from github during installation of module from CPAN

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://1157966]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others having a coffee break in the Monastery: (7)

As of 2024-04-25 08:23 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found