YAML 1.23_001
Security Advisories
Loading globs is easily exploitable.
Fixed version: >=1.28
Reported: 2019-04-27
YAML loader can run DESTROY method of object created with perl/* tag.
Fixed version: >=1.25
Reported: 2017-05-10
Kwalitee Issues
- no_mymeta_files
-
Update MANIFEST.SKIP to exclude MYMETA files. If you are lazy, add "#!install_default" in your MANIFEST.SKIP and update your ExtUtils::Manifest if necessary, then some of the most common files will be excluded.
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: YAML::Dumper, YAML::Dumper::Base, YAML::Error, YAML::Loader, YAML::Loader::Base, YAML::Marshall, YAML::Mo, YAML::Node, YAML::Tag, YAML::Types
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: YAML::Dumper, YAML::Dumper::Base, YAML::Error, YAML::Loader, YAML::Loader::Base, YAML::Marshall, YAML::Mo, YAML::Node, YAML::Tag, YAML::Types
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- meta_yml_has_repository_resource
-
Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.