Archive::Zip - 'unauthorized' release.

Robin Norwood rnorwood at
Mon Jun 4 19:21:38 UTC 2007


I started working down Chris's excellent list of outdated modules, and
came upon an interesting situation with Archive::Zip - the latest
version (1.18) is flagged as 'unauthorized'.  As near as I can tell, the
new author (Adam Kennedy) seems to have taken over maintaining this
module, but hasn't had the ownership transferred in CPAN.  I sent Adam
an email asking if he is going to fix this.

Is there a general policy for this sort of situation, and if not, should
there be?  I think clearly we would want to avoid downloading such
releases - part of the intent is to prevent people from uploading
releases when they don't own the module, and obvious badness could occur
if someone uploaded an unauthorized release with some sort of badness in
the code.  I don't think that's what's going on here (Adam owns quite a
few modules on CPAN, and clearly has a track record).

Should something be added to the perl packaging guidelines, and what do
you think we should do in this instance, other than wait for a response
from Adam?

The latest 'authorized' version:

Adam's 'unauthorized' version:


Robin Norwood
Red Hat, Inc.

"The Sage does nothing, yet nothing remains undone."
-Lao Tzu, Te Tao Ching

More information about the Fedora-perl-devel-list mailing list