Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package perl-Module-Signature for
openSUSE:Factory checked in at 2026-05-18 17:48:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-Module-Signature (Old)
and /work/SRC/openSUSE:Factory/.perl-Module-Signature.new.1966 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Module-Signature"
Mon May 18 17:48:07 2026 rev:28 rq:1353764 version:0.960.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/perl-Module-Signature/perl-Module-Signature.changes
2025-07-11 21:32:49.011743388 +0200
+++
/work/SRC/openSUSE:Factory/.perl-Module-Signature.new.1966/perl-Module-Signature.changes
2026-05-18 17:48:58.930696217 +0200
@@ -1,0 +2,14 @@
+Tue Apr 28 07:44:42 UTC 2026 - Tina Müller <[email protected]>
+
+- updated to 0.960.0 (0.96)
+ see /usr/share/doc/packages/perl-Module-Signature/Changes
+
+ 0.96 -- Mon Apr 27 11:27:02 ADT 2026
+ * Fix issue from last release where search keys is interactive
+ 0.95 -- Sun Apr 26 11:44:20 ADT 2026
+ * Announce deprecation of the module
+ * Update change log (forgotten in 0.94)
+ 0.94 -- Sun Apr 26 11:37:00 ADT 2026
+ * Announce deprecation of the module
+
+-------------------------------------------------------------------
Old:
----
Module-Signature-0.93.tar.gz
New:
----
Module-Signature-0.96.tar.gz
README.md
_scmsync.obsinfo
build.specials.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Module-Signature.spec ++++++
--- /var/tmp/diff_new_pack.8nHjCj/_old 2026-05-18 17:48:59.486719193 +0200
+++ /var/tmp/diff_new_pack.8nHjCj/_new 2026-05-18 17:48:59.490719358 +0200
@@ -1,7 +1,7 @@
#
# spec file for package perl-Module-Signature
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2026 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,16 +18,17 @@
%define cpan_name Module-Signature
Name: perl-Module-Signature
-Version: 0.930.0
+Version: 0.960.0
Release: 0
-# 0.93 -> normalize -> 0.930.0
-%define cpan_version 0.93
+# 0.96 -> normalize -> 0.960.0
+%define cpan_version 0.96
#Upstream: Artistic-1.0 or GPL-1.0-or-later
License: (Artistic-1.0 OR GPL-1.0-or-later) AND CC0-1.0
Summary: Module signature file manipulation
URL: https://metacpan.org/release/%{cpan_name}
Source0:
https://cpan.metacpan.org/authors/id/T/TI/TIMLEGGE/%{cpan_name}-%{cpan_version}.tar.gz
Source1: cpanspec.yml
+Source100: README.md
BuildArch: noarch
BuildRequires: perl
BuildRequires: perl-macros
@@ -85,5 +86,5 @@
%perl_gen_filelist
%files -f %{name}.files
-%doc ANDK2020.pub AUDREYT2018.pub AUTHORS Changes NIKLASHOLM2018.pub
PAUSE2022.pub SECURITY.md TIMLEGGE2024.pub
+%doc ANDK2020.pub AUDREYT2018.pub AUTHORS Changes NIKLASHOLM2018.pub
PAUSE2022.pub TIMLEGGE2024.pub
++++++ Module-Signature-0.93.tar.gz -> Module-Signature-0.96.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/Changes
new/Module-Signature-0.96/Changes
--- old/Module-Signature-0.93/Changes 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/Changes 2026-04-27 16:27:06.000000000 +0200
@@ -1,5 +1,18 @@
Revision history for Module::Signature.
+0.96 -- Mon Apr 27 11:27:02 ADT 2026
+
+* Fix issue from last release where search keys is interactive
+
+0.95 -- Sun Apr 26 11:44:20 ADT 2026
+
+* Announce deprecation of the module
+* Update change log (forgotten in 0.94)
+
+0.94 -- Sun Apr 26 11:37:00 ADT 2026
+
+* Announce deprecation of the module
+
0.93 -- Fri Jun 27 16:38:26 ADT 2025
* Fixes Issue #44 - cpansign script not installed with version 0.92
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/MANIFEST
new/Module-Signature-0.96/MANIFEST
--- old/Module-Signature-0.93/MANIFEST 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/MANIFEST 2026-04-27 16:27:06.000000000 +0200
@@ -1,4 +1,4 @@
-# This file was automatically generated by Dist::Zilla::Plugin::Manifest
v6.032.
+# This file was automatically generated by Dist::Zilla::Plugin::Manifest v6.037
ANDK2020.pub
AUDREYT2018.pub
AUTHORS
@@ -10,8 +10,6 @@
Makefile.PL
NIKLASHOLM2018.pub
PAUSE2022.pub
-SECURITY.md
-SIGNATURE
TIMLEGGE2024.pub
cpanfile
dist.ini
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/META.json
new/Module-Signature-0.96/META.json
--- old/Module-Signature-0.93/META.json 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/META.json 2026-04-27 16:27:06.000000000 +0200
@@ -4,7 +4,7 @@
"Audrey Tang <[email protected]>"
],
"dynamic_config" : 0,
- "generated_by" : "Dist::Zilla version 6.032, CPAN::Meta::Converter version
2.150010",
+ "generated_by" : "Dist::Zilla version 6.037, CPAN::Meta::Converter version
2.150013",
"license" : [
"perl_5"
],
@@ -29,7 +29,6 @@
"develop" : {
"requires" : {
"Pod::Coverage::TrustPod" : "0",
- "Software::Security::Policy::Individual" : "0",
"Test::EOF" : "0",
"Test::EOL" : "0",
"Test::More" : "0.88",
@@ -50,7 +49,7 @@
"provides" : {
"Module::Signature" : {
"file" : "lib/Module/Signature.pm",
- "version" : "0.93"
+ "version" : "0.96"
}
},
"release_status" : "stable",
@@ -64,13 +63,14 @@
"web" : "https://github.com/audreyt/module-signature";
}
},
- "version" : "0.93",
+ "version" : "0.96",
"x_contributors" : [
"Audrey Tang <[email protected]>",
"Baldur Kristinsson <[email protected]>",
"Christian Loos <[email protected]>",
"David E. Weekly <[email protected]>",
"Graham Knop <[email protected]>",
+ "Guillem Jover <[email protected]>",
"Karen Etheridge <[email protected]>",
"Kenichi Ishigaki <[email protected]>",
"Michael G. Schwern <[email protected]>",
@@ -81,11 +81,12 @@
"Timothy Legge <[email protected]>",
"Wes Young <[email protected]>"
],
- "x_generated_by_perl" : "v5.38.2",
+ "x_deprecated" : 1,
+ "x_generated_by_perl" : "v5.42.0",
"x_maintainers" : [
"Timothy Legge <[email protected]>"
],
- "x_serialization_backend" : "Cpanel::JSON::XS version 4.39",
+ "x_serialization_backend" : "Cpanel::JSON::XS version 4.40",
"x_spdx_expression" : "Artistic-1.0-Perl OR GPL-1.0-or-later"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/META.yml
new/Module-Signature-0.96/META.yml
--- old/Module-Signature-0.93/META.yml 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/META.yml 2026-04-27 16:27:06.000000000 +0200
@@ -9,7 +9,7 @@
configure_requires:
ExtUtils::MakeMaker: '6.36'
dynamic_config: 0
-generated_by: 'Dist::Zilla version 6.032, CPAN::Meta::Converter version
2.150010'
+generated_by: 'Dist::Zilla version 6.037, CPAN::Meta::Converter version
2.150013'
license: perl
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
@@ -18,20 +18,21 @@
provides:
Module::Signature:
file: lib/Module/Signature.pm
- version: '0.93'
+ version: '0.96'
requires:
File::Temp: '0'
perl: '5.010'
resources:
bugtracker:
https://rt.cpan.org/Public/Dist/Display.html?Name=Module-Signature
repository: git://github.com/audreyt/module-signature.git
-version: '0.93'
+version: '0.96'
x_contributors:
- 'Audrey Tang <[email protected]>'
- 'Baldur Kristinsson <[email protected]>'
- 'Christian Loos <[email protected]>'
- 'David E. Weekly <[email protected]>'
- 'Graham Knop <[email protected]>'
+ - 'Guillem Jover <[email protected]>'
- 'Karen Etheridge <[email protected]>'
- 'Kenichi Ishigaki <[email protected]>'
- 'Michael G. Schwern <[email protected]>'
@@ -41,7 +42,8 @@
- 'Shoichi Kaji <[email protected]>'
- 'Timothy Legge <[email protected]>'
- 'Wes Young <[email protected]>'
-x_generated_by_perl: v5.38.2
+x_deprecated: 1
+x_generated_by_perl: v5.42.0
x_maintainers:
- 'Timothy Legge <[email protected]>'
x_serialization_backend: 'YAML::Tiny version 1.76'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/Makefile.PL
new/Module-Signature-0.96/Makefile.PL
--- old/Module-Signature-0.93/Makefile.PL 2025-06-27 21:38:28.000000000
+0200
+++ new/Module-Signature-0.96/Makefile.PL 2026-04-27 16:27:06.000000000
+0200
@@ -243,7 +243,7 @@
"PREREQ_PM" => {
"File::Temp" => 0
},
- "VERSION" => "0.93",
+ "VERSION" => "0.96",
"test" => {
"TESTS" => "t/*.t"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/SECURITY.md
new/Module-Signature-0.96/SECURITY.md
--- old/Module-Signature-0.93/SECURITY.md 2025-06-27 21:38:28.000000000
+0200
+++ new/Module-Signature-0.96/SECURITY.md 1970-01-01 01:00:00.000000000
+0100
@@ -1,95 +0,0 @@
-# Security Policy for the Module-Signature distribution.
-
-Report security issues by email to Timothy Legge <[email protected]>.
-
-This is the Security Policy for Module-Signature.
-
-This text is based on the CPAN Security Group's Guidelines for Adding
-a Security Policy to Perl Distributions (version 1.3.0)
-https://security.metacpan.org/docs/guides/security-policy-for-authors.html
-
-# How to Report a Security Vulnerability
-
-Security vulnerabilities can be reported to the current Module-Signature
-maintainers by email to Timothy Legge <[email protected]>.
-
-Please include as many details as possible, including code samples
-or test cases, so that we can reproduce the issue. Check that your
-report does not expose any sensitive data, such as passwords,
-tokens, or personal information.
-
-If you would like any help with triaging the issue, or if the issue
-is being actively exploited, please copy the report to the CPAN
-Security Group (CPANSec) at <[email protected]>.
-
-Please *do not* use the public issue reporting system on RT or
-GitHub issues for reporting security vulnerabilities.
-
-Please do not disclose the security vulnerability in public forums
-until past any proposed date for public disclosure, or it has been
-made public by the maintainers or CPANSec. That includes patches or
-pull requests.
-
-For more information, see
-[Report a Security Issue](https://security.metacpan.org/docs/report.html)
-on the CPANSec website.
-
-## Response to Reports
-
-The maintainer(s) aim to acknowledge your security report as soon as
-possible. However, this project is maintained by a single person in
-their spare time, and they cannot guarantee a rapid response. If you
-have not received a response from them within 2 weeks, then
-please send a reminder to them and copy the report to CPANSec at
-<[email protected]>.
-
-Please note that the initial response to your report will be an
-acknowledgement, with a possible query for more information. It
-will not necessarily include any fixes for the issue.
-
-The project maintainer(s) may forward this issue to the security
-contacts for other projects where we believe it is relevant. This
-may include embedded libraries, system libraries, prerequisite
-modules or downstream software that uses this software.
-
-They may also forward this issue to CPANSec.
-
-# Which Software This Policy Applies To
-
-Any security vulnerabilities in Module-Signature are covered by this policy.
-
-Security vulnerabilities in versions of any libraries that are
-included in Module-Signature are also covered by this policy.
-
-Security vulnerabilities are considered anything that allows users
-to execute unauthorised code, access unauthorised resources, or to
-have an adverse impact on accessibility or performance of a system.
-
-Security vulnerabilities in upstream software (prerequisite modules
-or system libraries, or in Perl), are not covered by this policy
-unless they affect Module-Signature, or Module-Signature can
-be used to exploit vulnerabilities in them.
-
-Security vulnerabilities in downstream software (any software that
-uses Module-Signature, or plugins to it that are not included with the
-Module-Signature distribution) are not covered by this policy.
-
-## Supported Versions of Module-Signature
-
-The maintainer(s) will only commit to releasing security fixes for
-the latest version of Module-Signature.
-
-# Installation and Usage Issues
-
-The distribution metadata specifies minimum versions of
-prerequisites that are required for Module-Signature to work. However, some
-of these prerequisites may have security vulnerabilities, and you
-should ensure that you are using up-to-date versions of these
-prerequisites.
-
-Where security vulnerabilities are known, the metadata may indicate
-newer versions as recommended.
-
-## Usage
-
-Please see the software documentation for further information.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/SIGNATURE
new/Module-Signature-0.96/SIGNATURE
--- old/Module-Signature-0.93/SIGNATURE 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/SIGNATURE 1970-01-01 01:00:00.000000000 +0100
@@ -1,63 +0,0 @@
-This file contains message digests of all files listed in MANIFEST,
-signed via the Module::Signature module, version 0.93.
-
-To verify the content in this distribution, first make sure you have
-Module::Signature installed, then type:
-
- % cpansign -v
-
-It will check each file's integrity, as well as the signature's
-validity. If "==> Signature verified OK! <==" is not displayed,
-the distribution may already have been compromised, and you should
-not run its Makefile.PL or Build.PL.
-
------BEGIN PGP SIGNED MESSAGE-----
-Hash: RIPEMD160
-
-SHA256 0f80cd4bfc5ad95a0cfcdc43629c819991431e82f0a4a2dd4edf7d54f3b63d2a
ANDK2020.pub
-SHA256 1847f802a331b202eae02729e828d6b59ef4c6129020660ecd6865b67ec4dfb5
AUDREYT2018.pub
-SHA256 3b6ee84c36f61397e9aa6389836e3535eb8aa56bdc80029a90cbac347937c17d AUTHORS
-SHA256 98ea90787728d02ba46694896c483f3f57dc73206ef6d32bba3ca74d5356bdd8 Changes
-SHA256 e09b069697b77c347dcc3c490c5cb1ae7c53114b5f927fc575eb3df199d299b9
MANIFEST
-SHA256 093c47e35166ca8f4d6cb4a1d51b436809a4fca4bdb43221bd8fb67adac2e425
MANIFEST.SKIP
-SHA256 28db5703053cb3c31aaa16cbcc785e71f1b36e1147c22ef74945efecb37c91c2
META.json
-SHA256 d1119196dc2550ee1fede42040f5722be6aec3b66468d2dc43d85d5328986eb9
META.yml
-SHA256 94c24853ff3c9784e2c4de9b99c4e86f5defa1998fd597a39d93d95c456bfe88
Makefile.PL
-SHA256 c9b4cc9f924857b93a081066bdc7f120e537469c1b605e19c1f07296ac07cfdd
NIKLASHOLM2018.pub
-SHA256 57fe88a2c9a3498776dc12a9ae6bc4151028c84d3a48de6b0addf6c32e9dbb90
PAUSE2022.pub
-SHA256 45a6737b1d329679fe813871b53525ddba207312ff9e876bef10434bd7f4ef03
SECURITY.md
-SHA256 eab9484f721cdc42c6022c8008cb04b76a3b7f1c38e5299a29af0c851860ca21
TIMLEGGE2024.pub
-SHA256 3252f67401d3f78835edf53a5a4d9e41d96015953c51d6da5c1da5c741292585
cpanfile
-SHA256 737306166180c12a74014b4e4279b7212116d02b9cca171c0e6ac87904cee021
dist.ini
-SHA256 6b44a0b0ae7147503b6d1941980178aa29dffabde20e86fe6a926497f078b5d0
lib/Module/Signature.pm
-SHA256 e6141e62e08fcf698b6671ccf0181523c7257e458efa773232af8faf632c613d
maint/Makefile_header.PL
-SHA256 ec4e02abf691391b36fcee77c568582e0fc999cbdd0b1e4dce4bde3a906841a4
script/cpansign
-SHA256 020d047279c86f0d01eaa1a2e3fcbb0a9865b9477a34ad010eb0eb16666d3a93
t/0-signature.t
-SHA256 9be1e82eed0cb08514d2e3654b1396a23e5dd89ca8a5e67788ac6492697a5ce3
t/1-basic.t
-SHA256 ae0a2706d9dbe8cb3d0c3b948af76c42a9e6138bc21a45a5c82e655a412daf8a
t/2-cygwin.t
-SHA256 243dabeec125f45c94af8c7ab33bd88bd9e4bd2fc7a523fea659c967f21d70f9
t/3-verify.t
-SHA256 f4c58ea1c56f953b2a9617a587bb8f61c4d5db1a5673aa92875c186860e3407f
t/author-critic.t
-SHA256 fbe6cdd54a8c2e95b5eb624cdc1799f9ea3d28e4fca551e23738cf9a0a829e32
t/author-eof.t
-SHA256 44940655f58f6dc44fae53e70a89897162ab89db94f1d8b4221a7e242edea5da
t/author-eol.t
-SHA256 2b72be42d3eef1a6ba41eec784beed6883b7cf6cc8032a39740e5ae30f9fcb90
t/author-no-tabs.t
-SHA256 b6b98c35caa1713f7b7d10283e033065eb578adc8ac59c71ee2ed97671cfecb1
t/author-pod-coverage.t
-SHA256 305c657c6b73f10767a0ea286b8a73d693940f4cbb8b6a0a4d34e2b5a1c04635
t/author-pod-syntax.t
-SHA256 388b010fdeefd0e05309466b103204a7d6886da51a0573541bfe81023fc4e438
t/release-trailing-space.t
-SHA256 2b17f99fccb7172b580ecde8839860f5db05292ea25391d9ea60839b45d5ac9a
t/wrap.pl
-SHA256 1e55d31ce050bd8250d7f5e74afdbb050fdf34834e0925f6992400e6a35ee87a
t/wrapped-tests.bin
------BEGIN PGP SIGNATURE-----
-
-iQIzBAEBAwAdFiEEMguXHBCUSzAt6mNu1fh7LgYGpfkFAmhe8zQACgkQ1fh7LgYG
-pfk9TBAAo2goiox9WuxKXSAHOpmFbxdlMOIHeaNcB6jZXW6dURpmsfwdWOk6jlU/
-DtptpJhsbjdvgpzKarsyOi+vXVlV8A9OZRxRLBiy6Mskirvr1TOhuz+hkVAas31f
-aW6FFGfUekb9cxXKz5R+p36WAmFMToV618t6OG5BrMVf5J7FA8A3SISDnaTOrl2O
-zSVJO8nhUEehr/YubH0j9kqQXzgUZXy8hf2j/V7DJKaDhIf3BCox93y1jJT15OCL
-fdBL8Q8mBNJK9iIHeSFPfXzAIH9ONMHZgZc2ScKKLXkV4YpqMzme1OZDe1KMCR39
-YqfhjnzNqmXCro99I0rurbKetFLEI7pk9AEK0MONRjIoud0StCn7KqnLvb16AoN1
-1ly3lrWmwcFge/LeUbPp4alUVXqB1FeSjFgstnUo7F7YE3zacaOkqCXJGa403TbA
-Gc7tcoxqgK48HREzcJkW723YhPetFg+0IwOzIgKmaSfsGhGhDrjzRakmYhT/+N1n
-A4IM0ee9LJwm3WOtkiy+bXlNbqwoaErrxepxHL0zOGvM3QqTGBPffgiwimE2XiXh
-VYPFUz80pX3kqBz69TiLsbE2l/mqUGRzA+K+Hj26KhlpDEOe8x97KJGVRjLp+fB6
-7/Y3WTTSzj/Nj1HAKwDYtopPmQT1n6QA4d+geHiJPz0emdRGOmY=
-=xJXm
------END PGP SIGNATURE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/cpanfile
new/Module-Signature-0.96/cpanfile
--- old/Module-Signature-0.93/cpanfile 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/cpanfile 2026-04-27 16:27:06.000000000 +0200
@@ -1,4 +1,4 @@
-# This file is generated by Dist::Zilla::Plugin::CPANFile v6.032
+# This file is generated by Dist::Zilla::Plugin::CPANFile v6.037
# Do not edit this file directly. To change prereqs, edit the `dist.ini` file.
requires "File::Temp" => "0";
@@ -16,7 +16,6 @@
on 'develop' => sub {
requires "Pod::Coverage::TrustPod" => "0";
- requires "Software::Security::Policy::Individual" => "0";
requires "Test::EOF" => "0";
requires "Test::EOL" => "0";
requires "Test::More" => "0.88";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/dist.ini
new/Module-Signature-0.96/dist.ini
--- old/Module-Signature-0.93/dist.ini 2025-06-27 21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/dist.ini 2026-04-27 16:27:06.000000000 +0200
@@ -8,6 +8,8 @@
[Meta::Maintainers]
maintainer = Timothy Legge <[email protected]>
+[Deprecated]
+
[MakeMaker::Awesome]
header_file = maint/Makefile_header.PL
WriteMakefile_arg = %args
@@ -78,11 +80,6 @@
[Test::NoTabs]
[Test::TrailingSpace ]
-[SecurityPolicy]
--policy = Individual
-timeframe = 2 weeks
-security_contact = Timothy Legge <[email protected]>
-
[PodWeaver]
[NextRelease]
format = %v -- %{EEE MMM dd HH:mm:ss VVV yyyy}d
@@ -101,5 +98,3 @@
changelog = Changes ; this is the default
[AuthorsFromGit]
-[Signature]
-[SignReleaseNotes]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/lib/Module/Signature.pm
new/Module-Signature-0.96/lib/Module/Signature.pm
--- old/Module-Signature-0.93/lib/Module/Signature.pm 2025-06-27
21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/lib/Module/Signature.pm 2026-04-27
16:27:06.000000000 +0200
@@ -2,9 +2,9 @@
use strict;
use warnings;
-# ABSTRACT: Module signature file manipulation
+# ABSTRACT: DEPRECATED Module signature file manipulation
package Module::Signature;
-our $VERSION = '0.93'; #VERSION
+our $VERSION = '0.96'; #VERSION
use vars qw($VERSION $SIGNATURE @ISA @EXPORT_OK);
use vars qw($Preamble $Cipher $Debug $Verbose $Timeout $AUTHOR);
@@ -469,27 +469,24 @@
my $key_id;
my $key_name;
- # This doesn't work because the output from verify goes to STDERR.
- # If I try to redirect it using "--logger-fd 1" it just hangs.
- # WTF?
- my @verify = `$gpg --batch --verify $SIGNATURE`;
- while (@verify) {
- if (/key ID ([0-9A-F]+)$/) {
+ my @verify = `$gpg --batch --logger-fd 1 --verify $SIGNATURE`;
+ foreach (@verify) {
+ if (/key(?: ID)? ([0-9A-F]+)$/) {
$key_id = $1;
- } elsif (/signature from "(.+)"$/) {
+ } elsif (/signature from "(.+)"(?: \[[a-z]+\])?$/) {
$key_name = $1;
}
}
-
my $found_name;
my $found_key;
if (defined $key_id && defined $key_name) {
my $keyserver = _keyserver($version);
- while (`$gpg --batch --keyserver=$keyserver --search-keys
'$key_name'`) {
+ foreach (`$gpg --output - --keyserver=$keyserver --recv-key '$key_id'
2>&1`) {
if (/^\(\d+\)/) {
$found_name = 0;
- } elsif ($found_name) {
- if (/key \Q$key_id\E/) {
+ } elsif ($key_id) {
+ my $short_key_id = substr($key_id, (length($key_id) - 16));
+ if (/key \Q$short_key_id\E/) {
$found_key = 1;
last;
}
@@ -711,11 +708,11 @@
=head1 NAME
-Module::Signature - Module signature file manipulation
+Module::Signature - DEPRECATED Module signature file manipulation
=head1 VERSION
-version 0.93
+version 0.96
=head1 SYNOPSIS
@@ -772,6 +769,21 @@
Module::Signature - Module signature file manipulation
+=head1 DEPRECATION NOTICE
+
+B<Module::Signature> has been deprecated because it does not provide
+the user with the security assurance that its usage would imply.
+
+Module authors, who have used B<Module::Signature>, have not always
+replaced their keys before they expire. Depending on a user's
+configuration it can cause issues with the installation of those modules.
+
+In addition, since it was written, the key server infrastructure has changed
+and the ability to securely find keys has greatly diminished.
+
+Module authors should remove the SIGNATURE file when they upload new versions
+to PAUSE. Module users should uninstall B<Module::Signature>.
+
=head1 VARIABLES
No package variables are exported by default.
@@ -1052,7 +1064,7 @@
=head1 COPYRIGHT AND LICENSE
-This software is copyright (c) 2025 by waved.
+This software is copyright (c) 2026 by waved.
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/script/cpansign
new/Module-Signature-0.96/script/cpansign
--- old/Module-Signature-0.93/script/cpansign 2025-06-27 21:38:28.000000000
+0200
+++ new/Module-Signature-0.96/script/cpansign 2026-04-27 16:27:06.000000000
+0200
@@ -61,7 +61,7 @@
=head1 VERSION
-version 0.93
+version 0.96
=head1 SYNOPSIS
@@ -113,7 +113,7 @@
=head1 COPYRIGHT AND LICENSE
-This software is copyright (c) 2025 by waved.
+This software is copyright (c) 2026 by waved.
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/t/author-pod-coverage.t
new/Module-Signature-0.96/t/author-pod-coverage.t
--- old/Module-Signature-0.93/t/author-pod-coverage.t 2025-06-27
21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/t/author-pod-coverage.t 2026-04-27
16:27:06.000000000 +0200
@@ -7,7 +7,7 @@
}
}
-# This file was automatically generated by
Dist::Zilla::Plugin::PodCoverageTests.
+# This file was automatically generated by
Dist::Zilla::Plugin::PodCoverageTests
use strict;
use warnings;
use Test::Pod::Coverage 1.08;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Module-Signature-0.93/t/author-pod-syntax.t
new/Module-Signature-0.96/t/author-pod-syntax.t
--- old/Module-Signature-0.93/t/author-pod-syntax.t 2025-06-27
21:38:28.000000000 +0200
+++ new/Module-Signature-0.96/t/author-pod-syntax.t 2026-04-27
16:27:06.000000000 +0200
@@ -7,7 +7,7 @@
}
}
-# This file was automatically generated by Dist::Zilla::Plugin::PodSyntaxTests.
+# This file was automatically generated by Dist::Zilla::Plugin::PodSyntaxTests
use strict; use warnings;
use Test::More;
use Test::Pod 1.41;
++++++ README.md ++++++
## Build Results
Current state of perl in openSUSE:Factory is
The current state of perl in the devel project build (devel:languages:perl)
++++++ _scmsync.obsinfo ++++++
mtime: 1777362282
commit: b498ba49c88bae9728d365a8cd810e2968c703f19c382106de0a6b616dfe43fd
url: https://src.opensuse.org/perl/perl-Module-Signature
revision: b498ba49c88bae9728d365a8cd810e2968c703f19c382106de0a6b616dfe43fd
projectscmsync: https://src.opensuse.org/perl/_ObsPrj
++++++ build.specials.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.gitignore new/.gitignore
--- old/.gitignore 1970-01-01 01:00:00.000000000 +0100
+++ new/.gitignore 2026-04-28 09:44:42.000000000 +0200
@@ -0,0 +1 @@
+.osc
