CPANscan

Crypt::PasswdMD5 is a small utility module for creating MD5-based password hashes compatible with Unix crypt and Apache .htpasswd formats. It supplies unix_md5_crypt and apache_md5_crypt functions for producing the exact hashes used by modern systems and Apache, and a helper random_md5_salt to generate salts when you do not supply one. Use this module when you need to create or validate legacy MD5 crypt password entries or manage .htpasswd files. The author notes it is intended for password authentication and is not a good choice for other cryptographic uses.

Tree::Cladogram turns a simple text description of a tree into a polished cladogram image using either Imager or Image::Magick, making it easy to produce publication or web-ready diagrams from tab-delimited input files (the expected header is "Parent\tPlace\tNode" and skeleton nodes are numbered and hidden). You use it by creating a Tree::Cladogram::Imager or Tree::Cladogram::ImageMagick object with options for fonts, colors, branch thickness, margins, step sizes and output filename, then call run to write an image whose format is chosen from the output file suffix. The distribution includes command-line scripts, sample .clad data and example outputs, and supports the wide range of image formats available to Imager or Image::Magick. The module is practical for researchers, educators, and anyone who needs to convert hierarchical data into readable cladograms, and note that recent maintenance updated the packaging and replaced the LICENSE with a GPL version 2 style license in the 1.05 release.

SPVM::Sys is a comprehensive, portable bridge from SPVM to operating system services that gathers file and directory management, low and high level I/O, file descriptors and stat information, pipes and popen, sockets and networking primitives, select and ioctl, process control like fork, exec, wait, kill and alarm, environment and user/group database access, and time utilities into a single API familiar to Perl users. It wraps many submodules to expose system calls and common filetest operators such as -e, -f, -r and -x, and adds helpers like a cross‑platform TCP keepalive setter. Windows filename handling is done for you with automatic UTF‑16/UTF‑8 conversion. If you write SPVM code that needs direct, portable OS interactions this module provides the low‑level building blocks in a single, consistent package.

SPVM::Net::SSLeay is a native SPVM port of Perl's Net::SSLeay that exposes OpenSSL 1.1.1 functionality to SPVM programs, letting you create SSL contexts, perform TLS handshakes, read and write encrypted streams, inspect certificates and configure callbacks and verification. It models OpenSSL's SSL data structure and includes a broad set of companion classes for X509, EVP, PEM, BIO, PKCS12, error codes and constants so you can work at the same low level as Net::SSLeay or build higher level socket layers like IO::Socket::SSL. The module implements a thread-safe callback mapping so SPVM callbacks can be invoked from native OpenSSL events and it also documents a few behavior details around EOF and error handling to match modern TLS practices. It requires OpenSSL 1.1.1, supports LibreSSL and is actively maintained; the most recent release improved portability and Windows/MSVC support, fixed leaks and warnings, and tightened build and test reliability.

CSS::Minifier::XS is a compact, high-performance CSS compressor that strips unnecessary whitespace and comments while preserving important constructs like copyright notices and the Mac/IE comment hack. It exposes a single easy-to-use function, minify($css), which returns a syntactically safe, smaller CSS string and performs practical reductions such as removing units from zero values and trimming redundant semicolons. Because the heavy lifting is implemented in XS this module runs far faster than pure-Perl minifiers, making it handy for build pipelines or on-the-fly optimization, and the recent 0.14 release fixes a memory leak that could occur when an entire stylesheet minified to nothing.

Data::JPack is a small packaging toolkit that helps Perl developers bundle JavaScript, text and binary assets for web clients so applications can run from local files or be embedded directly into HTML without running a server. It provides a simple server-side API to create packer objects, encode and decode whole payloads or stream them by emitting a header, one or more data chunks, and a footer, and it can produce either external data files or inline embedded content for offline or single-file deployments. The module aims to simplify delivering templated content to browsers and to prepare payloads that work with a client-side companion (Data::JPack::App) and with worker pools for CPU-intensive JavaScript tasks. Configuration options let you point to an HTML container, choose inline versus external packaging, and enable basic compression using the deflate algorithm. Note that the current implementation only supports the "data" package type and deflate is the sole compression option.

Dist::Zilla::Plugin::CycloneDX is a small Dist::Zilla plugin that generates a CycloneDX software bill of materials (SBOM) and includes it in your distribution. It produces an SBOM from the metadata already present in your META files so you can add standardized supply‑chain metadata with minimal fuss. Other Dist::Zilla plugins that implement the CycloneDXSource role can extend what gets included, so the output can be enriched as needed. This initial release is a lightweight way for Perl module authors who use Dist::Zilla to produce CycloneDX output from existing distribution metadata.

Stats::LikeR is a compact toolkit that brings R-like data frame manipulation and a wide range of statistical routines to Perl, letting you read and write CSV/TSV tables, reshape between array-of-hashes, hash-of-arrays, and hash-of-hashes, and run common analyses such as summary statistics, t‑tests, ANOVA, linear and generalized linear models, PCA, chi‑square and nonparametric tests, correlations, and more. It includes helpers for table operations like filter, group_by, assign, csort, add_data and transpose, column-wise utilities such as col2col and vals, random and distribution generators, and conveniences like seq, sample, uniq and value_counts, all designed to feel familiar to R users while working naturally with Perl data shapes. Performance-sensitive pieces are implemented in XS where appropriate and the API supports formula notation for modeling plus a predict routine to score new data. Be aware that many numeric reducers and tests treat undefined values strictly and will die on undef inputs unless handled first, which makes the module strict but helps catch data problems early. If you need R-style data wrangling and statistics inside Perl without switching languages, this module is highly relevant.

Test::Mojo::Role::OpenAPI::Modern adds OpenAPI-aware validation helpers to Test::Mojo so you can assert that HTTP requests and responses from your Mojolicious app conform to an OpenAPI document. You give it an OpenAPI::Modern object or let it pick one up from your app configuration and then use simple test methods like request_valid and response_valid, their inverse forms that can match specific error messages, and operation_id_is to check the invoked operation. It can return or print the JSON::Schema::Modern::Result objects for diagnostics and has a test_openapi_verbose switch to automatically dump validation failures. Note that for testing you should use a relative openapi_uri so test request URIs match the spec. This role is a straightforward way to bring OpenAPI and JSON Schema validation into your Test::Mojo suite.

SBOM::CycloneDX is a Perl library for creating, manipulating and validating OWASP CycloneDX software bills of materials. It exposes rich object models for components, services, dependencies, vulnerabilities, metadata and other CycloneDX concepts so you can build a BOM programmatically, serialize it to CycloneDX‑compliant JSON and validate it against the spec. The module supports CycloneDX versions 1.2 through 1.7 and includes convenient helpers for adding dependencies, finding components by PURL or bom-ref and converting BOMs to hashes or strings. The latest updates deprecate SBOM::CycloneDX::Vulnerability::Source and SBOM::CycloneDX::Issue::Source and make JSON::Validator based tests optional, and the distribution is useful for developers, security teams and build or CI tooling that need to generate or audit SBOMs for supply‑chain and compliance workflows.

constant::string is a tiny Perl pragma that lets you declare string constants whose values are the same as their names so that a symbol like FOO evaluates to the string "FOO" without you repeating the literal. You pass it a list of identifiers and it installs compile-time constants in the caller, leveraging Perl's built-in constant pragma so the values are inlined and efficient rather than being ordinary runtime sub calls. It is handy when you want simple symbolic tokens, event names, labels, or enum-like values without typing the strings repeatedly. Initial release: 2026.26.

Clownfish is a lightweight "symbiotic" object system and code generator designed to make it easier to build high‑performance language extensions in C and expose them cleanly to other host languages. It provides a small runtime with core data types and a root Obj class, plus a compiler called CFC that generates C headers, host-language bindings, initialization glue and documentation from simple Clownfish class descriptions. The system supports single inheritance, virtual dispatch, lazy creation of host objects, introspection and guaranteed ABI stability so you can add or reorder methods and fields without breaking binary compatibility. Clownfish is already used by the Apache Lucy project and offers feature‑complete support for C and Perl 5, experimental Go bindings and early work for Python and Ruby, making it a good fit if you need modular, fast bindings or a shared C library with cross‑language APIs. The recent 0.6.4 release fixes clang warnings that blocked installation on macOS, and ongoing work aims to broaden host language support and add interface features.

Clownfish::CFC is the compiler component for the Apache Clownfish system that developers use to turn Clownfish interface descriptions into the C runtime, language bindings, and documentation needed to build or embed Clownfish-based libraries in other languages. This is an alpha release whose public API has been intentionally cloaked, so internal interfaces may change and the module should be treated as experimental. It is distributed under the Apache License 2.0 and has an active changelog addressing build and portability issues across platforms and host languages; the most recent fix removes clang warnings that previously prevented installation on macOS. If you work with Apache Clownfish or need an automated way to generate multi-language bindings and C glue code, this is the tool you would use, but expect evolving behavior while the project matures.

Amazon::API is a lightweight Perl base class for calling AWS services that lets you either handcraft minimal clients, subclass it for a specific service, or auto-generate fully featured Perl service classes from Botocore metadata. It handles endpoint construction, AWS Signature v4 signing, credential discovery or injection, content-type selection, automatic response decoding and pagination for Botocore-based APIs, and provides utilities for formatting query-style parameters. If you only need a few APIs or want a smaller dependency footprint than a full SDK this module makes it easy to build just what you need while the included amazon-api tool can generate complete service and shape classes from the Botocore repo. The module favors resilience when serialization fails by returning raw responses by default and lets you opt in to raised serialization errors, and recent releases improve serialization by detecting protocol from Botocore metadata and fix several shape-handling bugs. It is not a drop-in replacement for larger SDKs like Paws for every edge case, S3 support is not recommended here, and Windows has not been tested.

Data::NestedKey is a lightweight object-oriented Perl utility for reading and updating deeply nested hash and array structures using simple dot-separated paths with optional [n] array subscripts, so you can refer to items like repositories[0].repositoryUri or items[-1].name without manual traversal. It offers get, set, delete and exists_key methods, supports appending and merging with a "+key" prefix and removal with a "-key" prefix, and returns sensible values for missing paths; stringification via as_string lets you serialize the whole structure in JSON by default and also supports YAML, Data::Dumper and Storable formats. The module is handy for manipulating configuration files or API responses where values live many levels deep, and the recent 1.1.0 release added full array-index support in set/get/delete/exists_key plus improved path parsing for more flexible access.

mb.pm is a modulino and source filter that lets you write and run Perl scripts using legacy multibyte encodings instead of UTF‑8 by transparently transpiling MBCS literals into octet‑oriented Perl code or by providing runtime mb::* helpers for codepoint semantics. It supports Big5, Big5‑HKSCS, EUC‑JP, GB18030, GBK, Shift_JIS/CP932, UHC, UTF‑8 and WTF‑8 and handles tricky cases like multibyte characters whose second byte looks like an ASCII metacharacter by escaping them, adding multibyte anchoring to regular expressions, and rewriting character classes so regexes, split and tr/// behave correctly on codepoints. You can run scripts as "perl mb.pm script.pl" (modulino), use "use mb" as a source filter on modern Perls, or call mb::qr, mb::split and other mb::* routines selectively at runtime. The module preserves octet semantics for built‑in functions unless you opt into mb::* alternatives, avoids using Perl's UTF8 flag to reduce mojibake, and works across many OSes and very old Perl versions. Tradeoffs to know are that it may produce a transpiled .oo.pl file or needs the wrapper command, casing helpers only handle US‑ASCII by default, Unicode properties and named codepoints are not supported, there are known limits and platform quirks (notably some Windows chdir issues) and a few advanced regexp and boundary features are intentionally omitted. If you need to maintain or port Perl code that deals with non‑UTF8 multibyte text, mb.pm gives a practical, JPerl‑inspired way to do that without rewriting all your string and regex logic.

JIRA::REST is a lightweight Perl client that makes it easy to call Jira's REST APIs from scripts and automation. It wraps Jira Core, Service Desk and Software endpoints behind simple GET, POST, PUT and DELETE methods and returns decoded JSON or plain text so you can work with native Perl data structures. Authentication options include anonymous access, basic username/password, session cookies, Personal Access Tokens and, as of the latest release, Service Account tokens for Jira 11, so it fits modern Jira setups. The module also offers handy utilities for paging through search results, attaching files to issues and accessing the underlying REST::Client when you need lower level control. If you need a minimal, pragmatic way to interact with a Jira server from Perl, and you run Perl 5.34 or newer (tested with Jira Data Center 11.3.7), JIRA::REST is a convenient choice.

Algorithm::QuadTree::XS is a drop-in C (XS) backend for Algorithm::QuadTree that makes quadtree spatial indexing far faster than the pure-Perl implementation. It is used automatically when installed and remains compatible with Algorithm::QuadTree::PP, so you get the same API while benefiting from much quicker searches and inserts for typical spatial workloads such as collision detection, GIS queries, game object management, or any application needing fast rectangular or circular area lookups. Benchmarks bundled with the distribution show substantial speedups and the changelog notes improvements in search performance, memory use for large objects, deduplication of results, and better backreference handling; the author also calls out a small tradeoff where inserting many very small objects may be slightly slower after recent optimizations. The module is actively maintained and recent fixes ensure compatibility with Algorithm::QuadTree 1.0 and address a portability issue in the XS build.

DBIx::QuickORM is a DSL-driven builder for creating composable, reusable object-relational mappings in Perl. It provides nested builder functions to declare ORMs, servers, databases, schemas, tables, columns, links and row classes so you can reuse parts across projects and mix databases or schemas as needed. The toolkit supports autofill schema introspection from live databases, plugins and custom types, and ships dialects for PostgreSQL, MySQL variants, SQLite and DuckDB while letting you override drivers and connection details. Recent releases added a quick() DSL-free entry point, faster batch schema introspection, and a compare-and-set cas() operation for guarded single-row updates. If you want a flexible, extensible way to map relational schemas to Perl objects across multiple servers or SQL variants, DBIx::QuickORM is designed to make that simple and composable.

Lingua::JA::KanjiTable supplies ready-made Perl character properties that map to Japan's official kanji lists so you can write regexes like \p{IsJoyoKanji} or \p{IsJinmeiyoKanji} to test, filter, or validate characters against the government Joyo and Jinmeiyo kanji tables. It exports convenient "Is" property names by default and also provides optional, dated variants for specific editions, which makes it easy to enforce edition-specific rules for name validation, form input, search, or other text processing tasks that need authoritative kanji membership checks.

DBIx::Auto::Migrate is a small Perl helper that wraps DBI connections and automatically applies schema migrations defined in your code, making it easy for server or desktop programs to upgrade their database at runtime. You create a simple database wrapper package that provides a migrations list of SQL statements plus basic connection subs like dsn, user, pass and an optional extra for DBI options, then call finish_auto_migrate to enable the feature. The module exposes connect and connect_cached methods that mirror DBI but take no arguments. Migrations are plain SQL statements and the first migration must create an options table that the module uses to track the current migration number. Migrations only run forward so be careful when changing them. The author designed it to work with multiple engines such as PostgreSQL and SQLite, but full cross-database guarantees are not promised and more testing is needed.

App::cpm is a fast command line installer for CPAN modules that focuses on predictable, stable installs by preparing dependencies first and performing the final installation step separately. It installs the requested distributions and their runtime dependency closure by default, which makes it especially useful for larger dependency graphs and for workflows that build or install in parallel. The project provides a tutorial to get started and publishes GitHub artifact attestations for released tarballs if you care about provenance. App::cpm is an alternative to tools like cpanminus and integrates well with typical Perl dependency workflows.

GitHub::RSS is a small helper that periodically syncs GitHub issues and their comments into a local database so you can build RSS feeds or otherwise query a stable cache of issue activity. It connects to GitHub using an API token that can be supplied directly or read from a JSON token file and stores fetched data via a DBI handle, so you can use SQLite or another supported database. The module tracks the time of the last stored update and provides methods to fetch and store all issues or only those changed since the last check, with options to catch up by fetching extra pages of historical data. If you need to turn GitHub issue activity into an RSS feed or keep a local copy of issue history for reporting, this module handles the synchronization and storage details for you.

Object::Configure is a lightweight Perl utility that makes it easy to inject runtime configuration and logging into your classes so you can tune behavior without changing code. It merges settings from class-specific files, parent-class files and an optional universal section, accepts environment-variable overrides, and will construct a Log::Abstraction logger for you if needed, so you can control logging per-module at runtime. It also provides instantiate to wrap third-party classes and a hot-reload system that can watch config files and push updates into registered objects on Unix systems by forking a watcher and signaling the parent process. The module is ideal when you want fine-grained, outside-the-code control of timeouts, retries, and logging, but be aware it uses global registry state, hot reload is not supported on Windows, the configure function is large, and its internal deep-merge replaces arrays rather than merging them.

DBIO::DuckDB is a small DBIO component that plugs DuckDB-specific storage and schema management into DBIO-based applications. When loaded into a DBIO::Schema class it makes the schema use DBIO::DuckDB::Storage so your app gets direct access to DuckDB features like the Appender API for fast bulk inserts, Arrow-style columnar fetches, and table-function helpers to read CSV, Parquet, or JSON files. It builds on DBD::DuckDB, a pure-FFI DBI driver that requires libduckdb at runtime, so you keep DBI conveniences such as transactions and result sets while gaining DuckDB’s embedded, columnar analytics capabilities. Schema install, diff and upgrade are handled by a test-deploy-and-compare flow via DBIO::DuckDB::Deploy, and the included tests use in-memory DuckDB databases for easy local verification. Use this module if you already use DBIO and want to leverage DuckDB’s performance and IO features without rewriting your ORM layer.

PDF::Make is a self-contained Perl PDF toolkit built on a pure C engine (libpdfmake) that implements its own compression, encryption, font handling, and image decoding so it has no external runtime dependencies aside from Object::Proto for the high-level API. It offers two layers: a chainable, user-friendly PDF::Make::Builder for rapid document creation with automatic layout, word wrap, and font metrics, and a low-level XS API (Document, Page, Canvas, etc.) when you need direct control over PDF objects and content streams. The distribution also includes parsing and extraction tools, font and image embedding, interactive forms and fields, link actions, digital signatures, redaction and sanitisation, layers, attachments, and output features like linearization. Choose PDF::Make if you want a feature-rich, dependency-light solution for generating, editing, and reading PDFs from Perl, with both high-level convenience and low-level control.

App::karr is the engine behind karr, a Git-native kanban tool that keeps task cards and board configuration inside Git refs so your repository remains the single source of truth. The karr command line lets you create, list, move, and inspect cards that are ordinary Markdown files with YAML frontmatter stored under refs/karr/*, and each command materializes a temporary board view and writes changes back into refs to avoid adding persistent board trees or causing file-level merge conflicts. It is aimed at teams that prefer to manage task state alongside their code, and it includes features like numeric id allocation, append-style activity logs, and sparse YAML configuration layered over sane defaults. You can run karr from a provided Docker image or directly from a Perl install, and the distribution also exposes lower-level modules so automation scripts can load, snapshot, create, and push tasks programmatically. If you want a lightweight kanban workflow that is tightly integrated with Git rather than with external services, App::karr and the karr CLI are likely relevant to your workflow.

Tree::DAG_Node is a mature Perl class for building and manipulating ordered N-ary trees by treating each node as an object that knows its mother, its ordered daughters, a name, and an arbitrary attributes hashref. You can use it directly to create trees or subclass it to add domain-specific behavior, and it enforces tree invariants so nodes cannot have two mothers or become their own ancestors. The module provides a large toolkit of practical operations including adding and removing daughters, splicing and replacing nodes, traversal via a depth-first walk_down callback, copying subtrees, finding ancestors or common ancestors, converting to and from list-of-lists notations, and pretty ASCII rendering or string serialization for read/write, with attention to utf-8 handling. It also offers delete_tree to break circular references so memory can be reclaimed and utilities for addresses, generations, and leaf queries that make tree processing straightforward. The interface is feature rich so it may feel heavyweight for trivial trees but remains efficient for simple uses, and recent updates include documentation fixes and distribution modernizations such as an updated license bundle and tidy Makefile.PL dependencies in v1.36.

Params::Validate::Strict is a Perl library for rigorously checking and sanitizing named parameters against a declarative schema. You describe each field with types, ranges, regexes, optional/default rules, transformations and custom reusable types, and the module returns a new hashref with validated and coerced values or reports errors when inputs do not match. It also supports nested structures, per-element checks for arrays, union types, cross-field checks and relationship rules like mutually exclusive or dependent parameters, so it fits use cases from API and form validation to feeding test generators or a web application firewall. The API is compatible in spirit with older validators and includes hooks for custom callbacks and logging, and the author provides bug reporting and test coverage links while noting the module is supplied without warranty.

Desktop::KDEActivity::Util provides a tiny, focused set of Perl helpers for working with KDE Activities from scripts and small tools. It exposes functions you can optionally import to read the current activity (by name or GUID), list all known activities, and switch the current activity by name while handling the GUID translation that KDE tools often require. Each function returns an enveloped result as an array with an HTTP-like status code, a human reason string, an optional payload and optional metadata so callers can detect and handle errors cleanly. The functions are simple to use from command line utilities or automation tasks and are exported only on request. The 0.002 release is a small maintenance update that removes some old vestigial code.