Steven Schubiger wrote:
I don't know about the current implementation, but shouldn't do eval { require $module_path } should be more failsafe than a regex? Argueably slower?
The CPAN indexer, being an automated system, cannot execute random code. Consequently, all code is executed inside Safe.pm with the additional limitation that "require" is stubbed out. In addition, the regex is merely used to decide which line might be a $VERSION assignment prior to eval'ing that line as above.
Can a regex or PPI be used to check the expression? If the rhs is a reference to $VERSION from another package, scan that package?
