Hi David On Thu, 2009-09-10 at 15:57 -0400, David Golden wrote: > Eric and I have had a intense off-list discussion over some design > issues for inc/ bundling. I suspect a number of our differences of
Thanx for an intriguing analysis of the situation. [massive snip] Various issues come to mind, which I would like to see discussed: o Obviously module authors can just not implement anything based on this new mechanism, but for those who do... o A depth limit: Just how deeply will dependencies be nested? Does it matter? o Sabotage: What if someone maliciously nests dependencies, triggering excessive attempts to satisfy dependencies (i.e. a Denial of Service attack)? Will some protection against this be built in? o Compulsion: Is the new mechanism turned on by default simply because it's present in the distro? Will clients (i.e. people) be able to turn if off? Does turning it off make any sense? o Off-line: For those of us who work on machines with no mini CPAN and no internet access, I assume this mechanism will be self-contained, in that everything will 'just work' without that access? Yes? -- Ron Savage r...@savage.net.au http://savage.net.au/index.html
