DEV Community

Gabor Szabo
Gabor Szabo

Posted on • Originally published at

Perl Weekly #617 - The business risks of using CPAN

Originally published at Perl Weekly 617

Hi there,

You might know that I talk and write a lot about Open Source and I have a number of open source projects. Mostly web applications. One of them is the CPAN Digger where I try to analyze CPAN packages and point to directions for relatively easy improvement. The most basic one would be a link to the public VCS (Version Control System) of the project.

We have some historical data points with weekly reports. Around 80% of the recently uploaded distributions have a link to their VCS. It is not bad, but is still 20% less than would be ideal. I am less happy about the fact that only 50% use any CI to check their code before it is released to CPAN.

All this boils down to trying figure out the business risks of using Open Source 3rd party libraries in general and Perl modules in particular along with ways to alleviate them.

When you or your boss think about your Perl-based application, what are the things that make you worry? Do you bump into issues with modules that are not fixed? If you try to fix the issues, do you feel that it is hard to understand the code of the module?

What would make your life as a programmer using Perl easier? What would make your manager happier? Write a blog post. Comment on this issue or reply to me in private!

Enjoy your week!

Your editor: Gabor Szabo.


Time for another TPRC 2023 update!

The conference is getting close. I wish I could go.

2023 TRPC Hackathon

The Perl and Raku Conference for 2023 will again feature a Hackathon Room. On July 10th, the Marketing Committee plans to coordinate activities for projects that have a broad impact on Perl

perldelta v5.38.0 (Draft)

What will change in the next version of Perl?


Friday card game - metadata

Friday is a solo board game. Sounds interesting.

Data::Resolver alternatives yield... alternatives

Data::Resolver provides both a unified interface to resolve keys to data (available as file, filehandle, or in-memory), as well as a few concrete implementations to do this on the filesystem and with TAR files.

Top 10 Cloud Provider Comparison 2023: VM Performance / Price

I always feel overwhelmed when I need to select a VM on one of the cloud providers. What do the different CPU types mean? How will the impact the performance of my application? etc.

Mission (Almost) Accomplished

Dave writes: 'This is, of course, a supremely unimportant fix in the grand scheme of things. But I think it illustrates an important issue that the Perl community should be thinking about. The community is shrinking. Or, at least, the part of the community that supports CPAN modules and runs our important infrastructure is shrinking. CPAN is full of modules that are now unsupported.' You can comment on this here.


Artistic 2.0 VS GPL 3.0

Most CPAN modules are release with a license that says 'as Perl' referring to the Artistic 2.0 license. So how is it different from GPL 3.0?


HTTP-Tiny: verify_SSL (Draft PR)

Apparently there is a security issue with HTTP::Tiny. Here is the pull-request if you'd like to comment.

The Weekly Challenge

The Weekly Challenge by Mohammad Anwar will help you step out of your comfort-zone. You can even win prize money of $50 Amazon voucher by participating in the weekly challenge. We pick one winner at the end of the month from among all of the contributors during the month. The monthly prize is kindly sponsored by Peter Sergeant of PerlCareers.

The Weekly Challenge - 216

Welcome to a new week with a couple of fun tasks "Registration Number" and "Word Stickers". If you are new to the weekly challenge then why not join us and have fun every week. For more information, please read the FAQ.

RECAP - The Weekly Challenge - 215

Enjoy a quick recap of last week's contributions by Team PWC dealing with the "Odd one Out" and "Number Placement" tasks in Perl and Raku. You will find plenty of solutions to keep you busy.

Meet The Champion - Ali Moradi

Better late than never, please checkout the interview with Ali Moradi.

Odd Placement

Cool and crispy one-liner in Raku showing off the powerful features. Thanks for your contributions as always.

Bad Words and Looking For Zeros

Clever use of $ARGV to get the job done. Keep it up great work.

PWC 215 Odd One Out, Number Placement

I loved the simplicity in the description of process. Too good to be missed. Thank you.

PWC215 - Odd One Out

Reading Raku solutions seems like a poetry, very smart. Just loved it. Thank you.

PWC215 - Number Placement

As always, "The questions" section is the highlight of the post. You don't want to miss out. Keep sharing your knowledge with us.

Perl Weekly Challenge: Week 215

I liked the approach of using common sense as we get to the end result. It makes so much sense. Nice work.

The Weekly Challenge 215

Smart and clever use of ternary to make the code looks elegant. Thank you for sharing the knowledge every week.

Perl Weekly Challenge 215: Odd One Out and Number Placement

USP of the post is always to see how Perl and Raku get the job done. It is amazing. Thank you for your contributions.

Perl Weekly Challenge 215

Welcome back and thanks for your contributions. We all missed you.

Perl Weekly Challenge 215

Master of Perl one-liner is at his best as always. Enjoy the power of Perl. Thank you.

Adopt a chilly ghost

Clean one-liner in Perl and well documented solution as always. Great work, keep it up.

The Weekly Challenge #215

Good catch with regard to the special cases and the way it is processed. Very smart, well done.

Placing the Odd

Simple and easy, no over-engineered approach. We even got bonus Rust solution discusses. Thank you for your contributions.

Weekly Challenge 215

Brute force approach can be handy at times. Good one and keep it up.

PWC 215

Procedural approach makes the end result so clean and easy to follow. Well done.

Weekly collections

NICEPERL's lists

Great CPAN modules released last week;
MetaCPAN weekly report;
StackOverflow Perl report.

The corner of Gabor

A couple of entries sneaked in by Gabor.

The risk of Open Source vs. proprietary 3rd party libraries

Using 3rd party libraries always have risks. If you buy them from a company you might have the fuzzy feeling that you will be supported no matter what. If you use Open Source you might be exposed to risk that a purchase of propriatary package hides from you.


The Perl and Raku Conference 2023

July 11-13, 2023, Toronto, Canada

Perl and Koha

August 14-18, 2023, Helsinki, Finland

Perl Jobs by Perl Careers

Perl Programmer with Rust Experience - UK Remote

Are you a talented Perl programmer with Rust experience looking to work for a cutting-edge enterprise tech publisher that’s at the forefront of the industry? Look no further than our client, a renowned publisher that provides unique news and stimulating perspectives on the enterprise tech that powers businesses across the globe.

Bold, beautiful, and… brainy? Senior Perl roles in Malaysia, Dubai and Malta

With all the knowledge in your big, beautiful brain, it’s time to join a company that appreciates your breadth of experience. Our client provides online trading services and with offices in Dubai, Malta, and Malaysia, they’ve got the global reach that may provide the challenge you’re looking for. They know that a seasoned Perl pro is just what their team needs as they expand.

Perl Programmer Opportunity - Join a Prominent Tech Publishing Powerhouse in the Philippines

Our UK-based client is a global leader in the enterprise technology publishing industry, providing audiences worldwide with stimulating perspectives and unique news on enterprise tech that matters today and tomorrow. They are currently seeking a passionate and exceptional Perl programmer based in the Philippines to join their team.

You joined the Perl Weekly to get weekly e-mails about the Perl programming language and related topics.

Want to see more? See the archives of all the issues.

Not yet subscribed to the newsletter? Join us free of charge!

(C) Copyright Gabor Szabo
The articles are copyright the respective authors.

Top comments (0)