Skip Menu |

This queue is for tickets about the Module-Build CPAN distribution.

Report information
The Basics
Id: 119788
Status: rejected
Priority: 0/
Queue: Module-Build
People
Owner: Nobody in particular
Requestors: leonerd-cpan [...] leonerd.org.uk
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 0.4220
Fixed in: (no value)

History Show all quoted text
  Tue Jan 10 12:00:38 2017 leonerd-cpan [...] leonerd.org.uk - Ticket created
Subject: M::B 0.4220 seems to interfere with "." in @INC
Under perl 5.24 we no longer have "." in @INC. I have several unit tests unprepared for this change, which therefore ought to fail on perl 5.24. When I build with Module::Build version 0.4218 that is indeed what happens: $ perlmodversion Module::Build 0.4218 $ ./Build test ... t/90ex_bencode.t .......... Can't locate examples/parse-bencode.pl in @INC (@INC contains: /home/leo/src/perl/Parser-MGC/blib/lib /home/leo/src/perl/Parser-MGC/blib/arch /home/leo/lib/perl5/x86_64-linux-gnu-thread-multi /home/leo/lib/perl5 /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at t/90ex_bencode.t line 8. t/90ex_bencode.t .......... Dubious, test returned 2 (wstat 512, 0x200) However, on upgrading to 0.4220 erroneously passes this test, causing a false-positive PASS on local testing which then fails for CPAN smokers, upstream users, etc.. depending on their exact version of M::B. -- Paul Evans
  Tue Jan 10 12:12:03 2017 leonerd-cpan [...] leonerd.org.uk - Correspondence added
Ah. I should perhaps add that actually, a plain 5.24 doesn't (yet) remove ".", but that behaviour seems to be from my debian config file: $ cat /etc/perl/sitecustomize.pl # This script is only provided as a transition mechanism for # removing the current working directory from the library search path # while leaving a temporary way to override this locally. # # If you really need "." to be on @INC globally, you can comment # this away for now. However, please note that this facility # is expected to be removed after the Debian stretch release, # at which point any code in this file will not have any effect. # # Please see CVE-2016-1238 for background information on the risks # of having "." on @INC. pop @INC if $INC[-1] eq '.' and !$ENV{PERL_USE_UNSAFE_INC}; -- Paul Evans
  Tue Jan 10 15:07:04 2017 ether [...] cpan.org - Correspondence added
On 2017-01-10 09:00:38, PEVANS wrote: Show quoted text
> However, on upgrading to 0.4220 erroneously passes this test, causing a false-positive PASS on local testing which then fails for CPAN smokers, upstream users, etc.. depending on their exact version of M::B.
Curious.. I don't see any commits for 0.42_19 or 0.4220 pertaining to dot-in-INC, so it doesn't appear to be an intentional change. We should try to bisect this to identify what commit is to blame.
  Tue Jan 10 15:07:05 2017 The RT System itself - Status changed from 'new' to 'open'
  Tue Jan 10 15:13:27 2017 ether [...] cpan.org - Correspondence added
On 2017-01-10 12:07:04, ETHER wrote: Show quoted text
> On 2017-01-10 09:00:38, PEVANS wrote:
> > However, on upgrading to 0.4220 erroneously passes this test, causing > > a false-positive PASS on local testing which then fails for CPAN > > smokers, upstream users, etc.. depending on their exact version of > > M::B.
> > Curious.. I don't see any commits for 0.42_19 or 0.4220 pertaining to > dot-in-INC, so it doesn't appear to be an intentional change. > > We should try to bisect this to identify what commit is to blame.
I see from reading #p5p that the incorrectly-passing Module::Build was installed from debian (which patched the source to use PERL_USE_UNSAFE_INC), not cpan, so the fault is not here in our code. closing.
  Tue Jan 10 15:13:33 2017 ether [...] cpan.org - Status changed from 'open' to 'rejected'