Path::IsDev - Determine if a given Path resembles a development source tree
version 0.2.2
use Path::IsDev qw(is_dev); if( is_dev('/some/path') ) { ... } else { ... }
This module is more or less a bunch of heuristics for determining if a given path is a development tree root of some kind.
This has many useful applications, notably ones that require behaviours for "installed" modules to be different to those that are still "in development"
Debug callback.
To enable debugging:
export PATH_ISDEV_DEBUG=1
is_dev
Using an import'ed is_dev:
import
if( is_dev( $path ) ) { }
Though the actual heuristics used will be based on how import was called.
Additionally, you can call
Path::IsDev::is_dev
without importing anything, and it will behave exactly the same as if you'd imported it using
use Path::IsDev qw( is_dev );
That is, no set specification is applicable, so you'll only get the "default".
set
Path::IsDev has a system of "sets" of Heuristics, in order to allow for pluggable and flexible heuristic types.
Path::IsDev
Though, for the vast majority of cases, this is not required.
use Path::IsDev is_dev => { set => 'Basic' }; use Path::IsDev is_dev => { set => 'SomeOtherSet' , -as => 'is_dev_other' };
If for whatever reason the Basic set is insufficient, or if it false positives on your system for some reason, the "default" set can be overridden.
Basic
export PATH_ISDEV_DEFAULT_SET="SomeOtherSet" ... use Path::IsDev qw( is_dev ); is_dev('/some/path') # uses SomeOtherSet
Though this will only take priority in the event the set is not specified during import
If this poses a security concern for the user, then this security hole can be eliminated by declaring the set you want in code:
export PATH_ISDEV_DEFAULT_SET="SomeOtherSet" ... use Path::IsDev is_dev => { set => 'Basic' }; is_dev('/some/path') # uses Basic, regardless of ENV
Its conceivable, than an evil user could construct an evil set, containing arbitrary and vulnerable code, and possibly stash that evil set in a poorly secured privileged users @INC
And if they managed to achieve that, if they could poison the privileged users %ENV, they could trick the privileged user into executing arbitrary code.
Though granted, if you can do either of those 2 things, you're probably security vulnerable anyway, and granted, if you could do either of those 2 things you could do much more evil things by the following:
export PERL5OPT="-MEvil::Module"
So with that in understanding, saying this modules default utility is "insecure" is mostly a bogus argument.
And to that effect, this module does nothing to "lock down" that mechanism, and this module encourages you to NOT force a set, unless you NEED to, and strongly suggests that forcing a set for the purpose of security will achieve no real improvement in security, while simultaneously reducing utility.
Kent Fredric <kentfredric@gmail.com>
This software is copyright (c) 2013 by Kent Fredric <kentfredric@gmail.com>.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install Path::IsDev, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Path::IsDev
CPAN shell
perl -MCPAN -e shell install Path::IsDev
For more information on module installation, please visit the detailed CPAN module installation guide.