CPANscan

App::perlimports provides a command line tool called perlimports that automates the cleanup and maintenance of Perl import statements by making implicit imports explicit. It scans your codebase, identifies what symbols modules actually bring into scope, and updates use and require lines so they explicitly list those imports, which makes code easier to read, refactor, and audit and helps avoid subtle runtime surprises from hidden symbol imports. The tool is aimed at developers maintaining or modernizing Perl projects who want consistent, transparent import lists and is distributed as free software by Olaf Alders.

App::CriticDB is a lightweight project aimed at collecting and storing Perl::Critic violations across large code repositories so teams can update results per file and generate fast policy-count reports without running perlcritic across every file each time. It currently supports on-disk storage using Storable by default and can emit perlcritic-formatted reports to standard output, with Data::Dumper as an alternate storage format for debugging at the cost of much slower reads and writes. The design anticipates per-file rechecks, automatic removal of deleted files, and future backends and reporting hooks for integration with metrics systems or filename remapping. At the moment this is an early skeleton release and version 0.0.1 provides no real functionality yet, so it is worth watching if you need a scalable Perl::Critic aggregation tool but not yet suitable for production use.

Gherkin is the Perl implementation of the Gherkin language parser and compiler used by the Cucumber project, designed to read .feature files (including Gherkin-in-Markdown) and emit a stream of protobuf-based Cucumber::Messages in NDJSON form for use in a Cucumber tooling pipeline. It provides a streaming API you call with from_paths or from_source and simple coderefs: an id generator and a sink to receive Envelope-wrapped messages, and it can include the original Source, the parsed AST (GherkinDocument) and the executable scenarios (Pickles) via options. The module handles source encodings, reports errors as messages, and since version 22 it uses Cucumber::Messages objects rather than plain hashes. Recent releases focus on performance and i18n, with the 39.1.0 cycle improving parser speed and expanding Turkish keywords. Use this module when you need to parse or compile Gherkin in Perl to feed or build higher-level Cucumber tools and formatters.

Developer::Dashboard provides a single local “home” for everyday development tasks by unifying a small web UI, a command-line entry point, and a prompt/status layer that all share the same file-backed runtime. It helps you keep bookmarks, notes, repeatable actions, open-file shortcuts, path aliases, data inspectors for JSON/YAML/TOML/properties, Docker Compose helpers, and background collectors (health checks) in one place so prompts and the browser show cheap, cached indicators instead of re-running expensive checks. The runtime is layered so a project-local ./.developer-dashboard can override values while keeping a safe home fallback under ~/.developer-dashboard, and helpers are staged privately under that home to avoid polluting your global PATH. Pages use simple bookmark-style documents with Template Toolkit and executable CODE blocks, bookmark-backed Ajax handlers stream output to the browser, and a skills system lets you install isolated extensions that contribute commands, pages, collectors, and docker roots. The CLI supports extensible hooks, layered env file loading, open-file and project discovery helpers, and a tmux-aware prompt integration that can move indicators into tmux status lines. Installation and runtime management work across Linux, macOS, and Windows with documented bootstrap scripts and a doctor command to audit and repair runtime permissions and staged helpers. The recent 3.58 release adds explicit staged-helper version markers and improved self-repair: dashboard doctor can detect and restage missing or stale helper assets and fix misplaced bash bootstrap lines so helper and tmux integrations remain reliable. If you want a local, configurable hub to collect shortcuts, health checks, and small operational dashboards for mixed-language projects, Developer::Dashboard is likely relevant.

Sys::Virt is a Perl XS wrapper around the libvirt API that lets Perl scripts connect to and control virtualization hosts and guests with a single, consistent interface. You can open connections to local or remote hypervisors using libvirt URIs, create or define domains, networks, storage pools, interfaces and node devices, query and list resources, gather host and guest statistics, manage CPU and memory settings, perform save and restore operations, and register event callbacks for lifecycle and other notifications. It supports authenticated and read only connections and reports failures as Sys::Virt::Error objects so they can be caught in Perl code. Callbacks must be explicitly deregistered to allow clean shutdown and garbage collection of the connection. The module is aimed at system administrators and automation tools that need programmatic control of Xen, QEMU/KVM and other libvirt-supported backends. The author notes the XS layer should be audited for potential memory leaks, but otherwise the module provides a comprehensive Perl interface to libvirt.

OrePAN2::S3 is a command line tool and modulino for running a private DarkPAN CPAN mirror on Amazon S3 with optional CloudFront delivery, letting Perl authors and administrators upload distributions, build and publish the CPAN-style index, publish README or POD as HTML, and push extra static assets and templates to an S3 bucket. It works via a simple bash wrapper (orepan2-s3) or directly as orepan2-s3-index, uses a JSON config that can hold multiple repository profiles, supports Template::Toolkit index templates and custom grouping rules, and can automatically invalidate CloudFront paths you specify when you update the index. Typical workflows include injecting a tarball, reindexing, uploading index and artifacts, and creating docs from README.md or POD, and the tool integrates with AWS profiles and bucket prefixes so you can keep everything under your existing AWS setup. The author has continued modernizing the code and build in recent releases, notably replacing Amazon::S3 with Amazon::S3::Lite and removing a YAML dependency in the 1.2.x series to simplify requirements. Note that one command listed as invalidate-index is not currently implemented.

Net::Clacks is a Perl-based client/server system for fast interprocess messaging and an in-memory cache alternative to memcached, aimed at applications that need low-latency communication or simple shared caching. It requires Perl 5.36 or newer and offers two primary modes: near-real-time message delivery and a memory-store mode for caching. Servers can be deployed in master/slave hierarchies and even tree-like arrangements to scale to many clients, and a DEBUG mode can mirror messages to a requesting client for inspection. The distribution includes Net::Clacks::Server and Net::Clacks::Client, a Cache::Memcached-compatible ClacksCache client for caching-only use, and a write-only PostgreSQL helper for emitting Clacks messages from database triggers. Example code such as a simple chat client is provided, and an upgrade guide is included and should be consulted before updating.

JQ::Lite is a compact, pure-Perl reimplementation of the popular jq JSON query language that lets you extract, traverse, filter, and transform JSON with familiar dot-notation and pipeline syntax without installing external binaries or XS modules. It can be used as a library or via the bundled jq-lite command line tool and supports safe key access, array indexing and flattening, map/select/reduce/foreach, grouping and aggregation, regex testing and matching, variables, slurp/raw modes, and a large suite of jq-like built-in functions for strings, collections, and statistics. The module is aimed at situations where the jq binary cannot be installed such as minimal containers, restricted servers, CI pipelines, legacy systems, or air-gapped environments, and it works with core JSON::PP while optionally using faster JSON::XS-compatible parsers when available. The 2.45 release mostly fixes packaging and MANIFEST issues to ensure documentation, utilities, and tests are included in source distributions so installations and downstream packaging behave more reliably.

Amazon::Credentials is a lightweight helper for finding AWS credentials for Perl programs by trying a configurable chain of sources until it locates usable keys. It supports credentials from the environment, container endpoints (ECS, Lambda, Fargate, EKS Pod Identity), EC2 instance roles via the metadata service, web-identity/OIDC federation (EKS IRSA and GitHub Actions), and standard AWS config/credentials files including credential_process and SSO, and it also ships a simple amazon-credentials CLI. You control which sources are tried and in what order and you can tune behavior such as metadata timeouts or disabling EC2 metadata lookups with AWS_EC2_METADATA_DISABLED, it caches credentials by default and exposes helpers for checking expiration and refreshing temporary tokens. Version 1.3.0 removed the earlier on-disk encryption approach and now keeps credential values inside closures so dumps and normal serialization do not reveal secrets, a design change intended to reduce accidental exfiltration. One limitation to be aware of is that the module will not automatically resolve profiles that only specify an assumable role without available base credentials, although web-identity federation is supported for OIDC scenarios.

Parallel::Scoreboard is a lightweight, pure‑Perl scoreboard for tracking the status of many worker processes. Workers call update() to write arbitrary status data into files under a configurable base directory and a manager process calls read_all() to collect the current, live statuses as a hashref keyed by worker id. The module imposes no limits on status format or length so you can store plain text, JSON, or serialized Perl objects, and you can override the default PID-based worker id if you need custom identifiers. It automatically creates and maintains the workspace directory and includes cleanup logic to remove stale entries left by killed processes. Parallel::Scoreboard is an easy-to-use alternative to other scoreboard modules and recent releases have hardened concurrent use by fixing race conditions and improving directory and cleanup robustness.

Starlet is a lightweight, high-performance standalone HTTP/1.1 server for PSGI/Plack applications that is designed to run reliably behind a reverse proxy. It uses a prefork model via Parallel::Prefork to give you multiple worker processes with graceful shutdown, supports hot deploy through Server::Starter, and can plug in HTTP::Parser::XS for faster request parsing. You start it with plackup or start_server and tune worker counts, timeouts, keepalive and request limits from the command line, and it also exposes a psgix.informational callback and immediate 100-continue handling for sending informational responses. The project emphasizes simplicity, security and minimal dependencies, and recent releases include important reliability work plus a security fix that prevents HTTP request smuggling (CVE-2026-40561).

NetBox::Client is a lightweight Perl client for interacting with a NetBox server using its REST or GraphQL APIs. It wraps common operations such as retrieving, creating, updating, replacing and deleting NetBox objects and exposes simple error reporting so you can handle failures programmatically. By default it uses the REST API but can use GraphQL for faster, read-only queries while accepting the documented limitations such as GraphQL being disabled by default in NetBox and limited custom field filtering. The module requires Perl 5.10 or newer because it uses the signatures feature and supports both legacy and, as of the recent v0.2.0 release, the newer v2 authorization token format. If you need a straightforward Perl binding to automate or integrate with NetBox for inventory and infrastructure data, this module is a practical choice.

Dist::Zilla::PluginBundle::Starter is a ready-made bundle of Dist::Zilla plugins that sets up a minimal, sensible toolchain to build, test, and release Perl distributions to CPAN. It groups a curated set of plugins for generating metadata and READMEs, running pod and compile tests, pruning cruft, managing manifests and uploads, and more, while remaining unopinionated and easy to customize. You can pin a bundle revision to preserve behavior, choose an installer backend like MakeMaker, ModuleBuild, ModuleBuildTiny or DistBuild, enable managed_versions to sync and bump module versions on release, or ask for generated files to be copied back into your repository at release time. There is a git-focused variant, @Starter::Git, and a FAKE_RELEASE mode to exercise the release process without uploading. If you want a low-friction, configurable starting point for packaging Perl modules with Dist::Zilla, this bundle is a practical and flexible choice.

Time::Str is a focused Perl utility for reliably parsing and formatting timestamps across a wide range of standards and real-world formats. It gives you str2time to convert strings into Unix timestamps with optional fractional-second precision, str2date to extract validated components without forcing a timezone conversion, and time2str to render timestamps into ISO 8601, RFC 3339/2822, HTTP, SQL, ASN.1, iCalendar, ECMAScript, Common Log Format and several other common flavors, plus a permissive "DateTime" parser for many real-world textual forms. The API supports fractional seconds, configurable precision and an exact nanosecond override, timezone offsets and a pivot-year option for formats that use two-digit years, and it intentionally captures ambiguous timezone abbreviations without guessing offsets so callers can resolve them explicitly. Recent releases added optional XS acceleration for faster time2str formatting when a C99 compiler is available and refactored internals into smaller components while still falling back to pure-Perl when needed. Note the documented limitations: month and day names are English only, ISO week and ordinal dates are not supported, timestamps are limited to years 0001–9999, and str2time requires either a UTC designator or a numeric offset rather than unresolved abbreviations.

DMS::Parser::XS is the C-backed (XS) implementation of a parser for the DMS data syntax that serves as a drop-in, high-performance alternative to the pure-Perl DMS::Parser. It parses DMS source into Perl scalars, arrays, and hashrefs and can return a full Document structure with front-matter, comments, and original literal forms, while exposing the same public API so existing code can switch backends without changes. The module offers a lite mode that skips comment and literal-form tracking for maximum speed and can be roughly twenty times faster on large documents, plus functions for front-matter-only parsing, unordered-table decoding, and tier-1 document handling with higher-level validation done in Perl. It can re-emit DMS either preserving original forms or producing a canonical representation, and the C parser and its utf8proc dependency are vendored in the distribution so no external C libraries are required, though a C compiler is needed at build time.

DMS::Parser is the pure‑Perl reference parser for the DMS data format, turning DMS source into native Perl data structures plus small blessed sentinel objects for types that do not map cleanly to Perl such as booleans, integers, floats and several date/time kinds. You can parse just the body or request a full Document that preserves front‑matter metadata, comments and original literal forms for exact round‑trip emission with DMS::Parser::Emitter, and there is a lighter decode mode that skips comment/form tracking for roughly double the speed on large documents. The module also offers a decorator‑aware tier‑1 parse and returns helpful line:column diagnostics on parse errors. For much higher throughput on large files use the companion DMS::Parser::XS bridge. Note that recent 0.3.0 changes standardized the public API names to decode/decode_document and encode (old names remain as deprecated aliases).

Sidef is a Perl module that embeds the Sidef programming language engine into Perl so you can parse, compile and run Sidef code from your Perl programs. It exposes an easy API to execute Sidef snippets, compile Sidef to Perl for fast embedding, inspect and transform the AST, and tune performance with multi-level optimization and an optional DBM-backed compilation cache. The language itself is multi-paradigm with modern features such as first-class functions, pattern matching, lazy sequences, multiple dispatch, operator overloading and native arbitrary-precision integers, rationals and complex numbers, and Sidef integrates directly with the Perl ecosystem so you can require any CPAN module from Sidef code. Typical uses include embedding Sidef as a configuration or expression language, safe evaluation of user expressions, code generation and metaprogramming, and speeding repeated workloads by compiling once and reusing code. Installation requires standard C math libraries for full numeric support and optional DB_File or GDBM_File for caching, and you should be aware of a few limits noted by the author such as Unicode behavior depending on Perl, DBM cache not being thread safe without synchronization, and possible DBM record size issues for very large sources.

ExtUtils::CFeatureTest is a small utility for Perl XS authors that probes the C compiler and installed libraries on the build host and captures the results as a usable C header instead of a long list of -D flags and per-file #ifdef boilerplate. It can test for headers, compile and run small C snippets, try alternative include paths and linker options, and declare macros or add actual #include lines into a generated config header that your C sources can include directly. The module also exports discovered include paths and flags to ExtUtils::Depends so other modules can use them and provides convenience methods to mark features as required or optional during a Makefile.PL run. It is intentionally single-file and dependency-free so it is easy to ship in your distribution under inc/ExtUtils/CFeatureTest.pm and avoid system-wide upgrades breaking older builds. Recent changes in version 0.002 improved how the config_* attributes are organized and added fancier output for diagnostics.

Business::UDC is a compact Perl class for parsing, tokenizing and validating Universal Decimal Classification (UDC) notations used in library and bibliographic systems. You supply a UDC string and the module returns a token list, an abstract syntax tree, and a validation flag, and it can report descriptive errors with parameters to help diagnose problems. It is handy for cataloging, metadata processing, or any program that must interpret or check UDC codes, and it exposes simple methods such as new, tokens, ast, is_valid, source and error so you can plug parsing and validation into scripts and services. Recent changes make tokenization and validation more robust for real world data by adding support for alternative apostrophes and quotation marks, allowing more punctuation and spaces in names, and improving error messages and tests.

App::Netdisco is an open source, web‑based network management application that harvests SNMP and related data into a PostgreSQL database to help operators map, inventory and control their networks. It makes it easy to find a device by MAC or IP and see the switch port it lives on, change port state, VLAN or PoE settings, produce hardware and software inventory reports, and visualise topology with neighbour maps. The product ships as a web frontend plus a backend daemon for scheduled polling and interactive actions, is extensible with plugins and a DBIx::Class API, and offers container images and a public demo to try before you deploy. It requires Perl 5.10 or newer and PostgreSQL 9.6 or newer and includes guides for common OS installs. Recent releases have added API and monitoring endpoints including /api/v1/statistics and /health and /metrics, expanded power/PoE and power_modules visibility, and delivered a number of user interface and stability improvements.

Travel::Routing::DE::DBRIS is a Perl library for programmatically querying Deutsche Bahn's bahn.de itinerary service and returning structured journey results so your code can list connections, segments, departure and arrival times, stop names and useful flags like transfers or cancellations. It expects origin and destination as Travel::Status::DE::DBRIS Location objects and supports common options such as date/time, up to two required stopovers, language, modes of transit, passenger details for pricing, caching and custom user agents, making it handy for building trip planners, schedule lookups or command line tools that need German rail itineraries. The module returns Connection and Segment objects with accessible fields for times, stops and messages, and recent maintenance releases have adjusted the parser for bahn.de API changes and improved handling of cancelled segments, DST edge cases, compressed responses and evasions for an aggressive web application firewall. The author notes the project is still a work in progress and some advanced features such as complete fare handling, Deutschlandticket logic, bike carriage and reservation-only handling are not yet implemented.

Travel::Status::DE::DBRIS is an unofficial Perl client for Deutsche Bahn's bahn.de departure monitors and train information APIs that makes it easy to fetch station departure boards, search for stations by name or location, retrieve trip details and request carriage formation for a specific train. You can use it synchronously or with promises for nonblocking code, and results are returned as objects you can inspect for times, delays, line numbers and destinations. The module supports basic caching of realtime responses, an optional failure cache, filtering by modes of transit and a configurable number of intermediate stops, and it can also load prepared JSON for testing. It requires standard Perl web and date libraries and offers a developer_mode that prints requests and responses for debugging. The author notes the project is still a work in progress and recent releases address backend changes and service quirks such as stricter WAF behavior from bahn.de and updated API formats, with the 0.28 release adjusting for recent internal API changes.

Alien::cmake4 provides a portable way for Perl distributions to find, install, or build CMake version 4.x so your XS or external-build code can invoke a known cmake executable. It exports simple helpers and methods such as exe and bin_dir so you can add the CMake bin directory to PATH and call the cmake program from Perl. The module prefers binary "share" installs when prebuilt packages are available for Windows, macOS and common Linux architectures and can fall back to building from source on other platforms or when ALIEN_CMAKE_FROM_SOURCE is set. You can control install behavior with the standard Alien::Build environment variable ALIEN_INSTALL_TYPE and it integrates with the Alien::Build ecosystem and the Alien::Build::Plugin::Build::CMake plugin. Recent releases tightened build dependencies and added a minimal Perl version requirement and a glibc check for Linux binary installs to improve reliability.

PDF::FacturX lets you turn an existing visual invoice PDF into a standards-compliant Factur‑X / ZUGFeRD PDF/A-3 invoice by embedding a CrossIndustryInvoice XML file that follows the EN 16931 norm. It provides a single generate function that builds and validates the XML, wraps it into a PDF/A-3 envelope with the required XMP metadata and associated file relationship, and writes a PDF/A-3 output suitable for French and German e-invoicing workflows. The module supports the common Factur‑X profiles (minimum, basicwl, basic and en16931), validates against the official XSD, and defaults to validating XML before embedding. You will need Perl 5.20+, Ghostscript, and the usual XML and PDF Perl libraries, and the initial release also includes an sRGB ICC fallback and uses Ghostscript plus PDF::Builder to produce the PDF/A-3 output.

GDPR::IAB::TCFv2 is a Perl parser for IAB TCF version 2 consent strings that decodes a base64url encoded Transparency & Consent string into an easy to use, immutable object so you can read who gave consent, when and for what. Use Parse to validate and load a TC string and then call methods to fetch metadata like version, creation and update timestamps, CMP id and version, consent language and vendor list version. The object exposes checks for purpose consent and legitimate interest, vendor consent and legitimate interest, special feature opt ins, purpose one treatment, publisher country and publisher restrictions, and it can decode a Publisher TC section when present. Parse supports a strict mode for format validation, a prefetch option to help with range-based vendor sections and a configurable TO_JSON output to produce compact or verbose JSON with customizable date and boolean formats. The module will die on invalid input but otherwise gives a convenient API for integrating TCFv2 checks into applications that need to respect consent signals. Recent releases added a unified subcommand CLI and fixed a CLI parameter bug along with improvements to the CLI help and overall quality checks.

Compress::Stream::Zstd is a lightweight Perl binding to the Zstandard compression library that gives you simple compress and decompress functions for in-memory buffers, accepting scalars or scalar references and returning undef on error. It is a fork of Compress-Zstd with a few streaming robustness fixes to ensure it works well with IO-Compress-Zstd, and it exposes a few constants such as version and compression level limits. Use it when you need fast, modern compression from Perl with a minimal API and a permissive BSD-style license.

File::Raw::Gzip is a lightweight plugin that adds transparent gzip/zlib/raw-deflate support to File::Raw, letting you read compressed files as regular strings and write compressed files with a single option. Once loaded it registers the "gzip" plugin so file_slurp/file_spew and similar File::Raw helpers will automatically inflate on read or deflate on write, with configurable compression level, mode (gzip, zlib, raw or auto for decoding), chunk size and advanced tuning like strategy and memory level. It also supports streaming each_line over compressed files without slurping the whole file and composes cleanly with other File::Raw plugins for slurp/spew chains, although per-record dispatching is not applicable to gzip streams. The module is a thin binding to libz so you need the system zlib development package to build, and version 0.01 is the initial release.

Test::SPDX::Coverage is a small test-harness helper for Perl projects that scans the files listed in your MANIFEST and checks that each matched source file contains a SPDX-License-Identifier comment and that the identifier is valid according to the License::SPDX database. You drop it into your test suite and call spdx_coverage_ok(), and it will read your MANIFEST for files matching a pattern (by default .pm, .pl, .cgi), look for a line like "# SPDX-License-Identifier: MIT" within the first N lines, and validate the declared license string via License::SPDX. The exported spdx_coverage_ok function accepts options such as which manifest to use, the filename match regex, how many lines to scan, and a diagnostic level. This module is useful for projects that want automated, CI-friendly checks that source files carry proper SPDX metadata and is distributed under the MIT license.

Geo::Address::Parser::Country is a Perl module that normalizes the last comma-separated component of a place string into a canonical country name. It is built to tolerate messy, abbreviated, or historical place names often found in genealogy data and poor-quality imports. Resolution starts with a direct lookup of common variants and historical names, then checks US states, Canadian provinces in English and French, and Australian states via Locale::US, Locale::CA and Locale::AU, and finally falls back to Locale::Object::Country and optionally Geo::GeoNames if you supply one. You construct the resolver with prebuilt locale objects and resolve() returns a hashref containing the resolved country, the possibly amended place string, an array of warnings, and an unknown flag instead of emitting errors. Note two documented caveats: the direct lookup maps "NL" to Netherlands which can conflict with the Canadian province code for Newfoundland and Labrador, and Geo::GeoNames uses AUTOLOAD which may cause simple constructor validation to reject a real Geo::GeoNames object unless you wrap or subclass it.

Graphics::Toolkit::Color (GTC) is a high-level Perl API for creating, converting and composing colors and palettes as immutable objects. It accepts many input forms including CSS and named colors, hex codes, numeric tuples and custom ranged or raw values, and it can output values in multiple formats or canonical names. You can measure perceptual distance, check if a color is in gamut, convert between spaces, and produce related colors such as mixes, gradients, complements and clusters for palette generation. The module defaults to RGB for screen work but supports many perceptual and wide-gamut spaces, and the recent 2.1 release added a large set of professional color spaces plus improved gamut checking and raw value handling for advanced workflows. Lightweight helpers color and is_in_gamut are exportable for quick scripting and optional external color-name modules extend available naming schemes.