Skip Menu |

This queue is for tickets about the Term-ProgressBar CPAN distribution.

Report information
The Basics
Id: 56008
Status: resolved
Priority: 0/
Queue: Term-ProgressBar
People
Owner: Nobody in particular
Requestors: miyagawa [...] gmail.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Sat Mar 27 18:17:47 2010 miyagawa [...] gmail.com - Ticket created
Subject: MANIFEST.SKIP and 0-signature.t
Date: Sat, 27 Mar 2010 15:17:35 -0700
To: bug-Term-ProgressBar [...] rt.cpan.org
From: Tatsuhiko Miyagawa <miyagawa [...] gmail.com>
the signature testing is useless in CPAN distributions since when CPAN clients run this test, perl Build.PL is already executed and that PL file can do anything malicious. testing SIGNATURE in *.t (./Build test) is too late. That said, your distribution contains signature testing *and* MANIFEST.SKIP, which causes issues with recent Module::Build. You have two options: a) remove 0-signature.t CPAN clients when correctly configured verify the SIGNATURE *before* running configuration tool, so this test is not necessary b) remove MANIFEST.SKIP from the distribution latest ExtUtils::Manifest automatically ignores MYMETA.yml which causes this SIGNATURE mismatch, but since you have your own MANIFEST.SKIP it doesn't work. either of which is just so easy. -- Tatsuhiko Miyagawa
  Sun Mar 28 00:24:25 2010 ANDK [...] cpan.org - Correspondence added
I believe option (c) would be: add ^MYMETA\. to MANIFEST.SKIP to support more recent versions of Module::Build. And I believe (d) would be: add #!include_default to the MANIFEST.SKIP to include all current defaults of ExtUtils::Manifest. This would need to be accompanied by a 'build_requires => { ExtUtils::Manifest => 1.58 } I'm actually a fan of the signature.t test because they have found bugs in the past. Tests that have found bugs should be fixed when they do not work, so let's try to make the list of options exhaustive.
  Sun Mar 28 00:24:28 2010 The RT System itself - Status changed from 'new' to 'open'
  Sun Mar 28 00:27:18 2010 miyagawa [...] gmail.com - Correspondence added
Subject: Re: [rt.cpan.org #56008] MANIFEST.SKIP and 0-signature.t
Date: Sat, 27 Mar 2010 21:27:07 -0700
To: bug-Term-ProgressBar [...] rt.cpan.org
From: Tatsuhiko Miyagawa <miyagawa [...] gmail.com>
Or make the signature test an author test -- since again it's pointless to do in the end users machine IMO. On Sat, Mar 27, 2010 at 9:24 PM, Andreas Koenig via RT <bug-Term-ProgressBar@rt.cpan.org> wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=56008 > > > I believe option (c) would be: add ^MYMETA\. to MANIFEST.SKIP to support > more recent versions of Module::Build. > > And I believe (d) would be: add #!include_default to the MANIFEST.SKIP > to include all current defaults of ExtUtils::Manifest. This would need > to be accompanied by a 'build_requires => { ExtUtils::Manifest => 1.58 } > > I'm actually a fan of the signature.t test because they have found bugs > in the past. Tests that have found bugs should be fixed when they do not > work, so let's try to make the list of options exhaustive. >
-- Tatsuhiko Miyagawa
  Wed May 16 05:19:42 2012 SZABGAB [...] cpan.org - Correspondence added
a) and c) were implemented.
  Wed May 16 05:19:43 2012 SZABGAB [...] cpan.org - Status changed from 'open' to 'resolved'