On Tue, 6 Sep 2005, Sander Temme wrote:
Folks,
I have been meaning to follow up on this ever since that BOF, and am deeply
annoyed that it has taken me this long.
As a matter of fact, my memory of that BOF session has now faded to a
considerable extent and I don't feel comfortable even giving a list of
attendees because I would leave people out.
I have pinned to my office wall the flip-over sheet with notes I took during
the session and will now transcribe those. If anyone present at the event
notices I'm leaving something out, please speak up.
Building on my original message below, we discussed what should be
implemented and how.
[ ... ]
We discussed CPAN, from which a lot of people blindly and trustingly download
module upon module, as root. How did this get so trusted? Who is responsible
for the code? We hear that nobody owns CPAN, and there is no identifiable
target for any legal action anyone might want to bring. This obviously
wouldn't fly for the ASF.
Jarkko Hietaniemi, the "CPAN Master Librarian", wrote up
some thoughts on CPAN-like archives at
http://www.cpan.org/misc/ZCAN.html
Most (but not all) activity in CPAN is connected with
Perl modules; for this, PAUSE (http://pause.perl.org/)
is the means by which authors can upload and manage
submissions. The code for PAUSE is available:
ftp://pause.perl.org/pub/PAUSE/PAUSE-code/
Every module uploaded to the network would come with metadata, including (but
not limited to):
[ ... ]
In the Perl world, metadata now comes in the form of a
META.yml file:
http://module-build.sourceforge.net/META-spec.html
which is based on YAML:
http://www.yaml.org/
This is one area that the CPAN/PAUSE maintainers emphasize
as being crucial in being able to index and search
effectively.
--
best regards,
randy kobes