In short, you should just be running Perl with the -T flag. Perl::Critic is just a very opinionated linter.
Joe Schaefer, Ph.D <j...@sunstarsys.com> +1 (954) 253-3732 SunStar Systems, Inc. Orion - The Enterprise Jamstack Wiki ________________________________ From: Joseph He <joseph.he.2...@gmail.com> Sent: Thursday, February 15, 2024 10:43:41 AM To: mod_perl list <modperl@perl.apache.org> Subject: static code analysis for Perl5 code? All, good day. Our company wants to use some tool to do a static analysis on our Perl5 code like what they can do for Java, etc. I know Perl::Critic can scan the code for the 'best practice'. Other than this, anybody knows that there is another tool supposedly to help find the security loopholes, etc? Thank you very much. Joseph