user-pic

cmlh

  • Website: cmlh.id.au
  • About: I specialise webappsec using the LWP and WWW::Mechanize modules Further information is available from www.linkedin.com/in/ChristianHeinrich
  • Commented on Publicly accessible archive of perl security advisories?
    http://blogs.perl.org/users/brian_d_foy/2012/10/is-there-a-list-of-cert-advisories-keyed-to-fixed-perl-versions.html#comment-222983 might/not be what you are after?...
  • Commented on Is there a list of CERT advisories keyed to fixed Perl versions?
    Another thing to consider would be for Perl::Critic (or cpan, etc) to trigger an alert when vulnerable CPAN modules are used. The Java community has recently attempted to tackle this problem i.e. https://github.com/jeremylong/DependencyCheck#readme and http://www.scmagazine.com.au/News/320617,redhat-project-fights-java-vulnerabilities.aspx...
  • Commented on How can I grep all of BackPAN?
    Google Code Search "quietly" moved to http://code.google.com/codesearch...
Subscribe to feed Recent Actions from cmlh

  • Steven Haryanto commented on How can I grep all of BackPAN?

    grep.cpan.me does not seem to include BackPAN at the moment. Of course, you could just clone the repo and run its code locally against BackPAN.

  • Steven Haryanto commented on How can I grep all of BackPAN?

    Tried it just now, looks like it doesn't index CPAN at all.

  • Steffen Mueller commented on How can I grep all of BackPAN?

    grep.cpan.me is awesome, but I think if you're going to run it for the backpan, you'll need a machine with insane amounts of RAM. Last I heard, the regular grep.cpan.me was using a good chunk of a 16GB RAM server. Backpan being many times larger, I think you'd want 96GB or more. Good luck.

    Alternatively, do a full backpan extract on you large harddrive and install the released Google-code-search-alike software locally. Don't have the link handy, but if you can't find it, poke me and I'll get it from a co-worker who's a big fan.

  • dgl commented on How can I grep all of BackPAN?

    I think as Steffen says using the released code that implements the trigram index that codesearch used (http://code.google.com/p/codesearch/) would be interesting. Depending how well it works I might be interested in adding that to grep.cpan.me.

    You might also be interested in this code that acme wrote and then I added threads to (yes I know, but it actually works quite well in this case): https://gi…

  • parv commented on Publicly accessible archive of perl security advisories?

    Ha! My query was quite a duplicate of brian d f's; I should have searched blogs.perl too before posting. Thanks much.

Subscribe to feed Responses to Comments from cmlh

About blogs.perl.org

blogs.perl.org is a common blogging platform for the Perl community. Written in Perl and offering the modern features you’ve come to expect in blog platforms, the site is run by Dave Cross and Aaron Crane, with a design donated by Six Apart, Ltd.