Module::Signature adds cryptographic authentications to CPAN distributions, via the special SIGNATURE file.
If you are a module user, all you have to do is to remember to run 'cpansign -v' (or just 'cpansign') before issuing 'perl Makefile.PL' or 'perl Build.PL'; that will ensure the distribution has not been tampered with.
Module authors can easily add the SIGNATURE file to the distribution tarball; see NOTES below for how to do it as part of 'make dist'.
If you really want to sign a distribution manually, simply add 'SIGNATURE' to MANIFEST, then type 'cpansign -s' immediately before 'make dist'. Be sure to delete the SIGNATURE file afterwards.
Please also see NOTES about MANIFEST.SKIP issues, especially if you are using Module::Build or writing your own MANIFEST.SKIP.
Signatures made with Module::Signature prior to version 0.82 used the SHA1 algorithm by default. SHA1 is now considered broken, and therefore module authors are strongly encouraged to regenerate their SIGNATURE files. Users verifying old SHA1 signature files will receive a warning.
Package Version | Update ID | Released | Package Hub Version | Platforms | Subpackages |
---|---|---|---|---|---|
0.88-bp156.2.1 info | GA Release | 2023-07-22 | 15 SP6 |
|
|
0.88-bp155.1.4 info | GA Release | 2023-05-17 | 15 SP5 |
|
|
0.87-bp154.1.22 info | GA Release | 2022-05-12 | 15 SP4 |
|
|
0.81-bp153.1.12 info | GA Release | 2021-03-06 | 15 SP3 |
|
|
0.81-bp152.3.17 info | GA Release | 2020-04-16 | 15 SP2 |
|
|
0.81-bp151.3.1 info | GA Release | 2019-07-18 | 15 SP1 |
|
|
0.81-bp151.2.10 info | GA Release | 2019-05-18 | 15 SP1 |
|
|
0.81-bp150.2.4 info | GA Release | 2018-07-30 | 15 |
|
|