Hi! I am doing SDL (security development lifecycle) as my main job, and I decided that I should apply my knowledge to my favorite perl language as a volunteer project.
I decided that I should start with running testing of XS modules with AddreessSanitizer, that should tell a lot about memory leeks and some security issues. But I met some organisational problems. Long story short: I guess whole CPAN testers team is missing, or something like that. What have I done: I found that CPAN::Reporter::Smoker module (That is needed for mass testing) does not pass tests on modern perls. It has some pull request to fix it in github, but it is 1.5 years old, and ignored. I tried to contact module's maintainer dagol...@cpan.org, but get " User unknown" error from cpan mail server. I tried to contact CPAN testers via cpan-testers-disc...@perl.org mailing list. But I guess nobody got that mail, and my message have not even been shown in mail archive. Moreover some sections of cpantesters.org site (like wiki) does not work anymore, and available only via web.archive. It've been like that for a while. And it is not good. I continued on my own, manually, found and reported first bug: https://github.com/radiator-software/p5-net-ssleay/issues/469 Net::SSLeay is also needed for automated test running, as testing results are send via https now, and Net::SSLeay is in the bottom layer of it in perl. This project is active and I am expecting this problem to be solved sooner or later. And I am going to continue when I have vacations (and I am going to have some this year) What do I need: I need somebody who has access to CPAN testers infrastructure, so my efforts can be put to good use for the benefit of perl project. I did not manage finding a way to contact them. May be you have more options, or some of you have such access rights. Let's do perl better! ;-) -- Nikolay Shaplov aka Nataraj Fuzzing Engineer at Postgres Professional Matrix IM: @dhyan:nataraj.su
signature.asc
Description: This is a digitally signed message part.
