CPANscan

DarkPAN::Utils is a small utility library for working with a private CPAN mirror hosted on Amazon S3 and served via CloudFront, letting you download and parse the standard CPAN package index, fetch distribution tarballs, and extract individual files or Perl module sources for documentation or inspection. You can operate over the network by giving a base_url or work entirely locally by passing an Archive::Tar object, which is handy when a newly uploaded tarball is not yet available through the CDN. The module provides a parser for distribution paths, methods to fetch and cache 02packages.details.txt.gz, a find_module search over the in-memory index, fetch_package to download and load a tarball, and extract_module or extract_file to retrieve specific entries. It also includes a tiny command line front end and configurable Log::Log4perl logging via init_logger and log_level. Note that fetch_darkpan_index must be called before find_module and that network-based methods require base_url and will die on HTTP failures.

Crypt::OpenSSL3 is a Perl wrapper for OpenSSL 3 that gives Perl code direct access to modern SSL and cryptographic primitives. The distribution supplies modules for SSL connections, asymmetric keys, symmetric ciphers, message digests and MACs, key derivation functions, and X509 certificate handling, while the top-level Crypt::OpenSSL3 module focuses on error handling and build-time configuration and version introspection. It is a good fit when you need low level OpenSSL 3 functionality from Perl rather than a higher level abstraction. Recent releases expanded ASN.1 and X509 type coverage, improved compilation on clang and C++, and added a new sign_init_ex feature for digest contexts while gating X509 VerifyParam get_purpose on OpenSSL 3.5 and newer.

Cucumber::Messages is a Perl library that maps the Cucumber message protocol into native classes and gives you NDJSON serialization and deserialization so Perl programs can produce, consume, and manipulate Cucumber message streams. It provides an Envelope wrapper with to_json/from_json helpers and concrete message types for attachments, external attachments, Gherkin documents, pickles, test cases and steps, timestamps, exceptions and more, letting you build reporters, formatters, CI integrations or other tooling that reads or writes Cucumber messages. The API focuses on representing the protocol in memory and on the wire rather than execution details, and supports handling large binary artifacts via external attachments to avoid embedding heavy data. The code is released under the MIT license.

Log::Dispatchouli is a lightweight wrapper around Log::Dispatch that makes it very easy to add practical logging to Perl programs without wrestling with levels and categories. It can send output to syslog, stdout, stderr, files or to an in-memory array for tests and uses String::Flogger to format messages so you can log plain text, structured data, sprintf-style arrays or lazily evaluated coderefs. It also provides structured event logging via log_event using logfmt formatting, simple per-logger and per-message prefixes, proxy loggers for localized context, and handy controls such as debug, muted, pid tagging and fail_fatal behavior. There are testing helpers like new_tester and events, and convenience methods to get formatted strings without emitting them (flog_messages and fmt_event). Recent releases add optional use of Log::Fmt::XS for logfmt emission and fix an auto-use bug, and note that the older to_file option is deprecated and scheduled for removal.

SQL::SimpleOps is a Perl module that builds and executes common SQL operations across multiple database engines via DBI, supporting MySQL, MariaDB, PostgreSQL and SQLite3. Rather than parsing SQL it provides a convenient builder and executor for inserts, updates, deletes, selects, cursor-based paging and subqueries while allowing you to map friendly aliases to real table and column names to avoid recoding when schemas change. Results can be returned into hashes, arrays, scalars or handled by callbacks and the module offers flexible where and having expression formats, conflict/upsert support, per-call or global options for quoting, commit behavior, syslog or STDERR messaging and optional SQL file logging for auditing or recovery. It also includes cursor helpers that save paging state and features for reversed or indexed buffers to suit different retrieval patterns. Recent updates added select/having and buffer_reverse options and fixed several where-clause edge cases including correct handling of empty conditions as IS NULL, so it is a pragmatic choice if you want to reduce SQL boilerplate in Perl applications without writing engine-specific code.

Perl::Critic::Policy::Security::RandBytesFromHash is a linting rule for Perl::Critic that finds a common but unsafe pattern where programs try to produce random bytes by hashing predictable inputs such as rand, time, process id, reference addresses or internal counters. The policy explains why hashing those seeds with functions like MD5 or SHA gives a false sense of security and can be guessed by attackers, and it points developers toward secure alternatives such as Crypt::URandom, Crypt::SysRandom or Crypt::PRNG. It flags calls that look like hash functions or joins built from insecure sources and may sometimes report the same construct more than once. The module is aimed at catching legacy and new code that uses this risky shortcut and requires Perl 5.24 or later; the package is newly released as v0.1.0.

Amazon::API is a Perl base class that provides a lightweight, generic gateway for calling AWS services and for building small, focused service clients. You can use it directly for ad hoc requests, subclass it to expose a handful of methods for a single service, or use the included amazon-api tool to generate full service and shape classes from Botocore metadata so that requests and responses are serialized correctly. The module handles signing, content-type selection, pagination and optional automatic decoding of JSON or XML responses and integrates with Amazon::Credentials for flexible credential sourcing. It is a good fit if you want to install or use only the AWS APIs you need rather than a full SDK, but it expects some familiarity with AWS API payloads and requires generating shape classes for full Botocore-based support. Recent releases replaced LWP::UserAgent with a project-specific HTTP::UserAgent implementation and removed an unused accessor dependency while continuing to refine Botocore serialization and pagination behavior.

Devel::CallParser provides an XS-level C API that lets extension authors attach custom argument parsers to Perl subroutines so calls can be parsed by C code instead of relying solely on Perl's default parser. It supplies header files and linkable objects at build time and exposes a central cv_set_call_parser primitive plus a suite of helper parsers for parenthesised, nullary, unary, list, block-and-list and prototype-driven argument forms, making it useful when you need to implement nonstandard call syntax or custom compile-time argument handling in an XS module. The facility is most effective on modern Perls, with limited support on Perl 5.11.2–5.13.7 and full functionality on 5.13.8 and later, and it only triggers for unqualified subroutine names. The author has fixed portability and core-interaction issues in recent releases so generated headers work across API-compatible Perls and several incompatibilities with older Devel::Declare and Data::Alias versions have been addressed.

Log::Report is a Perl framework that unifies three related concerns into one API: structured logging, exception handling, and internationalized messages. It gives you easy message constructors like __x and __n that build objects with delayed interpolation and translation, short helper functions such as error, info and trace to replace die/warn, and a dispatcher system that can send each report to multiple back-ends such as files, syslog or Log::Log4perl with configurable verbosity modes. It also provides a try block that captures exceptions as rich message objects so callers can inspect, rethrow or route them without losing untranslated parameters or context. Use it when you want consistent multi-destination logging, language-aware user output, or cleaner exception semantics across modules and applications, and opt for Log::Report::Optional when you need a very lightweight footprint. Recent releases (current 1.44) renamed exception "classes" to "tags" in a backwards compatible way and ensure converted die messages receive a 'die' tag.

Dancer2::Plugin::LogReport is a Dancer2 plugin that connects your web app to the Log::Report system to give you unified logging, exception handling and translation support. It captures Log::Report messages and can stash user-facing notices and errors in the session for display in templates while routing debug and error output to configured dispatchers such as STDERR, files or syslog. The plugin supplies convenience helpers like process to run code and catch fatal exceptions cleanly and fatal_handler to let you customize how fatal errors are presented, for example returning JSON for API routes. It also adds a success message type, integrates with DBIx::Class profiling, and is configured through the Dancer2 logger settings so you can control formats and destinations. If you need structured, flexible logging plus simple user-facing error handling and internationalization across a Dancer2 application this module is likely relevant. Recent releases tightened security to avoid leaking internal error text to end users and addressed Dancer integration and dependency issues.

Business::NAB is a top-level Perl namespace that groups a set of modules for creating and parsing the file formats used to exchange payment and reporting data with NAB. The distribution itself is just an entry point and links to focused classes that handle BPAY batch payments and remittances, Australian Direct Entry payments, returns and reports, NAB account information (NAI/BAI2) files, and XML acknowledgements. If you are a developer automating NAB payment runs, importing bank reports, or integrating reconciliation and reporting workflows, these modules give you ready-made parsers and builders to handle the common interchange formats. The code is open source, licensed under the same terms as Perl, and the project accepts contributions via its GitHub repository.

Atomic::Pipe gives you a simple way to send discrete, non-mangled messages over POSIX pipes even when many processes or threads are writing at once by breaking messages into PIPE_BUF-sized atomic chunks, tagging them, and reassembling them on the read side so readers always get whole messages. It provides paired reader and writer objects, constructors for pipes, FIFOs, filehandles and file descriptors, blocking and non-blocking modes with buffering and flush, and optional pipe buffer resizing on supported Linux systems. Ordering between different processes or threads is not guaranteed and the atomic guarantee is limited by the platform PIPE_BUF value, and the module only works on POSIX-compliant pipes. A mixed-data mode lets you embed atomic bursts and messages inside noisy STDOUT or STDERR streams using special control characters so you can recover data from interleaved output, but that mode will break if the noisy output itself contains those control characters. Use Atomic::Pipe when you need reliable, message-oriented IPC over pipes and want to avoid the usual interleaving and mangling of concurrent writers.

Imager is a full-featured Perl library for creating, editing and saving true-color images and is well suited for tasks like thumbnails, watermarks, filters and format conversion. It can read and write many common formats, draw primitives and text, handle alpha and palettes, perform scaling, cropping, rotation and compositing, and offers a rich set of filters and programmable transformation engines. Functionality is organized into focused components such as Draw, Filters, Transformations, Font and Files so you can build simple scripts or complex image pipelines using an object oriented API that reports errors via errstr. The project is actively maintained on CPAN and GitHub and is licensed under the same terms as Perl.

Developer::Dashboard gives you a single local home for everyday development tasks by combining a lightweight browser dashboard, a shared CLI entrypoint, and a prompt status layer that all read the same runtime data. It organizes bookmarks, saved pages, quick notes, repeatable actions, background collectors that prepare cached health checks, and compact indicators that drive both the web UI and your shell prompt. The tool also includes helpers for opening files and resolving module or Java class names, small data query commands for JSON/YAML/TOML/properties, and a project-aware Docker Compose resolver so common container workflows live behind one command. It supports layered runtime lookup so project-local ./.developer-dashboard trees can override home defaults without losing shared fallbacks, stages built-in helper scripts privately to avoid polluting your PATH, and provides simple skill extensions you can install from Git for repo-scoped tooling. It is implemented in Perl but works across polyglot projects and ships sensible security defaults like owner-only runtime permissions and optional self-signed HTTPS for the web UI. Recent releases tightened the skill layering behavior so same-repo child layers no longer shadow their base skill and improved the layered skill dispatch, bookmark and config inheritance while adding test coverage for those cases.

SPVM is a statically typed language with Perl-like syntax that lets you write high‑performance code while keeping familiar Perl idioms. It supports ahead‑of‑time and just‑in‑time compilation, can produce standalone executables, and provides tight C and C++ integration plus a Perl binding so you can call SPVM methods from Perl or wrap native libraries. The ecosystem includes many standard and CPAN‑style modules, built‑in support for threads and lightweight coroutines, static typing with inference and analysis, and a focus on performance for numeric and system code. Be aware the project has not reached 1.0 and does not guarantee backward compatibility. Recent work has strengthened the build and packaging toolchain, adding a robust parallel build engine (including Ninja‑style content hashing) and improved cross‑platform linker behavior, and the documentation has been consolidated to make the language and builder APIs easier to use.

SPVM::Resource::SQLite packages the SQLite C amalgamation so SPVM native extensions can compile and use SQLite without requiring a separate system installation. It provides sqlite3.c plus the sqlite3.h and sqlite3ext.h headers and configures compilation with common options turned on, including thread safety, column metadata, FTS5 full text search, R*Tree spatial indexes, JSON and math functions, and the dbstat virtual table. To use it you add Resource::SQLite to your SPVM::Builder::Config and include "sqlite3.h" in your SPVM C sources to call SQLite APIs directly. The module is MIT licensed, maintained by Yuki Kimoto, and recent updates standardized the build to C99 for improved portability.

Sort::DJB provides Perl bindings to Daniel J. Bernstein's djbsort library, giving you fast, branch-free sorting of primitive arrays using bitonic sorting networks. It exposes dedicated functions for signed and unsigned 32/64-bit integers and 32/64-bit floats, each in ascending and descending variants, and each function accepts an array reference and returns a new sorted array reference without modifying the original. The implementation is constant-time and type-safe, making it a good fit for cryptographic use cases that need to avoid timing side-channels, and when available the XS bindings use SIMD optimizations such as AVX2, SSE4.2 or NEON for extra speed while a portable C fallback and a pure-Perl companion are provided for compatibility and testing. Small helpers let you query the bundled djbsort version, target architecture and which implementation is active. Recent notable change: the distribution was relicensed to GPLv2 in version 0.2.

XAO::Base is a lightweight collection of foundational helper modules used across the XAO product family to provide common services developers rely on. It bundles error namespace generation, a dynamic object loader that other XAO components use, a project registry and context switcher useful for storing site configuration and database handlers in mod_perl environments, a simple hash-oriented object with URI-style access, assorted small utility routines, and a configurable base object for composing configuration pieces. If you are developing on or extending the XAO framework these building blocks save time and keep behavior consistent; if you are not using other XAO components this package is unlikely to be useful on its own.

Data::RingBuffer::Shared implements a fixed-size circular buffer in shared memory for Linux running 64-bit Perl, letting multiple processes efficiently publish and read a rolling window of values. Writes never block and always succeed, overwriting the oldest entries when the buffer is full, while readers can fetch the latest values by relative index or by absolute sequence number, dump the whole buffer, or wait for new data with optional timeouts and eventfd notifications. Two typed variants are provided for 64-bit integers and doubles, and write() returns a sequence number for coordinated reads, making this well suited to metrics, sensor streams, debug traces and other rolling-window use cases. Be aware the underlying mmap is writable by any process that opens it, and this module is Linux-only.

Data::Queue::Shared is a Linux-only Perl library for fast, memory-mapped multi-producer, multi-consumer queues designed for 64-bit Perl. It provides lock-free integer queues (Int, Int32, Int16) using the Vyukov algorithm for extremely high throughput and a mutex-protected string queue that stores variable-length entries in a circular arena. Queues can be file-backed, anonymous for fork-inherited sharing, or backed by memfd for passing via file descriptors, and the API supports non-blocking and blocking push/pop with timeouts, batch operations, deque operations for strings, peeking, and basic management and statistics. Optional eventfd integration lets you wake event loops across processes with explicit notify calls to control batching. The Str variant includes futex-based waits and automatic recovery from dead-process locks, and benchmark numbers in the distribution show substantial performance gains versus common Perl IPC alternatives, making this module a good fit when you need low-latency, high-throughput interprocess queues on Linux.

Data::Heap::Shared provides a fast shared-memory binary min-heap (priority queue) for multiple processes on Linux using 64-bit Perl. It stores integer (priority, value) pairs and always pops the lowest priority first, and offers simple methods like push, pop, pop_wait for blocking pops with timeout, peek, size, capacity, clear, sync and unlink, plus constructors for memfd or an existing file descriptor and optional eventfd notification. Access is mutex-protected with futex-based waiting and PID-based stale-mutex recovery so it supports concurrent producers and consumers with good throughput. Note that if a process dies while holding the heap mutex the module can recover the lock but the heap contents may be partially sifted, so critical use cases should detect recovery and rebuild the heap after a crash. Benchmarks in the distribution show multi-million operations per second in single-process tests and strong aggregate performance across workers. Because the backing mmap region is writable by any process that opens it, do not share the heap with untrusted processes.

Data::HashMap::Shared implements very fast, file-backed hash maps that multiple processes can open and use concurrently on Linux with 64-bit Perl, making it easy to share caches, counters and small data stores between worker processes. It offers type-specialized variants for integer and string keys and values so operations avoid unnecessary boxing, and it uses mmap, a futex-based read/write lock and lock-free fast paths for reads and atomic counters for high throughput. Optional features include LRU eviction with a clock algorithm, per-key TTLs, sharding across multiple files for parallel writes, an arena for string storage, a keyword XS API for extra speed and cursors and batch ops for efficient iteration and bulk work. The module exposes a rich API for put/get/remove, atomic incr/decr and CAS, cursor-safe iteration, diagnostics and file management, and it detects and recovers stale write locks if a writer dies, though cross-container PID namespaces are not supported and a map may need clearing after recovery for safety-critical uses. If you need a low-latency, multiprocess shared hash with optional eviction and TTL semantics, this module is a strong choice.

Data::Graph::Shared provides a compact, fast directed weighted graph implementation that lives in shared memory so multiple Linux processes can access and mutate the same graph concurrently. Nodes are allocated from a bitmap pool and edges are stored as adjacency lists in a separate pool, with simple APIs for add_node, add_edge, neighbors, degree, node_data and stats, and mutex-protected mutations with PID-based stale-recovery to handle crashed processes. It is designed for performance and multi-process coordination, with benchmarks showing millions of ops per second for common operations, and it pairs well with other shared structures like a shared heap for Dijkstra or Prim algorithms. Note that remove_node only drops the node and its outgoing edges, not incoming edges, which is an intentional O(1) design choice, and that the module is Linux-only and requires 64-bit Perl. Also be careful with security because the mmap region is writable by any process that opens it, so do not share backing files with untrusted parties.

Data::Buffer::Shared provides fast, type-specific fixed-size buffers backed by file memory maps so multiple Perl processes can share numeric and string data with low overhead on Linux. It supplies variants for integer, floating and fixed-length string element types and gives lock-free atomic get/set operations and atomic counters for integer types, while seqlock-guarded bulk operations and a futex-based read/write lock handle larger or batched access patterns. The module supports file-backed, anonymous and memfd-backed buffers, offers both keyword and method APIs, exposes zero-copy aliased scalars and raw pointer access for advanced use, and intentionally keeps buffers presized rather than growing. Note that it is Linux-only and requires 64-bit Perl. The recent 0.02 release fixes object destruction ordering and adds cross-links to related shared-data modules.

Data::BitSet::Shared provides a fixed-size bitset stored in shared memory on Linux for 64-bit Perl. It supports file-backed, anonymous (fork-inherited), memfd and attach-from-fd construction so multiple processes can access the same bitmap. Per-bit operations set, clear, test and toggle are atomic and lock-free using CAS on 64-bit words, which makes the module well suited for shared flags, membership tracking, bloom-filter backing and resource-allocation bitmaps. You can query capacity and count, find the first set or clear bit, enumerate set bits, stringify the bitmap, or perform bulk fill and zero operations with the important caveat that bulk word stores are not safe to run concurrently with per-bit CAS operations. The API also exposes msync, unlink and basic stats, it is Linux-only and requires 64-bit Perl, and the mmap region is writable by any process that opens it so do not share backing files with untrusted parties. The initial release reports very high single-process throughput, roughly ten million set/test/toggle ops per second.

Langertha is a Perl framework that gives you a single, consistent API for talking to many large language model providers and local servers so you do not have to learn a different SDK for each vendor. It wraps engines such as OpenAI, Anthropic, Google Gemini, Ollama, HuggingFace, Replicate and more with shared roles for chat, streaming, embeddings, transcription and image generation so you can swap providers without rewriting your code. The library also supports streaming responses, async/await or synchronous usage, automatic multi-round tool calling via MCP, and a stateful autonomous agent called Raider with history, compression and plugins for building agents and workflows. Responses are returned as rich objects that include token usage, timing and rate limit metadata and there are wrapper classes and a plugin system to customize behavior or add observability via Langfuse. Langertha discovers available engine modules at runtime and includes helpers for building engine instances, making it easy to target local or cloud models from the same codebase. The project is actively developed and marked as work in progress, and recent releases added structured usage and cost value objects plus a pricing catalog to help measure token usage and monetary cost per call.

version is a lightweight Perl utility that standardizes how you represent, parse and compare module version numbers across Perl releases. It provides "version objects" that understand both old decimal styles and modern dotted-decimal styles so you can safely compare, sort and convert mixed version strings and v-strings without worrying about subtle numeric or lexical gotchas. The module exposes parse and declare helpers for creating versions, useful methods like normal and numify for normalized or decimal forms, and validation helpers is_lax and is_strict to check input formats while keeping the qv() helper only for compatibility. It is primarily useful if you need consistent version semantics on older Perls or when your code must interoperate with many different version formats, and the author recommends requiring at least version 0.77 in your code. Recent updates added explicit conversion helpers to_decimal and to_dotted_decimal and tuple/from_tuple operations to make converting between representations and building version objects from component lists easier.

Env::Dot is a small Perl module that reads variables from .env files and loads them into your process environment so you can manage configuration outside your code. It works with a .env in the current directory by default but can read files from other paths via options or the ENVDOT_FILEPATHS environment variable and it supports both shell-style and plain (Docker-style) dotenv formats plus simple file-level meta commands to control behavior such as searching parent directories or toggling interpolation when you use the supplied envdot helper. The module never overwrites variables already present in %ENV, it does not perform shell interpolation itself so use the envdot script for evaluated values, and the envdot executable is Unix-only at present. Env::Dot has no external dependencies and is easy to drop into a Perl project when you want a flexible, predictable way to augment your environment from .env files.

XML::Sig is a Perl toolkit for creating and verifying XML Digital Signatures that follows the W3C XML Signature rules. It lets you embed cryptographic signatures into XML and verify incoming signed XML, which is useful for secure XML exchanges such as SAML messages. The module supports RSA, ECDSA, optional DSA, HMAC and embedding X.509 certificates, lets you choose digest and signature hash algorithms and canonicalization/transforms, and can sign elements by their ID or by an XPath selection. Verification returns a simple true or false and can return the embedded signer certificate for further validation. The module relies on standard XML and crypto libraries like XML::LibXML and Crypt::PK::RSA. Recent releases fixed a security issue that could allow unsigned XML to validate and made DSA and SHA1 usage optional to better match modern platform defaults.