CPANscan

Dist::Zilla::Plugin::SigStore::SignRelease is a Dist::Zilla plugin that signs your distribution archives with SigStore using the cosign command line and can upload the resulting signature bundle to CPAN alongside your release. It integrates into your dist.ini in place of the standard UploadToCPAN behavior and by default writes a signature file with the .sigstore.json extension; you can also configure it to answer cosign prompts automatically. You will need the cosign tool installed and be aware that CPAN/PAUSE do not yet perform SigStore signature verification, so recipients may need to verify signatures manually with cosign. Recent fixes in 0.05 corrected an example in the synopsis and earlier releases clarified the upload behavior and integration with UploadToCPAN.

Physics::Ellipsometry::VASE is a Perl/PDL toolkit for analyzing variable angle spectroscopic ellipsometry measurements. It wraps core capabilities you need for thin film optical characterization, including transfer matrix calculations, a suite of dispersion models (Cauchy, Sellmeier, Tauc‑Lorentz, Drude, Genosc), effective medium approximations, and a material file loader with unit conversion. The module reads common data formats including Woollam VASE, fits models with Levenberg‑Marquardt or global differential evolution optimizers, supports circular Delta residuals and robust LM regularization, and returns fitted parameters, covariance and model spectra. Plotting is supported through PDL::Graphics::Gnuplot and the distribution includes example scripts to jumpstart typical workflows. This is a good choice for researchers and engineers who want a scriptable, extensible Perl-based environment for ellipsometry modeling and fitting.

Dist::Zilla::Plugin::IRC is a small Dist::Zilla plugin that adds an IRC channel link to your distribution's resources so your CPAN page can point users to a live chat for support or community. You enable it in dist.ini with a simple [IRC] section and the required channel name, and you can optionally supply a network name like perl, libera, freenode or oftc or an explicit host to control the generated link. This is handy if you want to advertise a project channel without hand-editing metadata.

tstregex is a compact Perl library and command line tool that helps you figure out why a regular expression did not match by finding the longest partial match and highlighting the exact token where the match breaks. It pre-parses common regex delimiters and modifiers, exposes a simple API to run diagnostics and retrieve the matching portion, match length, failing token and cleaned subpattern, and offers an enriched CLI view that highlights the failing substring, points to the offending token and reports execution time so you can spot performance issues like exponential backtracking. The module uses a "nibbling" approach that decomposes the pattern and searches for the maximal sequence that can match before failure, making it easier to diagnose anchor, quantifier or group problems without digging into engine internals. You can use it interactively on the command line for quick troubleshooting or embed it in test suites and tools to produce clearer, actionable regex failure messages.

Test::Most is a convenience wrapper for Perl testing that bundles the most commonly used test modules so you can write less boilerplate and get useful features and bug fixes without having to manage many imports. It automatically enables strict and warnings by default and re-exports functions from Test::More, Test::Exception, Test::Differences, Test::Deep and Test::Warn while also adding helpers like explain for nicely dumper-based diagnostics and an experimental show that tries to reveal lexical names. You can make your suite stop on the first failure by importing die or bail, by calling die_on_fail or bail_on_fail at runtime, or by setting environment flags, and you can replace that behavior with restore_fail or a custom handler via set_failure_handler. An optional timeit helper reports timing with Time::HiRes and you can exclude entire test modules or individual symbols if they conflict with your environment. A few features such as deferred plans and all_done are deprecated in favor of Test::More done_testing, and there is a caveat that the module may only take action on a failing test when the next test is invoked because of how Test::Builder works. If you want a compact, batteries-included test import that gives more control over failure handling and better diagnostics, Test::Most is a good fit.

Term::ReadLine::Repl is a lightweight, batteries-included framework for building interactive command-line REPLs on top of Term::ReadLine. You define commands in a cmd_schema that maps names to exec coderefs and optional argument descriptors for tab completion and then call run to drop into a prompt. The module handles common REPL plumbing for you including tab completion, in-session history with optional persistence to a hist_file, built-in help and quit/exit commands, optional shell passthrough for lines beginning with !, and hooks for Getopt::Long style parsing and custom per-loop logic. It is a good fit when you need a quick interactive console for scripts, debugging, or admin tools and want to focus on command logic rather than terminal handling.

MCP::Run is an abstract helper for building MCP servers that expose a "run" tool to execute shell commands remotely. It registers a standard run tool and expects subclasses to implement an execute method that returns an exit code, stdout, stderr and an optional error string. The module supplies common policy and convenience features such as an allowed_commands whitelist, a validator coderef for custom checks, defaults for working directory and timeout, a compress option to shrink output for LLMs, and a run_stdio shortcut for simple command-line servers. Results are formatted into a readable MCP tool response and the companion MCP::Run::Bash module provides a ready-made bash-backed implementation. Use MCP::Run when you need a controlled, pluggable way to expose command execution from an MCP server.

App::rdapper is a compact command-line RDAP client for fetching and displaying registration data about internet resources such as domain names, top-level domains, IPv4/IPv6 addresses and prefixes, and autonomous system numbers in a readable, terminal-friendly format. You can give it many forms of input including forward or reverse domain names, CIDR notation, ASNs, direct RDAP URLs or tagged entity handles, and you can override type detection when needed. It supports registry versus registrar queries or both, raw JSON output, concise output mode, simple domain search across RDAP servers, basic HTTP auth when pointing at a URL, optional local caching, color control, debugging, and disambiguation for in-bailiwick nameservers. The tool is internationalized and will request localized responses where available and can read default options from ~/.rdapper. Install via cpanm or run the official Docker image. Recent releases tighten requirements on the RDAP backend library by requiring Net::RDAP >= 0.42 and add features such as support for the ttl0 extension and improved handling of internationalized names and entity contact data.

Net::RDAP is a Perl library that makes it easy to query the Registration Data Access Protocol, the modern replacement for Whois, to retrieve information about domain names, IP addresses and ranges, autonomous system numbers, and tagged registry entities. It hides the details of finding the right RDAP service, issuing HTTP requests and parsing JSON responses and exposes tidy objects for domains, IP networks, autnums and entities while also offering limited server-side search, direct fetches and a configurable HTTP client for cookies, proxies and headers. The module can optionally cache responses on disk and supports IDN handling and RDAP features such as tagged objects and redacted fields. Recent updates added support for ttl0 and an accept-language option and changed the default cache location to use File::XDG so cached data lives in a sensible per-user directory rather than /tmp. If you need to build tooling that consumes registry data for troubleshooting, automation or research, Net::RDAP provides the plumbing so you can focus on your application.

App::cpm is a fast, command‑line CPAN installer that focuses on reliable, predictable module installs by preparing all dependencies first and doing the final installation step separately. You use it like "cpm install Module" and it will, by default, fetch and ready the requested distributions along with their runtime dependency closure, which makes installs more stable for large dependency trees and when running in parallel or CI environments. It is a pragmatic alternative to tools like cpanminus and integrates well into workflows that need speed and reproducible installs, and documentation and a tutorial are available to get you started.

Gazelle is a high-performance Plack/PSGI handler that preforks worker processes to run Perl web applications and is optimized with XS for maximum throughput. Derived from Starlet, it uses the picohttpparser for fast HTTP parsing, uses accept4 and writev where available, and integrates Parallel::Prefork and Server::Starter for graceful shutdowns, hot deploys, and unix-socket deployments. It implements HTTP/1.1 but does not provide Keep-Alive support itself, so it is most suitable behind a reverse proxy such as nginx. Gazelle exposes a psgix.informational callback for sending 1xx responses and offers command-line controls for worker count, timeouts, and request limits per child, making it a good choice for performance-focused Perl apps. Recent releases include an important security fix addressing HTTP request smuggling (CVE-2026-40562) along with ongoing portability and test improvements.

Authen::Radius is a mature Perl client library for talking to RADIUS servers, letting you build, send and receive RADIUS requests and responses from Perl programs with minimal fuss. You create a client with the server host and shared secret, optionally bind a local address, set timeouts, enable RFC3579 Message-Authenticator generation, or provide a list of cluster nodes; you can load standard FreeRADIUS/GNU dictionaries (a default set is bundled), add attributes by name or raw type, and send or receive common packet types such as access, accounting, CoA and status-server. The module also includes a handy check_pwd wrapper for quick username/password checks, supports vendor and tagged attributes, IPv6 and various attribute types, and exposes debugging and error helpers so it is useful for integrating authentication, accounting or policy changes into Perl-based systems. It is actively maintained by the PortaOne team and the recent 0.36 release fixed signal handling on receive so an interrupted system call (EINTR) no longer causes spurious retransmits.

WWW::MailboxOrg is a Perl client that wraps the Mailbox.org JSON-RPC v2 API over HTTPS to let you manage mailboxes, domains and related services from Perl code or the included command line tool. It implements session-based authentication and exposes a clear object interface for account and domain management, mail operations like send, fetch and folder handling, mailing lists, blacklist and spam settings, backups, invoices and system utilities. Built with Moo, the module offers pluggable HTTP I/O backends, typed entity objects for accounts and domains, utility functions and support for environment variables, config files and interactive credential prompts, which makes it suitable for automation and administrative scripting. The initial release provides full API coverage and ships with an mborg CLI, so if you need to script or integrate Mailbox.org functionality in Perl, this module is likely relevant.

Business::ISBN is a Perl module for working with ISBN-10 and ISBN-13 identifiers. It accepts messy input and normalizes it, checks and can repair checksums, and converts between ISBN-10 and ISBN-13 when appropriate. The module parses and reports prefix, group, publisher, and article codes and can hyphenate ISBNs at standard or custom positions. You can increment or decrement the article number to walk through sequences of ISBNs. A simple exportable function valid_isbn_checksum is provided if you only need checksum validation without building objects. It can also produce EAN-13 barcode images in PNG format using GD::Barcode::EAN13. The ISBN range data come from Business::ISBN::Data so registry updates can be applied separately, and the constructor returns objects even for near-ISBN input while exposing error codes and human readable error_text to explain validation problems.

AtteanX::Parser::JSONLD is a compact JSON-LD 1.11 RDF parser designed to plug into the Attean Perl RDF toolkit, making it easy to convert application/ld+json documents into Attean binding and statement objects; you obtain it with Attean->get_parser('JSONLD')->new and can feed it a filehandle or a UTF-8 byte string to receive results via iterator or callback interfaces. The module advertises application/ld+json as its canonical media type, supports common JSON-LD file extensions, and implements Attean roles for mixed-statement parsing, abbreviating output, and pull-style parsing so it fits idiomatically into Attean-based workflows. It was first released as version 0.001 on 2020-01-26, is intended to be a straightforward, interoperable parser for JSON-LD input, and bug reports or feature requests are handled through its GitHub tracker.

SPVM::Sys is a comprehensive, cross-platform bridge to operating system services for SPVM programs, wrapping common system calls for file and directory I O, sockets, processes, signals, users and groups, environment variables, and time and stat utilities. It gives you high level helpers for opening, reading, writing and locking files, directory traversal, socket creation and messaging, process control like fork, exec and wait, signal handling and user lookup, plus Perl-style file tests such as -f, -d, -r and -s. The module also handles platform differences, providing Windows UTF 16 filename conversion and portable TCP keepalive configuration so you can write code that runs consistently across Unix and Windows. Use SPVM::Sys when you need direct, portable access to low level system functionality from SPVM without dealing with OS specific details.

Alien::cares is a helper module that makes the c-ares C library available to Perl projects by either using a system-installed copy detected via pkg-config or downloading and building the latest release as a bundled static library. It follows the Alien::Base convention so XS modules can obtain the necessary compiler and linker flags via simple calls like cflags and libs, and you can inspect the installed version or install type with version and install_type. You can force which route to use by setting the ALIEN_INSTALL_TYPE environment variable to system or share. This is useful whenever a Perl extension needs asynchronous DNS resolution or wants to link against c-ares, and it integrates cleanly into Makefile.PL workflows and alienfile-based packaging.

MCP is a Perl SDK that lets you integrate Perl applications with AI agents using the Model Context Protocol. It provides a simple server object, MCP::Server, so you can register named tools with descriptions, JSON Schema input validation, and Perl callbacks, and then expose them as an HTTP endpoint in a Mojolicious app via to_action. For local development and testing you can run a stdio transport with to_stdio and interact with MCP clients from the command line. Authentication and routing remain under your application's control and the module avoids server-to-client streaming when possible to stay compatible with prefork servers. MCP is currently focused on tool calling and prompt workflows and will be extended to support more MCP features in the future. This is a lightweight, Perl-friendly way to make your text-processing code available to LLMs and other MCP-compatible systems and it is released under the MIT license.

Crypt::URandom::MonkeyPatch is a tiny Perl utility that swaps out the built-in rand for a version that draws randomness from the operating system cryptographic source (for example /dev/urandom), making it useful when you must quickly harden legacy code that mistakenly used rand for security purposes. It globally overrides rand and returns 31 bits from the OS source, so it can affect other parts of an application and is not intended for new code or for distribution in CPAN modules; if you are writing new code you should use Crypt::URandom or follow the CPAN guide to secure random data instead. Enabling CRYPT_URANDOM_MONKEYPATCH_DEBUG will print where each rand call originates to help track impact. The most recent release tightened the minimum Crypt::URandom dependency for security and includes documentation and toolchain cleanups.

DBIx::Class::Async is an experimental, non-blocking adapter for DBIx::Class that keeps your event loop responsive by offloading blocking DBI work to a pool of background workers and returning Future objects to your code. It is loop-agnostic so it can slot into IO::Async, Mojolicious and other reactors, while preserving familiar DBIx::Class features such as relationships, transactions and InflateColumn::DateTime support, and adding conveniences like query-preview methods, run_parallel/await_all helpers, optional CHI-based caching and optional metrics. The module handles safe serialization of results, aims for deterministic SQL generation to make caching and debugging easier, and has integration tests against SQLite, PostgreSQL, MySQL and Oracle. If you build event-driven Perl apps and need true parallel database concurrency without blocking the main process, this module is likely relevant, but be aware the author labels it experimental. Recent fixes in v1.0.3 focused on making behavior more deterministic and improving the reliability of cache-related tests.

App::perlimports provides a command line tool called perlimports that automates the cleanup and maintenance of Perl import statements by making implicit imports explicit. It scans your codebase, identifies what symbols modules actually bring into scope, and updates use and require lines so they explicitly list those imports, which makes code easier to read, refactor, and audit and helps avoid subtle runtime surprises from hidden symbol imports. The tool is aimed at developers maintaining or modernizing Perl projects who want consistent, transparent import lists and is distributed as free software by Olaf Alders.

App::CriticDB is a lightweight project aimed at collecting and storing Perl::Critic violations across large code repositories so teams can update results per file and generate fast policy-count reports without running perlcritic across every file each time. It currently supports on-disk storage using Storable by default and can emit perlcritic-formatted reports to standard output, with Data::Dumper as an alternate storage format for debugging at the cost of much slower reads and writes. The design anticipates per-file rechecks, automatic removal of deleted files, and future backends and reporting hooks for integration with metrics systems or filename remapping. At the moment this is an early skeleton release and version 0.0.1 provides no real functionality yet, so it is worth watching if you need a scalable Perl::Critic aggregation tool but not yet suitable for production use.

Gherkin is the Perl implementation of the Gherkin language parser and compiler used by the Cucumber project, designed to read .feature files (including Gherkin-in-Markdown) and emit a stream of protobuf-based Cucumber::Messages in NDJSON form for use in a Cucumber tooling pipeline. It provides a streaming API you call with from_paths or from_source and simple coderefs: an id generator and a sink to receive Envelope-wrapped messages, and it can include the original Source, the parsed AST (GherkinDocument) and the executable scenarios (Pickles) via options. The module handles source encodings, reports errors as messages, and since version 22 it uses Cucumber::Messages objects rather than plain hashes. Recent releases focus on performance and i18n, with the 39.1.0 cycle improving parser speed and expanding Turkish keywords. Use this module when you need to parse or compile Gherkin in Perl to feed or build higher-level Cucumber tools and formatters.

Developer::Dashboard provides a single local “home” for everyday development tasks by unifying a small web UI, a command-line entry point, and a prompt/status layer that all share the same file-backed runtime. It helps you keep bookmarks, notes, repeatable actions, open-file shortcuts, path aliases, data inspectors for JSON/YAML/TOML/properties, Docker Compose helpers, and background collectors (health checks) in one place so prompts and the browser show cheap, cached indicators instead of re-running expensive checks. The runtime is layered so a project-local ./.developer-dashboard can override values while keeping a safe home fallback under ~/.developer-dashboard, and helpers are staged privately under that home to avoid polluting your global PATH. Pages use simple bookmark-style documents with Template Toolkit and executable CODE blocks, bookmark-backed Ajax handlers stream output to the browser, and a skills system lets you install isolated extensions that contribute commands, pages, collectors, and docker roots. The CLI supports extensible hooks, layered env file loading, open-file and project discovery helpers, and a tmux-aware prompt integration that can move indicators into tmux status lines. Installation and runtime management work across Linux, macOS, and Windows with documented bootstrap scripts and a doctor command to audit and repair runtime permissions and staged helpers. The recent 3.58 release adds explicit staged-helper version markers and improved self-repair: dashboard doctor can detect and restage missing or stale helper assets and fix misplaced bash bootstrap lines so helper and tmux integrations remain reliable. If you want a local, configurable hub to collect shortcuts, health checks, and small operational dashboards for mixed-language projects, Developer::Dashboard is likely relevant.

Sys::Virt is a Perl XS wrapper around the libvirt API that lets Perl scripts connect to and control virtualization hosts and guests with a single, consistent interface. You can open connections to local or remote hypervisors using libvirt URIs, create or define domains, networks, storage pools, interfaces and node devices, query and list resources, gather host and guest statistics, manage CPU and memory settings, perform save and restore operations, and register event callbacks for lifecycle and other notifications. It supports authenticated and read only connections and reports failures as Sys::Virt::Error objects so they can be caught in Perl code. Callbacks must be explicitly deregistered to allow clean shutdown and garbage collection of the connection. The module is aimed at system administrators and automation tools that need programmatic control of Xen, QEMU/KVM and other libvirt-supported backends. The author notes the XS layer should be audited for potential memory leaks, but otherwise the module provides a comprehensive Perl interface to libvirt.

OrePAN2::S3 is a command line tool and modulino for running a private DarkPAN CPAN mirror on Amazon S3 with optional CloudFront delivery, letting Perl authors and administrators upload distributions, build and publish the CPAN-style index, publish README or POD as HTML, and push extra static assets and templates to an S3 bucket. It works via a simple bash wrapper (orepan2-s3) or directly as orepan2-s3-index, uses a JSON config that can hold multiple repository profiles, supports Template::Toolkit index templates and custom grouping rules, and can automatically invalidate CloudFront paths you specify when you update the index. Typical workflows include injecting a tarball, reindexing, uploading index and artifacts, and creating docs from README.md or POD, and the tool integrates with AWS profiles and bucket prefixes so you can keep everything under your existing AWS setup. The author has continued modernizing the code and build in recent releases, notably replacing Amazon::S3 with Amazon::S3::Lite and removing a YAML dependency in the 1.2.x series to simplify requirements. Note that one command listed as invalidate-index is not currently implemented.

Test::MockModule lets you temporarily override subroutines in other Perl packages for unit testing while remembering originals so they are automatically restored when your mock object goes out of scope or when you call unmock. It offers mock, redefine and define for installing replacements with different safety checks, noop and mock_all for stubbing many methods at once, and original to call the pre-mocked routine when you need it. Lexical strict mode and a global-strict option help prevent accidental or out-of-date mocks, and when the target class uses Moose or Mouse mocks are registered with the meta-class so role checks and method modifiers behave correctly. Note that mocking exported functions usually requires mocking the importing package or using fully qualified names and that Moo and some lightweight object systems are not MOP-aware. In the most recent release noop was restored to return 1 for backward compatibility.

Net::Clacks is a Perl-based client/server system for fast interprocess messaging and an in-memory cache alternative to memcached, aimed at applications that need low-latency communication or simple shared caching. It requires Perl 5.36 or newer and offers two primary modes: near-real-time message delivery and a memory-store mode for caching. Servers can be deployed in master/slave hierarchies and even tree-like arrangements to scale to many clients, and a DEBUG mode can mirror messages to a requesting client for inspection. The distribution includes Net::Clacks::Server and Net::Clacks::Client, a Cache::Memcached-compatible ClacksCache client for caching-only use, and a write-only PostgreSQL helper for emitting Clacks messages from database triggers. Example code such as a simple chat client is provided, and an upgrade guide is included and should be consulted before updating.

JQ::Lite is a compact, pure-Perl reimplementation of the popular jq JSON query language that lets you extract, traverse, filter, and transform JSON with familiar dot-notation and pipeline syntax without installing external binaries or XS modules. It can be used as a library or via the bundled jq-lite command line tool and supports safe key access, array indexing and flattening, map/select/reduce/foreach, grouping and aggregation, regex testing and matching, variables, slurp/raw modes, and a large suite of jq-like built-in functions for strings, collections, and statistics. The module is aimed at situations where the jq binary cannot be installed such as minimal containers, restricted servers, CI pipelines, legacy systems, or air-gapped environments, and it works with core JSON::PP while optionally using faster JSON::XS-compatible parsers when available. The 2.45 release mostly fixes packaging and MANIFEST issues to ensure documentation, utilities, and tests are included in source distributions so installations and downstream packaging behave more reliably.

Amazon::Credentials is a lightweight helper for finding AWS credentials for Perl programs by trying a configurable chain of sources until it locates usable keys. It supports credentials from the environment, container endpoints (ECS, Lambda, Fargate, EKS Pod Identity), EC2 instance roles via the metadata service, web-identity/OIDC federation (EKS IRSA and GitHub Actions), and standard AWS config/credentials files including credential_process and SSO, and it also ships a simple amazon-credentials CLI. You control which sources are tried and in what order and you can tune behavior such as metadata timeouts or disabling EC2 metadata lookups with AWS_EC2_METADATA_DISABLED, it caches credentials by default and exposes helpers for checking expiration and refreshing temporary tokens. Version 1.3.0 removed the earlier on-disk encryption approach and now keeps credential values inside closures so dumps and normal serialization do not reveal secrets, a design change intended to reduce accidental exfiltration. One limitation to be aware of is that the module will not automatically resolve profiles that only specify an assumable role without available base credentials, although web-identity federation is supported for OIDC scenarios.