Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package perl-HTTP-Tiny for openSUSE:Factory
checked in at 2023-07-03 17:44:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-HTTP-Tiny (Old)
and /work/SRC/openSUSE:Factory/.perl-HTTP-Tiny.new.13546 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-HTTP-Tiny"
Mon Jul 3 17:44:29 2023 rev:17 rq:1096607 version:0.086
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-HTTP-Tiny/perl-HTTP-Tiny.changes
2022-08-16 17:08:30.484015244 +0200
+++ /work/SRC/openSUSE:Factory/.perl-HTTP-Tiny.new.13546/perl-HTTP-Tiny.changes
2023-07-03 17:44:49.833441012 +0200
@@ -1,0 +2,17 @@
+Mon Jul 3 11:27:12 UTC 2023 - Lars Vogdt <l...@linux-schulserver.de>
+
+- updated to 0.086
+ see /usr/share/doc/packages/perl-HTTP-Tiny/Changes
+0.086 2023-06-22 10:06:37-04:00 America/New_York
+ [FIXED]
+ - Fix code to use `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` as
documented.
+0.084 2023-06-14 06:35:01-04:00 America/New_York
+ - No changes from 0.083-TRIAL.
+0.083 2023-06-11 07:05:45-04:00 America/New_York (TRIAL RELEASE)
+ [!!! SECURITY !!!]
+ - Changes the `verify_SSL` default parameter from `0` to `1`.
+ Fixes CVE-2023-31486 (bsc#1211002)
+ - `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` can be used to restore the
+ old default if required.
+
+-------------------------------------------------------------------
Old:
----
HTTP-Tiny-0.082.tar.gz
New:
----
HTTP-Tiny-0.086.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-HTTP-Tiny.spec ++++++
--- /var/tmp/diff_new_pack.ccwD4k/_old 2023-07-03 17:44:50.357444097 +0200
+++ /var/tmp/diff_new_pack.ccwD4k/_new 2023-07-03 17:44:50.361444121 +0200
@@ -1,7 +1,7 @@
#
# spec file for package perl-HTTP-Tiny
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define cpan_name HTTP-Tiny
Name: perl-HTTP-Tiny
-Version: 0.082
+Version: 0.086
Release: 0
License: Artistic-1.0 OR GPL-1.0-or-later
Summary: Small, simple, correct HTTP/1.1 client
++++++ HTTP-Tiny-0.082.tar.gz -> HTTP-Tiny-0.086.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/Changes new/HTTP-Tiny-0.086/Changes
--- old/HTTP-Tiny-0.082/Changes 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/Changes 2023-06-22 16:06:45.000000000 +0200
@@ -1,5 +1,25 @@
Release notes for HTTP-Tiny
+0.086 2023-06-22 10:06:37-04:00 America/New_York
+
+ [FIXED]
+
+ - Fix code to use `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` as
documented.
+
+0.084 2023-06-14 06:35:01-04:00 America/New_York
+
+ - No changes from 0.083-TRIAL.
+
+0.083 2023-06-11 07:05:45-04:00 America/New_York (TRIAL RELEASE)
+
+ [!!! SECURITY !!!]
+
+ - Changes the `verify_SSL` default parameter from `0` to `1`.
+ Fixes CVE-2023-31486.
+
+ - `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` can be used to restore the
+ old default if required.
+
0.082 2022-07-25 09:45:34-04:00 America/New_York
- No changes from 0.081-TRIAL.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/LICENSE new/HTTP-Tiny-0.086/LICENSE
--- old/HTTP-Tiny-0.082/LICENSE 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/LICENSE 2023-06-22 16:06:45.000000000 +0200
@@ -1,4 +1,4 @@
-This software is copyright (c) 2022 by Christian Hansen.
+This software is copyright (c) 2023 by Christian Hansen.
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.
@@ -12,7 +12,7 @@
--- The GNU General Public License, Version 1, February 1989 ---
-This software is Copyright (c) 2022 by Christian Hansen.
+This software is Copyright (c) 2023 by Christian Hansen.
This is free software, licensed under:
@@ -272,7 +272,7 @@
--- The Artistic License 1.0 ---
-This software is Copyright (c) 2022 by Christian Hansen.
+This software is Copyright (c) 2023 by Christian Hansen.
This is free software, licensed under:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/MANIFEST new/HTTP-Tiny-0.086/MANIFEST
--- old/HTTP-Tiny-0.082/MANIFEST 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/MANIFEST 2023-06-22 16:06:45.000000000 +0200
@@ -1,4 +1,4 @@
-# This file was automatically generated by Dist::Zilla::Plugin::Manifest
v6.025.
+# This file was automatically generated by Dist::Zilla::Plugin::Manifest
v6.030.
CONTRIBUTING.mkdn
Changes
LICENSE
@@ -80,6 +80,7 @@
corpus/redirect-08.txt
corpus/redirect-09.txt
corpus/redirect-10.txt
+corpus/snake-oil.crt
cpanfile
dist.ini
eg/get.pl
@@ -115,6 +116,7 @@
t/161_basic_auth.t
t/162_proxy_auth.t
t/170_keepalive.t
+t/180_verify_SSL.t
t/200_live.t
t/200_live_local_ip.t
t/210_live_ssl.t
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/META.json
new/HTTP-Tiny-0.086/META.json
--- old/HTTP-Tiny-0.082/META.json 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/META.json 2023-06-22 16:06:45.000000000 +0200
@@ -5,7 +5,7 @@
"David Golden <dagol...@cpan.org>"
],
"dynamic_config" : 0,
- "generated_by" : "Dist::Zilla version 6.025, CPAN::Meta::Converter version
2.150010",
+ "generated_by" : "Dist::Zilla version 6.030, CPAN::Meta::Converter version
2.150010",
"license" : [
"perl_5"
],
@@ -111,7 +111,7 @@
"provides" : {
"HTTP::Tiny" : {
"file" : "lib/HTTP/Tiny.pm",
- "version" : "0.082"
+ "version" : "0.086"
}
},
"release_status" : "stable",
@@ -126,7 +126,7 @@
"web" : "https://github.com/chansen/p5-http-tiny";
}
},
- "version" : "0.082",
+ "version" : "0.086",
"x_authority" : "cpan:DAGOLDEN",
"x_contributors" : [
"Alan Gardner <gard...@pythian.com>",
@@ -168,6 +168,7 @@
"SkyMarshal <skymarshal1...@gmail.com>",
"S\u00f6ren Kornetzki <soeren.kornet...@delti.com>",
"Steve Grazzini <steve.grazz...@grantstreet.com>",
+ "Stig Palmquist <g...@stig.io>",
"Syohei YOSHIDA <syo...@gmail.com>",
"Tatsuhiko Miyagawa <miyag...@bulknews.net>",
"Tom Hukins <t...@eborcom.com>",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/META.yml new/HTTP-Tiny-0.086/META.yml
--- old/HTTP-Tiny-0.082/META.yml 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/META.yml 2023-06-22 16:06:45.000000000 +0200
@@ -22,7 +22,7 @@
ExtUtils::MakeMaker: '6.17'
perl: '5.006'
dynamic_config: 0
-generated_by: 'Dist::Zilla version 6.025, CPAN::Meta::Converter version
2.150010'
+generated_by: 'Dist::Zilla version 6.030, CPAN::Meta::Converter version
2.150010'
license: perl
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
@@ -39,7 +39,7 @@
provides:
HTTP::Tiny:
file: lib/HTTP/Tiny.pm
- version: '0.082'
+ version: '0.086'
recommends:
HTTP::CookieJar: '0.001'
IO::Socket::IP: '0.32'
@@ -61,7 +61,7 @@
bugtracker: https://github.com/chansen/p5-http-tiny/issues
homepage: https://github.com/chansen/p5-http-tiny
repository: https://github.com/chansen/p5-http-tiny.git
-version: '0.082'
+version: '0.086'
x_authority: cpan:DAGOLDEN
x_contributors:
- 'Alan Gardner <gard...@pythian.com>'
@@ -103,6 +103,7 @@
- 'SkyMarshal <skymarshal1...@gmail.com>'
- 'Sören Kornetzki <soeren.kornet...@delti.com>'
- 'Steve Grazzini <steve.grazz...@grantstreet.com>'
+ - 'Stig Palmquist <g...@stig.io>'
- 'Syohei YOSHIDA <syo...@gmail.com>'
- 'Tatsuhiko Miyagawa <miyag...@bulknews.net>'
- 'Tom Hukins <t...@eborcom.com>'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/Makefile.PL
new/HTTP-Tiny-0.086/Makefile.PL
--- old/HTTP-Tiny-0.082/Makefile.PL 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/Makefile.PL 2023-06-22 16:06:45.000000000 +0200
@@ -1,4 +1,4 @@
-# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker
v6.025.
+# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker
v6.030.
use strict;
use warnings;
@@ -42,7 +42,7 @@
"lib" => 0,
"open" => 0
},
- "VERSION" => "0.082",
+ "VERSION" => "0.086",
"test" => {
"TESTS" => "t/*.t"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/README new/HTTP-Tiny-0.086/README
--- old/HTTP-Tiny-0.082/README 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/README 2023-06-22 16:06:45.000000000 +0200
@@ -2,7 +2,7 @@
HTTP::Tiny - A small, simple, correct HTTP/1.1 client
VERSION
- version 0.082
+ version 0.086
SYNOPSIS
use HTTP::Tiny;
@@ -79,12 +79,18 @@
open, read or write takes longer than the timeout, the request
response status code will be 599.
- * "verify_SSL" â A boolean that indicates whether to validate the SSL
- certificate of an "https" â connection (default is false)
+ * "verify_SSL" â A boolean that indicates whether to validate the
+ TLS/SSL certificate of an "https" â connection (default is true).
+ Changed from false to true in version 0.083.
* "SSL_options" â A hashref of "SSL_*" â options to pass through to
IO::Socket::SSL
+ * $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} - Changes the default
+ certificate verification behavior to not check server identity if
+ set to 1. Only effective if "verify_SSL" is not set. Added in
+ version 0.083.
+
An accessor/mutator method exists for each attribute.
Passing an explicit "undef" for "proxy", "http_proxy" or "https_proxy"
@@ -305,11 +311,11 @@
Note: This method cannot reliably be used to discover whether the remote
host has closed its end of the socket.
-SSL SUPPORT
+TLS/SSL SUPPORT
Direct "https" connections are supported only if IO::Socket::SSL 1.56 or
greater and Net::SSLeay 1.49 or greater are installed. An error will
occur if new enough versions of these modules are not installed or if
- the SSL encryption fails. You can also use "HTTP::Tiny::can_ssl()"
+ the TLS encryption fails. You can also use "HTTP::Tiny::can_ssl()"
utility function that returns boolean to see if the required modules are
installed.
@@ -317,32 +323,23 @@
CONNECT command (i.e. RFC 2817). You may not proxy "https" via a proxy
that itself requires "https" to communicate.
- SSL provides two distinct capabilities:
+ TLS/SSL provides two distinct capabilities:
* Encrypted communication channel
* Verification of server identity
- By default, HTTP::Tiny does not verify server identity.
+ By default, HTTP::Tiny verifies server identity.
- Server identity verification is controversial and potentially tricky
- because it depends on a (usually paid) third-party Certificate Authority
- (CA) trust model to validate a certificate as legitimate. This
- discriminates against servers with self-signed certificates or
- certificates signed by free, community-driven CA's such as CAcert.org
- <http://cacert.org>.
-
- By default, HTTP::Tiny does not make any assumptions about your trust
- model, threat level or risk tolerance. It just aims to give you an
- encrypted channel when you need one.
-
- Setting the "verify_SSL" attribute to a true value will make HTTP::Tiny
- verify that an SSL connection has a valid SSL certificate corresponding
- to the host name of the connection and that the SSL certificate has been
- verified by a CA. Assuming you trust the CA, this will protect against a
- man-in-the-middle attack
- <http://en.wikipedia.org/wiki/Man-in-the-middle_attack>. If you are
- concerned about security, you should enable this option.
+ This was changed in version 0.083 due to security concerns. The previous
+ default behavior can be enabled by setting
+ $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} to 1.
+
+ Verification is done by checking that that the TLS/SSL connection has a
+ valid certificate corresponding to the host name of the connection and
+ that the certificate has been verified by a CA. Assuming you trust the
+ CA, this will protect against machine-in-the-middle attacks
+ <http://en.wikipedia.org/wiki/Machine-in-the-middle_attack>.
Certificate verification requires a file containing trusted CA
certificates.
@@ -351,10 +348,7 @@
try to find a CA certificate file in that location.
If the Mozilla::CA module is installed, HTTP::Tiny will use the CA file
- included with it as a source of trusted CA's. (This means you trust
- Mozilla, the author of Mozilla::CA, the CPAN mirror where you got
- Mozilla::CA, the toolchain used to install it, and your operating system
- security, right?)
+ included with it as a source of trusted CA's.
If that module is not available, then HTTP::Tiny will search several
system-specific default locations for a CA certificate file:
@@ -365,13 +359,23 @@
* /etc/ssl/ca-bundle.pem
+ * /etc/openssl/certs/ca-certificates.crt
+
+ * /etc/ssl/cert.pem
+
+ * /usr/local/share/certs/ca-root-nss.crt
+
+ * /etc/pki/tls/cacert.pem
+
+ * /etc/certs/ca-certificates.crt
+
An error will be occur if "verify_SSL" is true and no CA certificate
file is available.
- If you desire complete control over SSL connections, the "SSL_options"
- attribute lets you provide a hash reference that will be passed through
- to "IO::Socket::SSL::start_SSL()", overriding any options set by
- HTTP::Tiny. For example, to provide your own trusted CA file:
+ If you desire complete control over TLS/SSL connections, the
+ "SSL_options" attribute lets you provide a hash reference that will be
+ passed through to "IO::Socket::SSL::start_SSL()", overriding any options
+ set by HTTP::Tiny. For example, to provide your own trusted CA file:
SSL_options => {
SSL_ca_file => $file_path,
@@ -379,7 +383,7 @@
The "SSL_options" attribute could also be used for such things as
providing a client certificate for authentication to a server or
- controlling the choice of cipher used for the SSL connection. See
+ controlling the choice of cipher used for the TLS/SSL connection. See
IO::Socket::SSL documentation for details.
PROXY SUPPORT
@@ -589,6 +593,8 @@
* Steve Grazzini <steve.grazz...@grantstreet.com>
+ * Stig Palmquist <g...@stig.io>
+
* Syohei YOSHIDA <syo...@gmail.com>
* Tatsuhiko Miyagawa <miyag...@bulknews.net>
@@ -600,7 +606,7 @@
* Xavier Guimard <y...@debian.org>
COPYRIGHT AND LICENSE
- This software is copyright (c) 2022 by Christian Hansen.
+ This software is copyright (c) 2023 by Christian Hansen.
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/corpus/snake-oil.crt
new/HTTP-Tiny-0.086/corpus/snake-oil.crt
--- old/HTTP-Tiny-0.082/corpus/snake-oil.crt 1970-01-01 01:00:00.000000000
+0100
+++ new/HTTP-Tiny-0.086/corpus/snake-oil.crt 2023-06-22 16:06:45.000000000
+0200
@@ -0,0 +1,33 @@
+Generated with:
+
+ openssl req -new -newkey rsa:4096 -x509 -new -nodes -sha256 -days 7300
-keyout /dev/null -out snake-oil.crt -subj '/CN=snake.oil/'
+
+-----BEGIN CERTIFICATE-----
+MIIFCTCCAvGgAwIBAgIUUUWe96AgoaW3pyYxlJfMxUMA6bgwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJc25ha2Uub2lsMB4XDTIzMDUyMTE1NDkxMVoXDTQzMDUx
+NjE1NDkxMVowFDESMBAGA1UEAwwJc25ha2Uub2lsMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAnScXg4MGa6CmCFOYzr8ggzqsDAR0CoVdOaqQ6XtRoRcP
+PzptoqHDFtr4NqWwmeWAGIcey6CKFZXsm9LvPly/VUDDjctYZig3UoLaoQpygwae
+2BgslsfuhwomxXuinatF6bo1vz+EaRpASJyHOBOp3Yvh2cLSXmD+YuTU8rci1IG/
+FFmjsrftPsxKFZiI9meAtsGayQGdUIBsEvawhs5y7TDcblPfbBM21sg3touTrfzZ
+Yk9dXd7hX3uq5ZX4H9BWcqeGux3speYC2STClnGMl8DqGdAV4XssbFCVqIhvmzrW
+L6Ce9vt0x/gxQQB4EYJlvECSqm7IiwO85I8XJ04EzmVU4e2+c1B7WS/swhGLr8JJ
+4yk/gbCe98ErU3ccnXPzZznNQXTt2iAQLqa5zNDmxjzyZXhDA1nijg2cJb1RnQVu
+m5YrUXOXt9b5664nLCVUf0s/yMqPbcIUA3puAPS6BgDEExnYL48rmTT1gazMO6S5
+ZwpycEVkwYUFj364vIHJvQO0xB54dqNul9kMLUwPLmP9H6nBIsGgJhZCAp+WDEzp
+Y4eqp0drTlJlpfjd/QOaOsKZgwrqiD0yh35bj43zcVHKaFYGLcS8M1+XlbYNYx90
+w7+GpbY+MebCYF//dXAFXzORxdA1XZ30I7CAxAVK5l5cokrMIHJ01kkzYEGA1Y0C
+AwEAAaNTMFEwHQYDVR0OBBYEFAyj5N91aOt4TxNEOJ18JUPEBsOyMB8GA1UdIwQY
+MBaAFAyj5N91aOt4TxNEOJ18JUPEBsOyMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggIBAHGiT2h0SU2tlFmUQ8CzgJ7JRTg91ltRwEvs/SQ/YN7DdDwt
+dQy/0nMIeFstdDIkdQyjcAUO92msLzd8AniiwAjynxamiQqdA57+rdhp7oEbFgw+
+nF56bG4tiBG1gAIxtY9f2sG/Sqf6UuimxOX43nybG8RdRu8hOh/TQXcj8raa2PMT
+pTdphjMJUKSplHtFpbLFuf5FxklpeAYxYAReMzQhVgTzi7fcz3QhT/l6eqK6G05v
+gi+QsgesMiGdHKiTtx8N70JFZ+8BzJ0CJDI8PR2XZTLbpKxNfk426hTjJBkRULT5
+s7IWuuEO4Bb1p27K2WgHGh0mxFk4POPFmotxupVqzl8g2umcfWLDq0UR3BcRyR3B
+GWZNCcDTVLaAsarbSJoY1L/6j4O0RQdgpOWiENLbEcelGprGLBVe4s/NDA6aUYA+
+2Dll+0tHe6oKI+RCRoDhhiAH7UVIGQdORzcbY3Fxbf1OlFdpOyXLI751b1DjSYRu
+9cVFXZIBRTTiEvGbUfoDEXDmKxpWHkGRel2864FBodcwGv7yW6mC3o6vpOqQFcW7
+MjJsFhtVj8PdPmue+ye766PeH45ydDD01nr1I92w6E1C0pEEqRNEpoOGgORyNgit
+EZag4DlWFs5MFdlj32haztRgi2dhVuJxlzx4lAmvOoqvGVQVIicN1JSlikBk
+-----END CERTIFICATE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/cpanfile new/HTTP-Tiny-0.086/cpanfile
--- old/HTTP-Tiny-0.082/cpanfile 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/cpanfile 2023-06-22 16:06:45.000000000 +0200
@@ -1,4 +1,4 @@
-# This file is generated by Dist::Zilla::Plugin::CPANFile v6.025
+# This file is generated by Dist::Zilla::Plugin::CPANFile v6.030
# Do not edit this file directly. To change prereqs, edit the `dist.ini` file.
requires "Carp" => "0";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/dist.ini new/HTTP-Tiny-0.086/dist.ini
--- old/HTTP-Tiny-0.082/dist.ini 2022-07-25 15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/dist.ini 2023-06-22 16:06:45.000000000 +0200
@@ -8,6 +8,7 @@
:version = 0.072
stopwords = CA
stopwords = CGI
+stopwords = TLS
stopwords = UA
stopwords = proxying
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/lib/HTTP/Tiny.pm
new/HTTP-Tiny-0.086/lib/HTTP/Tiny.pm
--- old/HTTP-Tiny-0.082/lib/HTTP/Tiny.pm 2022-07-25 15:45:42.000000000
+0200
+++ new/HTTP-Tiny-0.086/lib/HTTP/Tiny.pm 2023-06-22 16:06:45.000000000
+0200
@@ -4,7 +4,7 @@
use warnings;
# ABSTRACT: A small, simple, correct HTTP/1.1 client
-our $VERSION = '0.082';
+our $VERSION = '0.086';
sub _croak { require Carp; Carp::croak(@_) }
@@ -40,10 +40,15 @@
#pod * C<timeout> â Request timeout in seconds (default is 60) If a socket
open,
#pod read or write takes longer than the timeout, the request response
status code
#pod will be 599.
-#pod * C<verify_SSL> â A boolean that indicates whether to validate the SSL
-#pod certificate of an C<https> â connection (default is false)
+#pod * C<verify_SSL> â A boolean that indicates whether to validate the
TLS/SSL
+#pod certificate of an C<https> â connection (default is true). Changed
from false
+#pod to true in version 0.083.
#pod * C<SSL_options> â A hashref of C<SSL_*> â options to pass through to
#pod L<IO::Socket::SSL>
+#pod * C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> - Changes the default
+#pod certificate verification behavior to not check server identity if set
to 1.
+#pod Only effective if C<verify_SSL> is not set. Added in version 0.083.
+#pod
#pod
#pod An accessor/mutator method exists for each attribute.
#pod
@@ -111,11 +116,17 @@
sub new {
my($class, %args) = @_;
+ # Support lower case verify_ssl argument, but only if verify_SSL is not
+ # true.
+ if ( exists $args{verify_ssl} ) {
+ $args{verify_SSL} ||= $args{verify_ssl};
+ }
+
my $self = {
max_redirect => 5,
timeout => defined $args{timeout} ? $args{timeout} : 60,
keep_alive => 1,
- verify_SSL => $args{verify_SSL} || $args{verify_ssl} || 0, # no
verification by default
+ verify_SSL => defined $args{verify_SSL} ? $args{verify_SSL} :
_verify_SSL_default(),
no_proxy => $ENV{no_proxy},
};
@@ -134,6 +145,13 @@
return $self;
}
+sub _verify_SSL_default {
+ my ($self) = @_;
+ # Check if insecure default certificate verification behaviour has been
+ # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1
+ return (($ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 :
1;
+}
+
sub _set_proxies {
my ($self) = @_;
@@ -1060,7 +1078,7 @@
timeout => 60,
max_line_size => 16384,
max_header_lines => 64,
- verify_SSL => 0,
+ verify_SSL => HTTP::Tiny::_verify_SSL_default(),
SSL_options => {},
%args
}, $class;
@@ -1709,7 +1727,7 @@
=head1 VERSION
-version 0.082
+version 0.086
=head1 SYNOPSIS
@@ -1802,12 +1820,16 @@
=item *
-C<verify_SSL> â A boolean that indicates whether to validate the SSL
certificate of an C<https> â connection (default is false)
+C<verify_SSL> â A boolean that indicates whether to validate the TLS/SSL
certificate of an C<https> â connection (default is true). Changed from false
to true in version 0.083.
=item *
C<SSL_options> â A hashref of C<SSL_*> â options to pass through to
L<IO::Socket::SSL>
+=item *
+
+C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> - Changes the default
certificate verification behavior to not check server identity if set to 1.
Only effective if C<verify_SSL> is not set. Added in version 0.083.
+
=back
An accessor/mutator method exists for each attribute.
@@ -2052,11 +2074,11 @@
timeout
verify_SSL
-=head1 SSL SUPPORT
+=head1 TLS/SSL SUPPORT
Direct C<https> connections are supported only if L<IO::Socket::SSL> 1.56 or
greater and L<Net::SSLeay> 1.49 or greater are installed. An error will occur
-if new enough versions of these modules are not installed or if the SSL
+if new enough versions of these modules are not installed or if the TLS
encryption fails. You can also use C<HTTP::Tiny::can_ssl()> utility function
that returns boolean to see if the required modules are installed.
@@ -2064,7 +2086,7 @@
command (i.e. RFC 2817). You may not proxy C<https> via a proxy that itself
requires C<https> to communicate.
-SSL provides two distinct capabilities:
+TLS/SSL provides two distinct capabilities:
=over 4
@@ -2078,24 +2100,17 @@
=back
-B<By default, HTTP::Tiny does not verify server identity>.
+B<By default, HTTP::Tiny verifies server identity>.
-Server identity verification is controversial and potentially tricky because it
-depends on a (usually paid) third-party Certificate Authority (CA) trust model
-to validate a certificate as legitimate. This discriminates against servers
-with self-signed certificates or certificates signed by free, community-driven
-CA's such as L<CAcert.org|http://cacert.org>.
-
-By default, HTTP::Tiny does not make any assumptions about your trust model,
-threat level or risk tolerance. It just aims to give you an encrypted channel
-when you need one.
-
-Setting the C<verify_SSL> attribute to a true value will make HTTP::Tiny verify
-that an SSL connection has a valid SSL certificate corresponding to the host
-name of the connection and that the SSL certificate has been verified by a CA.
-Assuming you trust the CA, this will protect against a L<man-in-the-middle
-attack|http://en.wikipedia.org/wiki/Man-in-the-middle_attack>. If you are
-concerned about security, you should enable this option.
+This was changed in version 0.083 due to security concerns. The previous
default
+behavior can be enabled by setting
C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}>
+to 1.
+
+Verification is done by checking that that the TLS/SSL connection has a valid
+certificate corresponding to the host name of the connection and that the
+certificate has been verified by a CA. Assuming you trust the CA, this will
+protect against L<machine-in-the-middle
+attacks|http://en.wikipedia.org/wiki/Machine-in-the-middle_attack>.
Certificate verification requires a file containing trusted CA certificates.
@@ -2103,9 +2118,7 @@
will try to find a CA certificate file in that location.
If the L<Mozilla::CA> module is installed, HTTP::Tiny will use the CA file
-included with it as a source of trusted CA's. (This means you trust Mozilla,
-the author of Mozilla::CA, the CPAN mirror where you got Mozilla::CA, the
-toolchain used to install it, and your operating system security, right?)
+included with it as a source of trusted CA's.
If that module is not available, then HTTP::Tiny will search several
system-specific default locations for a CA certificate file:
@@ -2124,13 +2137,33 @@
/etc/ssl/ca-bundle.pem
+=item *
+
+/etc/openssl/certs/ca-certificates.crt
+
+=item *
+
+/etc/ssl/cert.pem
+
+=item *
+
+/usr/local/share/certs/ca-root-nss.crt
+
+=item *
+
+/etc/pki/tls/cacert.pem
+
+=item *
+
+/etc/certs/ca-certificates.crt
+
=back
An error will be occur if C<verify_SSL> is true and no CA certificate file
is available.
-If you desire complete control over SSL connections, the C<SSL_options>
attribute
-lets you provide a hash reference that will be passed through to
+If you desire complete control over TLS/SSL connections, the C<SSL_options>
+attribute lets you provide a hash reference that will be passed through to
C<IO::Socket::SSL::start_SSL()>, overriding any options set by HTTP::Tiny. For
example, to provide your own trusted CA file:
@@ -2140,7 +2173,7 @@
The C<SSL_options> attribute could also be used for such things as providing a
client certificate for authentication to a server or controlling the choice of
-cipher used for the SSL connection. See L<IO::Socket::SSL> documentation for
+cipher used for the TLS/SSL connection. See L<IO::Socket::SSL> documentation
for
details.
=head1 PROXY SUPPORT
@@ -2346,7 +2379,7 @@
=head1 CONTRIBUTORS
-=for stopwords Alan Gardner Alessandro Ghedini A. Sinan Unur Brad Gilbert
brian m. carlson Chris Nehren Weyl Claes Jakobsson Clinton Gormley Craig Berry
David Golden Mitchell Dean Pearce Edward Zborowski Felipe Gasper Graham Knop
Greg Kennedy James E Keenan Raspass Jeremy Mates Jess Robinson Karen Etheridge
Lukas Eklund Martin J. Evans Martin-Louis Bright Matthew Horsfall Michael R.
Davis Mike Doherty Nicolas Rochelemagne Olaf Alders Olivier Mengué Petr
PÃsaÅ sanjay-cpu Serguei Trouchelle Shoichi Kaji SkyMarshal Sören Kornetzki
Steve Grazzini Syohei YOSHIDA Tatsuhiko Miyagawa Tom Hukins Tony Cook Xavier
Guimard
+=for stopwords Alan Gardner Alessandro Ghedini A. Sinan Unur Brad Gilbert
brian m. carlson Chris Nehren Weyl Claes Jakobsson Clinton Gormley Craig Berry
David Golden Mitchell Dean Pearce Edward Zborowski Felipe Gasper Graham Knop
Greg Kennedy James E Keenan Raspass Jeremy Mates Jess Robinson Karen Etheridge
Lukas Eklund Martin J. Evans Martin-Louis Bright Matthew Horsfall Michael R.
Davis Mike Doherty Nicolas Rochelemagne Olaf Alders Olivier Mengué Petr
PÃsaÅ sanjay-cpu Serguei Trouchelle Shoichi Kaji SkyMarshal Sören Kornetzki
Steve Grazzini Stig Palmquist Syohei YOSHIDA Tatsuhiko Miyagawa Tom Hukins Tony
Cook Xavier Guimard
=over 4
@@ -2508,6 +2541,10 @@
=item *
+Stig Palmquist <g...@stig.io>
+
+=item *
+
Syohei YOSHIDA <syo...@gmail.com>
=item *
@@ -2530,7 +2567,7 @@
=head1 COPYRIGHT AND LICENSE
-This software is copyright (c) 2022 by Christian Hansen.
+This software is copyright (c) 2023 by Christian Hansen.
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/t/00-report-prereqs.t
new/HTTP-Tiny-0.086/t/00-report-prereqs.t
--- old/HTTP-Tiny-0.082/t/00-report-prereqs.t 2022-07-25 15:45:42.000000000
+0200
+++ new/HTTP-Tiny-0.086/t/00-report-prereqs.t 2023-06-22 16:06:45.000000000
+0200
@@ -3,7 +3,7 @@
use strict;
use warnings;
-# This test was generated by Dist::Zilla::Plugin::Test::ReportPrereqs 0.028
+# This test was generated by Dist::Zilla::Plugin::Test::ReportPrereqs 0.029
use Test::More tests => 1;
@@ -109,20 +109,24 @@
my @reports = [qw/Module Want Have/];
for my $mod ( sort keys %{ $req_hash->{$phase}{$type} } ) {
- next if $mod eq 'perl';
next if grep { $_ eq $mod } @exclude;
- my $file = $mod;
- $file =~ s{::}{/}g;
- $file .= ".pm";
- my ($prefix) = grep { -e File::Spec->catfile($_, $file) } @INC;
-
my $want = $req_hash->{$phase}{$type}{$mod};
$want = "undef" unless defined $want;
$want = "any" if !$want && $want == 0;
+ if ($mod eq 'perl') {
+ push @reports, ['perl', $want, $]];
+ next;
+ }
+
my $req_string = $want eq 'any' ? 'any version required' :
"version '$want' required";
+ my $file = $mod;
+ $file =~ s{::}{/}g;
+ $file .= ".pm";
+ my ($prefix) = grep { -e File::Spec->catfile($_, $file) } @INC;
+
if ($prefix) {
my $have = MM->parse_version( File::Spec->catfile($prefix,
$file) );
$have = "undef" unless defined $have;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/t/180_verify_SSL.t
new/HTTP-Tiny-0.086/t/180_verify_SSL.t
--- old/HTTP-Tiny-0.082/t/180_verify_SSL.t 1970-01-01 01:00:00.000000000
+0100
+++ new/HTTP-Tiny-0.086/t/180_verify_SSL.t 2023-06-22 16:06:45.000000000
+0200
@@ -0,0 +1,109 @@
+#!perl
+
+use strict;
+use warnings;
+use Test::More 0.88;
+use lib 't';
+
+use HTTP::Tiny;
+
+delete $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT};
+
+{
+ my $ht = HTTP::Tiny->new();
+ is($ht->verify_SSL, 1, "verify_SSL is 1 by default");
+}
+
+{
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 0
+ );
+ is($ht->verify_SSL, 0, "verify_SSL=>0 sets 0");
+}
+
+{
+ my $ht = HTTP::Tiny->new(
+ verify_ssl => 0
+ );
+ is($ht->verify_SSL, 0, "verify_ssl=>0 sets 0");
+}
+
+{
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 1,
+ verify_ssl => 0
+ );
+ is($ht->verify_SSL, 1, "verify_SSL=>1 and verify_ssl=>0 sets 1");
+}
+
+{
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 0,
+ verify_ssl => 1
+ );
+ is($ht->verify_SSL, 1, "verify_SSL=>0 and verify_ssl=>1 sets 1");
+}
+
+{
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 0,
+ verify_ssl => 0
+ );
+ is($ht->verify_SSL, 0, "verify_SSL=>0 and verify_ssl=>0 sets 0");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "1";
+ my $ht = HTTP::Tiny->new();
+ is($ht->verify_SSL, 0, "PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 changes
verify_SSL default to 0");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "0";
+ my $ht = HTTP::Tiny->new();
+ is($ht->verify_SSL, 1, "PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=0 keeps
verify_SSL default at 1");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "False";
+ my $ht = HTTP::Tiny->new();
+ is($ht->verify_SSL, 1, "Unsupported
PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=False keeps verify_SSL default at 1");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "1";
+ my $ht = HTTP::Tiny->new(verify_SSL=>1);
+ is($ht->verify_SSL, 1, "PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 does not
override verify_SSL attribute set to 1");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "1";
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 1,
+ verify_ssl => 1
+ );
+ is($ht->verify_SSL, 1, "PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1,
verify_SSL=>1 and verify_ssl=>1 sets 1");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "1";
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 1,
+ verify_ssl => 0
+ );
+ is($ht->verify_SSL, 1, "PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1,
verify_SSL=>1 and verify_ssl=>0 sets 1");
+}
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = "1";
+ my $ht = HTTP::Tiny->new(
+ verify_SSL => 0,
+ verify_ssl => 0
+ );
+ is($ht->verify_SSL, 0, "PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1,
verify_SSL=>0 and verify_ssl=>0 sets 0");
+}
+
+
+
+done_testing;
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/t/210_live_ssl.t
new/HTTP-Tiny-0.086/t/210_live_ssl.t
--- old/HTTP-Tiny-0.082/t/210_live_ssl.t 2022-07-25 15:45:42.000000000
+0200
+++ new/HTTP-Tiny-0.086/t/210_live_ssl.t 2023-06-22 16:06:45.000000000
+0200
@@ -18,6 +18,8 @@
}
use HTTP::Tiny;
+delete $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT};
+
plan skip_all => 'Only run for $ENV{AUTOMATED_TESTING}'
unless $ENV{AUTOMATED_TESTING};
@@ -27,33 +29,73 @@
diag "\nNote: running test with ", qx/openssl version/;
}
-my $data = {
- 'https://www.google.ca/' => {
- host => 'www.google.ca',
- pass => { SSL_verifycn_scheme => 'http', SSL_verifycn_name =>
'www.google.ca', SSL_verify_mode => 0x01, SSL_ca_file =>
Mozilla::CA::SSL_ca_file() },
- fail => { SSL_verify_callback => sub { 0 }, SSL_verify_mode => 0x01 },
- default_should_yield => '1',
- },
- 'https://twitter.com/' => {
- host => 'twitter.com',
- pass => { SSL_verifycn_scheme => 'http', SSL_verifycn_name =>
'twitter.com', SSL_verify_mode => 0x01, SSL_ca_file =>
Mozilla::CA::SSL_ca_file() },
- fail => { SSL_verify_callback => sub { 0 }, SSL_verify_mode => 0x01 },
- default_should_yield => '1',
- },
- 'https://github.com/' => {
- host => 'github.com',
- pass => { SSL_verifycn_scheme => 'http', SSL_verifycn_name =>
'github.com', SSL_verify_mode => 0x01, SSL_ca_file =>
Mozilla::CA::SSL_ca_file() },
- fail => { SSL_verify_callback => sub { 0 }, SSL_verify_mode => 0x01 },
- default_should_yield => '1',
- },
- 'https://spinrite.com/' => {
- host => 'spinrite.com',
- pass => { SSL_verifycn_scheme => 'none', SSL_verifycn_name =>
'spinrite.com', SSL_verify_mode => 0x00 },
- fail => { SSL_verifycn_scheme => 'http', SSL_verifycn_name =>
'spinrite.com', SSL_verify_mode => 0x01, SSL_ca_file =>
Mozilla::CA::SSL_ca_file() },
- default_should_yield => '',
- }
-};
-plan tests => 1+ scalar keys %$data;
+test_ssl('https://cpan.org/' => {
+ host => 'cpan.org',
+ pass => { verify_SSL => 1 },
+ fail => { verify_SSL => 1, SSL_options => { SSL_ca_file =>
"corpus/snake-oil.crt" } },
+ default_verify_should_return => !!1,
+});
+
+test_ssl('https://github.com/' => {
+ host => 'github.com',
+ pass => { verify_SSL => 1 },
+ fail => { verify_SSL => 1, SSL_options => { SSL_ca_file =>
"corpus/snake-oil.crt" } },
+ default_verify_should_return => !!1,
+});
+
+test_ssl('https://wrong.host.badssl.com/' => {
+ host => 'wrong.host.badssl.com',
+ pass => { SSL_options => { SSL_verifycn_scheme => 'none',
SSL_verifycn_name => 'wrong.host.badssl.com', SSL_verify_mode => 0x00 } },
+ fail => { SSL_options => { SSL_verifycn_scheme => 'http',
SSL_verifycn_name => 'wrong.host.badssl.com', SSL_verify_mode => 0x01,
SSL_ca_file => Mozilla::CA::SSL_ca_file() } },
+ default_verify_should_return => !!0,
+});
+
+test_ssl('https://untrusted-root.badssl.com/' => {
+ host => 'untrusted-root.badssl.com',
+ pass => { verify_SSL => 0 },
+ fail => { verify_SSL => 1 },
+ default_verify_should_return => !!0,
+});
+
+test_ssl('https://mozilla-modern.badssl.com/' => {
+ host => 'mozilla-modern.badssl.com',
+ pass => { verify_SSL => 1 },
+ fail => { verify_SSL => 1, SSL_options => { SSL_ca_file =>
"corpus/snake-oil.crt" } },
+ default_verify_should_return => !!1,
+});
+
+{
+ local $ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} = 1;
+ test_ssl('https://wrong.host.badssl.com/' => {
+ host => 'wrong.host.badssl.com',
+ pass => { verify_SSL => 0 },
+ fail => { verify_SSL => 1 },
+ default_verify_should_return => !!1,
+ });
+ test_ssl('https://expired.badssl.com/' => {
+ host => 'expired.badssl.com',
+ pass => { verify_SSL => 0 },
+ fail => { verify_SSL => 1 },
+ default_verify_should_return => !!1,
+ });
+
+}
+
+test_ssl('https://wrong.host.badssl.com/' => {
+ host => 'wrong.host.badssl.com',
+ pass => { verify_SSL => 0 },
+ fail => { verify_SSL => 1 },
+ default_verify_should_return => !!0,
+});
+
+test_ssl('https://expired.badssl.com/' => {
+ host => 'expired.badssl.com',
+ pass => { verify_SSL => 0 },
+ fail => { verify_SSL => 1 },
+ default_verify_should_return => !!0,
+});
+
+
subtest "can_ssl" => sub {
ok( HTTP::Tiny->can_ssl, "class method" );
@@ -69,8 +111,10 @@
like( $why, qr/not found or not readable/, "failure reason" );
};
+done_testing();
-while (my ($url, $data) = each %$data) {
+sub test_ssl {
+ my ($url, $data) = @_;
subtest $url => sub {
plan 'skip_all' => 'Internet connection timed out'
unless IO::Socket::INET->new(
@@ -81,8 +125,8 @@
);
# the default verification
- my $response = HTTP::Tiny->new(verify_ssl => 1)->get($url);
- is $response->{success}, $data->{default_should_yield}, "Request to
$url passed/failed using default as expected"
+ my $response = HTTP::Tiny->new()->get($url);
+ is $response->{success}, $data->{default_verify_should_return},
"Request to $url passed/failed using default as expected"
or do {
# $response->{content} = substr $response->{content}, 0, 50;
$response->{content} =~ s{\n.*}{}s;
@@ -90,21 +134,25 @@
};
# force validation to succeed
- my $pass = HTTP::Tiny->new( SSL_options => $data->{pass} )->get($url);
- isnt $pass->{status}, '599', "Request to $url completed (forced pass)"
- or do {
- $pass->{content} =~ s{\n.*}{}s;
- diag explain $pass
- };
- ok $pass->{content}, 'Got some content';
+ if ($data->{pass}) {
+ my $pass = HTTP::Tiny->new( %{$data->{pass}} )->get($url);
+ isnt $pass->{status}, '599', "Request to $url completed (forced
pass)"
+ or do {
+ $pass->{content} =~ s{\n.*}{}s;
+ diag explain $pass
+ };
+ ok $pass->{content}, 'Got some content';
+ }
# force validation to fail
- my $fail = HTTP::Tiny->new( SSL_options => $data->{fail} )->get($url);
- is $fail->{status}, '599', "Request to $url failed (forced fail)"
- or do {
- $fail->{content} =~ s{\n.*}{}s;
- diag explain [IO::Socket::SSL::errstr(), $fail]
- };
- ok $fail->{content}, 'Got some content';
+ if ($data->{fail}) {
+ my $fail = HTTP::Tiny->new( %{$data->{fail}} )->get($url);
+ is $fail->{status}, '599', "Request to $url failed (forced fail)"
+ or do {
+ $fail->{content} =~ s{\n.*}{}s;
+ diag explain [IO::Socket::SSL::errstr(), $fail]
+ };
+ ok $fail->{content}, 'Got some content';
+ }
};
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/xt/author/distmeta.t
new/HTTP-Tiny-0.086/xt/author/distmeta.t
--- old/HTTP-Tiny-0.082/xt/author/distmeta.t 2022-07-25 15:45:42.000000000
+0200
+++ new/HTTP-Tiny-0.086/xt/author/distmeta.t 2023-06-22 16:06:45.000000000
+0200
@@ -1,6 +1,7 @@
#!perl
# This file was automatically generated by Dist::Zilla::Plugin::MetaTests.
-
+use strict;
+use warnings;
use Test::CPAN::Meta;
meta_yaml_ok();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/xt/author/pod-coverage.t
new/HTTP-Tiny-0.086/xt/author/pod-coverage.t
--- old/HTTP-Tiny-0.082/xt/author/pod-coverage.t 2022-07-25
15:45:42.000000000 +0200
+++ new/HTTP-Tiny-0.086/xt/author/pod-coverage.t 2023-06-22
16:06:45.000000000 +0200
@@ -1,6 +1,7 @@
#!perl
# This file was automatically generated by
Dist::Zilla::Plugin::PodCoverageTests.
-
+use strict;
+use warnings;
use Test::Pod::Coverage 1.08;
use Pod::Coverage::TrustPod;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/xt/author/pod-spell.t
new/HTTP-Tiny-0.086/xt/author/pod-spell.t
--- old/HTTP-Tiny-0.082/xt/author/pod-spell.t 2022-07-25 15:45:42.000000000
+0200
+++ new/HTTP-Tiny-0.086/xt/author/pod-spell.t 2023-06-22 16:06:45.000000000
+0200
@@ -70,6 +70,7 @@
Nicolas
Olaf
Olivier
+Palmquist
Pearce
Petr
PÃsaÅ
@@ -81,8 +82,10 @@
Sinan
SkyMarshal
Steve
+Stig
Syohei
Sören
+TLS
Tatsuhiko
Tiny
Tom
@@ -114,6 +117,7 @@
ether
felipe
gardner
+git
haarg
jkeenan
jmates
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/HTTP-Tiny-0.082/xt/author/portability.t
new/HTTP-Tiny-0.086/xt/author/portability.t
--- old/HTTP-Tiny-0.082/xt/author/portability.t 2022-07-25 15:45:42.000000000
+0200
+++ new/HTTP-Tiny-0.086/xt/author/portability.t 2023-06-22 16:06:45.000000000
+0200
@@ -3,8 +3,6 @@
use Test::More;
-eval 'use Test::Portability::Files';
-plan skip_all => 'Test::Portability::Files required for testing portability'
- if $@;
+use Test::Portability::Files;
options(test_one_dot => 0);
run_tests();
