Hello community,
here is the log from the commit of package perl-UNIVERSAL-require for openSUSE:Factory checked in at 2015-04-15 16:27:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-UNIVERSAL-require (Old)
and /work/SRC/openSUSE:Factory/.perl-UNIVERSAL-require.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-UNIVERSAL-require"
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-UNIVERSAL-require/perl-UNIVERSAL-require.changes 2014-02-28 16:22:27.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.perl-UNIVERSAL-require.new/perl-UNIVERSAL-require.changes 2015-04-15 16:27:27.000000000 +0200
@@ -1,0 +2,17 @@
+Tue Apr 14 17:34:48 UTC 2015 - coolo@suse.com
+
+- updated to 0.18
+ see /usr/share/doc/packages/perl-UNIVERSAL-require/Changes
+
+ 0.18 2015-02-24
+ - Skip the taint test if Perl was compiled without taint support.
+ RAZ++
+ - Changed use of "use vars" to "our"
+ - Added strict and warnings to PREREQ_PM
+
+ 0.17 2014-04-19
+ - Check for valid module names. RT#94866 from TOBYINK.
+ - Changed used of die() to croak() RT#23113
+ - Fixed typo in pod (fschlich++)
+
+-------------------------------------------------------------------
Old:
----
UNIVERSAL-require-0.16.tar.gz
New:
----
UNIVERSAL-require-0.18.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-UNIVERSAL-require.spec ++++++
--- /var/tmp/diff_new_pack.BqO6Bz/_old 2015-04-15 16:27:27.000000000 +0200
+++ /var/tmp/diff_new_pack.BqO6Bz/_new 2015-04-15 16:27:27.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package perl-UNIVERSAL-require
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: perl-UNIVERSAL-require
-Version: 0.16
+Version: 0.18
Release: 0
%define cpan_name UNIVERSAL-require
Summary: require() modules from a variable
@@ -43,7 +43,7 @@
$module->require;
-It doesn't save you much typing, but it'll make alot more sense to someone
+It doesn't save you much typing, but it'll make a lot more sense to someone
who's not a ninth level Perl acolyte.
%prep
++++++ UNIVERSAL-require-0.16.tar.gz -> UNIVERSAL-require-0.18.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/Changes new/UNIVERSAL-require-0.18/Changes
--- old/UNIVERSAL-require-0.16/Changes 2014-02-04 00:55:34.000000000 +0100
+++ new/UNIVERSAL-require-0.18/Changes 2015-02-24 19:08:25.000000000 +0100
@@ -1,5 +1,16 @@
Revision history for Perl module UNIVERSAL::require
+0.18 2015-02-24
+ - Skip the taint test if Perl was compiled without taint support.
+ RAZ++
+ - Changed use of "use vars" to "our"
+ - Added strict and warnings to PREREQ_PM
+
+0.17 2014-04-19
+ - Check for valid module names. RT#94866 from TOBYINK.
+ - Changed used of die() to croak() RT#23113
+ - Fixed typo in pod (fschlich++)
+
0.16 2014-02-03
- All seems fine with previous dev release
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/META.json new/UNIVERSAL-require-0.18/META.json
--- old/UNIVERSAL-require-0.16/META.json 2014-02-04 00:56:13.000000000 +0100
+++ new/UNIVERSAL-require-0.18/META.json 2015-02-24 19:08:52.000000000 +0100
@@ -4,7 +4,7 @@
"Michael G Schwern "
],
"dynamic_config" : 1,
- "generated_by" : "ExtUtils::MakeMaker version 6.86, CPAN::Meta::Converter version 2.133380",
+ "generated_by" : "ExtUtils::MakeMaker version 7.02, CPAN::Meta::Converter version 2.143240",
"license" : [
"perl_5"
],
@@ -35,8 +35,11 @@
},
"runtime" : {
"requires" : {
+ "Carp" : "0",
"Test::More" : "0.47",
- "perl" : "5.006"
+ "perl" : "5.006",
+ "strict" : "0",
+ "warnings" : "0"
}
}
},
@@ -51,5 +54,5 @@
"web" : "https://github.com/neilbowers/UNIVERSAL-require"
}
},
- "version" : "0.16"
+ "version" : "0.18"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/META.yml new/UNIVERSAL-require-0.18/META.yml
--- old/UNIVERSAL-require-0.16/META.yml 2014-02-04 00:56:13.000000000 +0100
+++ new/UNIVERSAL-require-0.18/META.yml 2015-02-24 19:08:52.000000000 +0100
@@ -3,15 +3,15 @@
author:
- 'Michael G Schwern '
build_requires:
- ExtUtils::MakeMaker: 0
+ ExtUtils::MakeMaker: '0'
configure_requires:
- ExtUtils::MakeMaker: 0
+ ExtUtils::MakeMaker: '0'
dynamic_config: 1
-generated_by: 'ExtUtils::MakeMaker version 6.86, CPAN::Meta::Converter version 2.133380'
+generated_by: 'ExtUtils::MakeMaker version 7.02, CPAN::Meta::Converter version 2.143240'
license: perl
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
- version: 1.4
+ version: '1.4'
name: UNIVERSAL-require
no_index:
directory:
@@ -20,9 +20,12 @@
package:
- UNIVERSAL
requires:
- Test::More: 0.47
- perl: 5.006
+ Carp: '0'
+ Test::More: '0.47'
+ perl: '5.006'
+ strict: '0'
+ warnings: '0'
resources:
license: http://dev.perl.org/licenses/
repository: git://github.com/neilbowers/UNIVERSAL-require.git
-version: 0.16
+version: '0.18'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/Makefile.PL new/UNIVERSAL-require-0.18/Makefile.PL
--- old/UNIVERSAL-require-0.16/Makefile.PL 2014-02-03 13:23:57.000000000 +0100
+++ new/UNIVERSAL-require-0.18/Makefile.PL 2015-02-24 19:07:03.000000000 +0100
@@ -20,7 +20,10 @@
AUTHOR => 'Michael G Schwern ',
PREREQ_PM => {
- Test::More => 0.47
+ 'Test::More' => 0.47,
+ 'Carp' => 0,
+ 'strict' => 0,
+ 'warnings' => 0,
},
($mm_ver >= 6.31 ? (LICENSE => 'perl') : ()),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/lib/UNIVERSAL/require.pm new/UNIVERSAL-require-0.18/lib/UNIVERSAL/require.pm
--- old/UNIVERSAL-require-0.16/lib/UNIVERSAL/require.pm 2014-02-04 00:55:06.000000000 +0100
+++ new/UNIVERSAL-require-0.18/lib/UNIVERSAL/require.pm 2015-02-24 19:07:23.000000000 +0100
@@ -1,5 +1,5 @@
package UNIVERSAL::require;
-$UNIVERSAL::require::VERSION = '0.16';
+$UNIVERSAL::require::VERSION = '0.18';
# We do this because UNIVERSAL.pm uses CORE::require(). We're going
# to put our own require() into UNIVERSAL and that makes an ambiguity.
@@ -11,9 +11,12 @@
use 5.006;
use strict;
use warnings;
+use Carp;
-use vars qw($Level);
-$Level = 0;
+# regexp for valid module name. Lifted from Module::Runtime
+my $module_name_rx = qr/[A-Z_a-z][0-9A-Z_a-z]*(?:::[0-9A-Z_a-z]+)*/;
+
+our $Level = 0;
=pod
@@ -47,7 +50,7 @@
$module->require;
-It doesn't save you much typing, but it'll make alot more sense to
+It doesn't save you much typing, but it'll make a lot more sense to
someone who's not a ninth level Perl acolyte.
=head1 Methods
@@ -75,10 +78,12 @@
$UNIVERSAL::require::ERROR = '';
- die("UNIVERSAL::require() can only be run as a class method")
+ croak("UNIVERSAL::require() can only be run as a class method")
if ref $module;
- die("UNIVERSAL::require() takes no or one arguments") if @_ > 2;
+ croak("invalid module name '$module'") if $module !~ /\A$module_name_rx\z/;
+
+ croak("UNIVERSAL::require() takes no or one arguments") if @_ > 2;
my($call_package, $call_file, $call_line) = caller($Level);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/t/require.t new/UNIVERSAL-require-0.18/t/require.t
--- old/UNIVERSAL-require-0.16/t/require.t 2013-03-08 21:57:57.000000000 +0100
+++ new/UNIVERSAL-require-0.18/t/require.t 2014-04-19 00:59:11.000000000 +0200
@@ -1,6 +1,6 @@
#!/usr/bin/perl -Tw
-use Test::More tests => 16;
+use Test::More tests => 15;
use_ok "UNIVERSAL::require";
use lib qw(t);
@@ -32,8 +32,9 @@
my $evil = "Dummy; Test::More::fail('this should never be called');";
-ok !$evil->require;
-isnt $@, '';
+eval { $evil->require };
+ok($@ && $@ =~ /invalid module name/,
+ "trying to add trailing code should fail early due to a bad module name");
# make sure $@ and ERROR are set appropriately
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/UNIVERSAL-require-0.16/t/taint.t new/UNIVERSAL-require-0.18/t/taint.t
--- old/UNIVERSAL-require-0.16/t/taint.t 2013-03-08 21:57:57.000000000 +0100
+++ new/UNIVERSAL-require-0.18/t/taint.t 2015-02-24 19:02:57.000000000 +0100
@@ -1,10 +1,14 @@
#!/usr/bin/perl -Tw
use strict;
-use Test::More tests => 2;
+use Config;
+use Test::More $Config{ccflags} =~ /-DSILENT_NO_TAINT_SUPPORT/
+ ? ( skip_all => 'No taint support' ) : ( tests => 2 );
use UNIVERSAL::require;
-my $tainted = $0."bogus";
-ok !eval { $tainted->require or die $@};
+my $tainted = $0;
+$tainted =~ s/\A.*\z/bananas/;
+
+ok !eval { $tainted->require or die $@ };
like $@, '/^Insecure dependency in require /';