Perl::Critic::Policy::ValuesAndExpressions::ProhibitComplexVersion - Prohibit version values from outside the module. |
Perl::Critic::Policy::ValuesAndExpressions::ProhibitComplexVersion - Prohibit version values from outside the module.
This Policy is part of the core Perl::Critic distribution.
One tempting way to keep a group of related modules at the same version number
is to have all of them import the version number from a designated module. For
example, module Foo::Master
could be the version master for the Foo
package, and all other modules could use its $VERSION
by
use Foo::Master; our $VERSION = $Foo::Master::VERSION;
This turns out not to be a good idea, because all sorts of unintended things
can happen - anything from unintended version number changes to
denial-of-service attacks (since Foo::Master
is executed by the 'use').
This policy examines statements that assign to $VERSION
, and declares a
violation under two circumstances: first, if that statement uses a
fully-qualified symbol that did not originate in a package declared in the
file; second if there is a use
statement on the same line that makes the
assignment.
By default, an exception is made for use version;
because of its
recommendation by Perl Best Practices. See the forbid_use_version
configuration variable if you do not want an exception made for use
version;
.
The construction
use version; our $VERSION = qv('1.2.3');
is exempt from this policy by default, because it is recommended by Perl Best
Practices. Should you wish to identify use version;
as a violation, add the
following to your perlcriticrc file:
[ValuesAndExpressions::ProhibitComplexVersion] forbid_use_version = 1
This code assumes that the hallmark of a violation is a 'use' on the same line
as the $VERSION
assignment, because that is the way to have it seen by
ExtUtils::MakeMaker->parse_version(). Other ways to get
a version value from outside the module can be imagined, and this policy is
currently oblivious to them.
Thomas R. Wyant, III wyant at cpan dot org
Copyright (c) 2009-2011 Tom Wyant.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The full text of this license can be found in the LICENSE file included with this module.
Perl::Critic::Policy::ValuesAndExpressions::ProhibitComplexVersion - Prohibit version values from outside the module. |