Changes for version 20241208.001 - 2024-12-08

  • The database of advisories now exists as a separate distribution so it can update itself frequently without requiring new releases of this distribution. The code will look for CPANSA::DB or CPAN::Audit::DB, and the CPAN::Audit::DB now comes with CPANSA:DB. CPAN::Audit::DB will eventually be phased out.
  • The `installed` command now looks only at the versions you have installed. This changes the comparison from '>=' to '=='. (#62)
  • The default range operator is now `==` instead of `>=`. You can always specify which way you want the check to work by using an explicit range operator
  • Since these are significant changes, please report any weird situations that might arise.

Changes for version 20241121.001_001 - 2024-11-21

  • test release to move CPAN::Audit::DB to a separate module so it can be updated independently.

Changes for version 20240911.001_01 - 2024-09-10

  • check `cpan-audit dist perl 5.024004` for #62

Documentation

Audit CPAN modules

Modules

Audit CPAN distributions for known vulnerabilities
manage the reports / CVEs to ignore
check freshness of CPAN::Audit::DB
filter the database for advisories that interest you
the infrastructure to compare versions and version ranges

Provides

in lib/CPAN/Audit/Discover.pm
in lib/CPAN/Audit/Discover/Cpanfile.pm
in lib/CPAN/Audit/Discover/CpanfileSnapshot.pm
in lib/CPAN/Audit/Installed.pm