On 04 May 2007, at 14:14, Michael G Schwern via RT wrote:
Show quoted text>
> Problem with that is the automated installation of CPANPLUS means
> it tries to
> install Crypt::OpenPGP which leads down a long road of compiling
> dependent XS
> modules which often don't work leading to the CPANPLUS installation
> failing.
Understood. In this case, Crypt::OpenPGP is actually optional (but
there's no
good way to express that). The reason it's required is of these reasons:
* your conf setting 'signature' is true. This is because you have
'gpg' or
'Crypt::OpenPGP' installed (default config heuristic), or enabled it
explicitly at some point.
* Because your 'prefer_bin' setting is false (again, heuristic or
disabled
exlicitly) we list the perl module as a prereq.
Logically, this all makes sense. However arguably this is much more pain
than it's worth.
Show quoted text> If Crypt::OpenPGP is not available, and gpg is, just use gpg.
> Crypt::OpenPGP
> is too complex to install.
Agreed. Even though it's not in line with the rest of the heuristics,
the
change you propose is probably far less painful. The worst that can
happen
when we make this change is that you get a warning that you should
install
Crypt::OpenPGP, it falls back to gpg and stuff keeps working anyway.
Show quoted text> Come to think of it, can't Module::Signature handle signatures? I
> haven't
> looked any deeper but it smells like a wheel is being reinvented.
Not really. We use Module::Signature and /it/ in turn wants gpg or
Crypt::OpenPGP. We're basically making sure it works out without
needing to
invoke it's hackery-pokery Makefile.PL/Module::AutoInstall stuff.
Take a peek:
http://search.cpan.org/src/AUDREYT/Module-Signature-0.55/Makefile.PL
Thanks for your feedback,
--
Jos I. Boumans RIPE Network Coordination Center
Database Group Manager Singel 258 Amsterdam NL
http://www.ripe.net +31 20 535 4444