CPANscan

XML::Parser is a Perl interface to the Expat XML library that gives you flexible, event-driven parsing for strings, files, and streams. You can install callback handlers for start and end tags, character data, declarations and external entities, or choose one of the built-in styles to get a parse tree, object nodes, simple subs-per-element dispatch, or a streaming canonicalizer. It handles encodings and external-entity fetching, supports incremental nonblocking parsing, and reports parse errors as exceptions with optional contextual lines for debugging. Modern Expat security knobs for defending against XML bombs and allocation attacks are exposed as constructor options. Use XML::Parser when you want a lightweight, low-level Perl parser with fine-grained control over parsing behavior and multiple convenient parsing styles.

Developer::Dashboard is a local developer home that brings your browser pages, prompt status, CLI helpers, saved notes, path aliases, quick file open commands, Docker Compose helpers and repeatable checks into one consistent runtime so you do not scatter scripts, tabs and bookmarks across the system. It stores a layered runtime under ~/.developer-dashboard with optional project-local ./.developer-dashboard overlays so the web UI, shell prompt and CLI all read the same prepared state; saved pages can include Template Toolkit HTML and executable CODE blocks, background collectors prepare cached stdout/stderr and exit codes for cheap prompt and browser indicators, and built-in query tools let you inspect JSON, YAML, TOML and Java properties from the command line. The bundled web server listens by default on port 7890 and implements a deliberate access model that treats loopback requests as local admin while requiring helper logins for non-loopback access and keeping transient token execution disabled by default for safety. Runtime-managed helper scripts are staged privately so dashboard-owned commands do not pollute the global PATH and an extendable skills system lets you install isolated repo plugins that add pages, collectors, CLI commands and Docker compose roots. The project is language agnostic enough to help mixed-language teams and polyglot repositories and recent releases hardened home runtime permissions, improved collector watchdog supervision and restart behavior, and sped up thin helper commands by memoizing PathRegistry cwd lookups to avoid redoing layered path discovery.

Module::Generic is a comprehensive base class designed to speed the development of Perl object APIs by providing a large set of reusable helpers for common data types and patterns, including automatic getter/setter generators, rich _set_get_* accessors for scalars, numbers, booleans, dates, files, URIs and UUIDs, object and array factories, dynamic class creation via create_class, and an AUTOLOAD that turns hash keys into methods so you can build feature-rich objects with minimal boilerplate. It also includes utilities for error and exception handling, structured debug and colourised terminal output, convenient serialization/deserialization hooks for CBOR, Sereal and Storable::Improved, and optional XS-accelerated primitives for better performance when the XS layer is available. The distribution provides many companion classes (Array, Scalar, Number, Null, File, etc.) and implements thread- and process-safe global storage for errors, while documenting important caveats where certain runtime metaprogramming operations such as injecting package symbols or creating dynamic classes should be performed before threads are spawned. The recent v1.5.0 release relaxed the minimum Perl requirement to 5.16, added a class-wide _in_global_destruction helper for safer DESTROY handling, and included portability fixes in the Number code path, making the framework easier to use on older Perls and more robust across versions.

XML::LibXML is a mature Perl binding to the libxml2 library that gives you fast, standards‑compliant XML and HTML parsing plus full access to DOM, SAX and pull‑style XMLReader APIs along with XPath and schema validation features. It provides familiar document and node classes for creating, traversing and manipulating XML trees, helpers for DTD, RelaxNG and W3C Schema validation, and facilities for custom input callbacks and encoding conversion while leaving low‑level encoding work to libxml2. The module exposes useful constants and version checks, offers partial thread support with an option for shared nodes, and includes experimental helpers to interoperate with XML::GDOME. Use XML::LibXML when you need robust parsing, querying or validation of XML/HTML in Perl, but be aware that encoding support depends on your platform libraries and problems have been reported on systems with broken iconv installs.

AtteanX::Store::LMDB is a Perl module that implements a persistent RDF quad store on top of the LMDB key/value database, exposing the Attean::API::QuadStore interface so it works with the Attean RDF toolkit. It lets you create on-disk stores, add and remove quads, query with get_quads using undef as a wildcard to match any term, count entries with size, iterate known graph names with get_graphs, and clear or drop graphs, and it shares a file format with the Diomede Swift LMDB quadstore. The module is simple to use and integrates with existing Attean code, and recent updates add an installed helper script attean_lmdb_create and allow constructing the store by passing a single filename argument.

Params::Get provides a single utility function, get_params, that normalizes the arguments passed to a Perl subroutine into a predictable hashref so your code can accept positional scalars, traditional named pairs, or a single hashref and treat them uniformly. You can supply a default key name so a single positional argument is interpreted as that key, or pass undef to require named parameters only, and the function also accepts a reference to @_ for lower-overhead calling. It is handy for constructors and flexible APIs and works cleanly with modules such as Params::Validate::Strict and Return::Set when you want formal input and output validation. The module documents a few caveats such as throwing an error if a default is provided but no arguments are given and not offering a way to declare a default parameter as optional. Recent changes clarified the default-argument behavior and fixed a bug where named-parameter extraction could mishandle hashrefs when the default matched the desired key, making argument handling more robust.

Attean is a Perl framework for working with Semantic Web data that makes it easy to parse, store, query, and serialize RDF and SPARQL content. It provides parsers and serializers for common RDF formats, a pluggable store API so you can use in-memory or external stores, and a QuadModel interface to read and write triples and quads. You can parse input streams, add a graph name to triples, run SPARQL queries against a model, and iterate over results. The module includes helpers for content negotiation and for discovering or selecting parser and serializer implementations by name, filename extension, or media type. It is extensible with pluggable AtteanX::* components and lets you register global SPARQL functions, aggregates, and datatype roles, which makes it a good choice if you need a full-featured RDF/SPARQL toolkit in Perl.

DateTime::Format::PGN is a small utility for working with the date fields in chess game files that use the PGN format. It parses PGN date strings into DateTime objects and can return DateTime::Incomplete objects when you need to represent missing year, month, or day values. The module also formats DateTime or DateTime::Incomplete objects back into PGN date strings and offers a fix_errors option to be forgiving of common malformed dates found in public databases. It treats years with a leading zero as errors because historically recorded games begin long after year 0000. The recent 1.01 release signals a stable, mature module and includes a minor contact update.

WWW::YaCyBlacklist is a lightweight Perl utility for loading, parsing and applying YaCy-format blacklist patterns so you can test or filter URLs against a YaCy blacklist from your scripts. You can feed it patterns from arrays or files, choose whether host parts are treated as regular expressions at construction time, inspect or remove patterns, check a single URL or split a list into matched and unmatched URLs, sort patterns in several ways and write the list back to a file. The module always examines the URL path including the leading slash and treats non-http/ftp schemes as matches, and it does not validate YaCy-specific host rules such as disallowing multiple stars in host patterns, a limitation noted by the author.

HTTP::Daemon is a lightweight Perl class for running an in-process HTTP/1.1 server that makes it easy to accept connections and handle requests without needing a full web server. It builds on IO::Socket::IP so you get a normal listening socket and client connection objects, and it provides simple request and response primitives such as get_request, send_response, send_error, send_redirect, send_file and send_file_response, with support for streaming content callbacks and chunked transfer encoding for large responses. The client connection objects expose helpers for protocol version checks, HEAD and HTTP/0.9 handling, read buffering and controlling persistent connections. IPv6 is supported via IO::Socket::IP and the module also exposes the server product token for identification. The daemon does not fork or manage concurrency for you so you must handle forking or event loops and ensure your responses follow HTTP rules, making this module best suited for testing, prototyping and simple embedded HTTP services.

HTML::Parser is a mature, event-driven HTML parsing library for Perl that breaks an HTML document into markup and text and invokes user-supplied handlers as it recognizes start tags, end tags, text, comments, declarations and processing instructions. It is built to tolerate the messy HTML found in the wild and offers many options to mimic browser behaviour or to follow stricter XML/HTML rules, supports streaming/chunked parsing and parse_file, provides UTF-8 and XML modes, and lets you control exactly what data each callback receives via a flexible argspec. The module includes tag- and element-based filters to reduce callback overhead, is easy to subclass, and is well suited for tasks like extracting or transforming links, stripping comments, or building higher-level HTML tools. This is a long‑lived, actively maintained module and recent releases fixed a serious memory safety issue (CVE-2026-8829) and updated internal UTF-8 handling.

Crypt::SaltedHash is a small, object-oriented Perl module for creating and validating salted (seeded) hashes of cleartext data such as passwords, with a simple API to choose the digest algorithm (SHA-1 by default), supply or generate a random salt (default 4 bytes), produce a base64-encoded salted digest and later validate a candidate string against that digest. It exposes methods to add data, generate a hash, inspect the salt in binary or hex form, and perform validation, making it handy when you need straightforward salted password storage or compatibility with formats like {SSHA}. The module is deprecated and the documentation suggests newer, more extensible and secure alternatives such as Crypt::Passphrase, but a 2026 maintenance update fixed important issues by switching to the system randomness source for salt generation and using constant-time hash comparisons to close two security holes while formally marking the module as deprecated.

File::MimeInfo is a lightweight Perl library for identifying a file's MIME type primarily from its name and extension by using the FreeDesktop shared-mime-info database, with optional content-based detection provided by the companion File::MimeInfo::Magic module. It exports a convenient mimetype() function and also offers methods to detect inode types, look up extensions for a given MIME type, get human-readable descriptions, resolve canonical or parent MIME types, and refresh or test the underlying database. The module expects the shared-mime-info files to be installed on the system and defers heavy parsing or content magic to the Magic subclass, so it is simple to use on servers and desktops alike and works with in-memory buffers when combined with IO::Scalar. Limitations include reliance on the external MIME database, minimal XML parsing for descriptions, and reduced UTF-8 support on very old Perl versions, but recent maintenance continues to harden behavior and platform integration. Notable recent work in version 0.37 improves data directory precedence so extension globs from higher-priority XDG data dirs override lower ones and fixes several file-handling and locale-related bugs.

Tstregex, provided as the command-line tool tstregex and as a Perl module, helps you diagnose why a Perl regular expression did not match by finding the longest partial match and pointing to the exact character and regex token where matching stopped. It pre-parses delimiters and modifiers, runs a "nibbling" search over progressively smaller subpatterns, and returns an easy-to-read diagnostic that highlights the failing portion of the input, shows the offending token, and reports execution time to help spot pathological backtracking or ReDoS risks. You can use it interactively from the shell for quick checks or embed its API in scripts to initialize a regex context, run tests, and retrieve match length or failure token programmatically. The module is cross-platform tested and production-ready, and a recent release renamed the package to Tstregex for correct MetaCPAN indexing while keeping the user-facing tstregex script name.

Amazon::S3::Lite is a small, dependency-light Amazon S3 client designed for simple scripts and AWS Lambda functions that need the common S3 operations: list buckets and objects, read and write objects (with streaming to a file for large downloads), copy and delete objects, and read object metadata. It auto-discovers credentials from the environment or an injected credentials object so it works smoothly with Lambda execution roles and temporary tokens, and it is built on core HTTP::Tiny plus a few tiny libraries to keep cold-start and image size low. This module is intentionally minimal and is not a drop-in replacement for full-featured clients when you need multipart upload, ACLs, presigned URLs, versioning, or advanced bucket management; for broader coverage consider Amazon::S3 or Amazon::S3::Thin. Recent releases added bucket creation and S3-to-Lambda notification configuration and switched the signing implementation to Amazon::Signature4::Lite to further streamline dependencies.

Audio::Nama is a small Perl toolkit for building and interacting with modular audio processing chains from the command line. It gives you a simple object model and helpers for defining and wiring together audio modules, a set of global constants and configuration utilities, and a lightweight terminal user interface built on Tickit that includes an interactive console, text entry widget, and completion support. If you need to script, prototype, or manually control audio routing and effects from Perl, Audio::Nama makes it easy to compose and manage processing chains and to drive them interactively without a heavy GUI framework.

Amazon::API is a lightweight Perl base class that makes it easy to call AWS service APIs either directly or by generating service-specific subclasses from Botocore metadata with the bundled amazon-api tool. It handles credential discovery and signing, supports common content types and pagination, decodes JSON and XML responses by default, and provides configurable debugging and error-handling behavior so you can fetch raw responses when serialization fails. You can use it as a DIY gateway for a single service or build full Perl service stubs and shape classes from Botocore to get correct request and response serialization. The author notes there can still be serialization edge cases and quirks across different AWS protocols, S3 is not a target for this module, and Paws may be a better choice if you want a fully featured, community-maintained SDK, but Amazon::API is a practical, lower-dependency option when you need a compact way to call one or a few AWS services.

Sereal is a Perl library for fast, compact binary serialization that wraps the separate Sereal::Encoder and Sereal::Decoder modules to give you a simple, high-performance way to encode and decode Perl data for storage or network transport. It exposes both an object-oriented API, which is recommended for best performance, and a small set of functional helpers such as encode_sereal, decode_sereal, file read/write helpers, and detection routines that tell you whether a blob looks like Sereal data. You can request shared encoder or decoder objects with get_sereal_encoder and get_sereal_decoder and clear the object cache when needed, and the implementation supports optional compression backends for smaller output. The module is designed to allow safe incremental upgrades by distributing encoder and decoder separately and is well suited for applications that need compact, fast, interoperable binary serialization of Perl structures.

Sereal::Encoder is a high-performance binary serializer for Perl that turns Perl data structures into compact Sereal-format byte streams for fast storage or network transfer. It focuses on speed and small output and offers both an object-oriented API and faster functional shims for tight loops, plus a convenience encode_to_file helper. You can enable optional compression (Snappy, zlib or Zstd), string deduplication, canonicalization and a variety of controls for how blessed references, unknown types and floating point values are handled, and there is a FREEZE/THAW callback facility to let objects control their own serialized form. The module emits Sereal protocol 5 by default and recent releases add better floating point support, support for Perl 5.36 booleans and native Zstd compression, but note the decoder should be upgraded before moving to a newer encoder. If you need a fast, configurable, and interoperable way to serialize Perl data for caching, IPC or persistence Sereal::Encoder is a solid choice, just test options with your real data to tune the tradeoffs between speed, memory and size.

Sereal::Decoder is a high-performance Perl module that turns Sereal binary blobs into native Perl data structures, aimed at fast, compact serialization for caching, IPC, storage, and networked services. It provides both object-oriented and functional APIs, supports compressed payloads (Snappy, Zstd, zlib), can incrementally parse streams, and offers safety and tuning options such as UTF-8 validation, limits on recursion, string/array/hash sizes, and the ability to refuse or neutralize deserialized objects. The module also understands Sereal headers, can decode from files, and includes helpers to quickly detect likely Sereal packets. If you accept data from untrusted sources you can enable strict options to avoid thaw callbacks or compression handling. Recent releases add support for protocol 5 and include important robustness and security fixes, so follow the guidance to upgrade the decoder before upgrading the encoder.

Net::OpenSSH::More is a practical extension of Net::OpenSSH that adds higher-level conveniences for scripting and automation over SSH, making repeated remote commands, file writes and backups, and orchestration much easier. It can keep a persistent remote shell via Expect for faster command execution, auto-manage temporary control paths to avoid leftover files, stream and prefix command output for test harnesses, run locally written Perl subroutines on the remote host via a serialized eval, cache SFTP sessions, and provide shortcuts for common admin tasks plus hooks to run cleanup on object destruction and automatic reconnection on failure. The module is focused on usability rather than low-level plumbing, but the author notes some caveats: the persistent shell is bash-only and can hang on unterminated heredocs or long silent commands and may time out, the portable copy method is not implemented so platform-specific subclasses are needed for safe remote copying, stderr may be merged with stdout in non-persistent mode, and eval_full cannot serialize closures that close over external variables. If you need faster, higher-level SSH scripting with built-in streaming, backup/restore and remote-eval features, this module is likely relevant.

Object::Configure makes it easy to add runtime configuration and fine‑grained logging control to your Perl objects without changing their code by wiring into Config::Abstraction for file and environment settings and into Log::Abstraction for logging. You call configure() from your constructor to merge default parameters with class‑specific, parent and universal configuration files plus environment variables, or use instantiate() to wrap third‑party classes, and you can register objects for optional hot reload so updated config files are applied at runtime on Unix systems. The module focuses on simple, noninvasive integration and supports inheritance so base class defaults can be overridden by child classes, and it preserves coderefs and blessed objects passed as parameters. The recent 0.20 release tightened hot reload reliability by fixing shutdown hangs, corrected reload path handling, improved handling of logger => 'NULL' and preservation of coderefs and object references, and added more complete documentation and tests.

Pass::OTP is a small Perl module for generating standards-compliant one-time passwords using the HOTP and TOTP algorithms. It implements RFC 4226 and RFC 6238 so you can derive HMAC-SHA1 based HOTP codes from a secret and counter or time-step based TOTP codes for time‑based two‑factor authentication. The API exposes hotp, totp and a convenience otp wrapper, and works with Pass::OTP::URI to parse otpauth:// URIs used by Google Authenticator and compatible apps. If you need to produce or verify 2FA codes in Perl for integration with authentication systems or token generators this module provides a lightweight, standards-compatible solution.

Storable::Improved is a lightweight, drop-in replacement for Perl's Storable that preserves the familiar API while addressing long-standing serialization problems left unresolved in core Storable. It safely supports GLOB-based objects and objects implemented in XS so that thawed instances behave like their original native objects rather than fragile Perl-only replicas. The module changes only freeze and thaw and adds two optional hooks, STORABLE_freeze_pre_processing and STORABLE_thaw_post_processing, which let object classes prepare themselves for Storable and restore fully working instances after thaw. If you persist filehandles, IO objects, or XS-backed objects, or if you write modules that need reliable store/thaw behavior, Storable::Improved is a simple, compatible option to try.

Business::ISBN::Data is the data companion for Business::ISBN that supplies the official ISBN range and publisher information derived from the ISBN Agency's RangeMessage.xml. It is normally loaded automatically and provides the group, publisher and prefix ranges needed to parse, validate and identify ISBNs, with a built-in fallback if no external file is available. You can point the module at a newer RangeMessage.xml at runtime using the ISBN_RANGE_MESSAGE environment variable or place the file in the current directory so you can use updated data without reinstalling the module. The data are refreshed frequently and recent updates include fixes for ISBN-13 handling and a fix to avoid unintended autovivification when looking for alternate data, so be sure to use Business::ISBN 3.005 or later. If you write Perl code that needs accurate ISBN ranges for validation or metadata lookup, this module provides the authoritative, regularly updated data you need.

Tstregex, provided as the command-line tool tstregex and as a Perl module, helps you diagnose why a Perl regular expression did not match by finding the longest partial match and pointing to the exact character and regex token where matching stopped. It pre-parses delimiters and modifiers, runs a "nibbling" search over progressively smaller subpatterns, and returns an easy-to-read diagnostic that highlights the failing portion of the input, shows the offending token, and reports execution time to help spot pathological backtracking or ReDoS risks. You can use it interactively from the shell for quick checks or embed its API in scripts to initialize a regex context, run tests, and retrieve match length or failure token programmatically. The module is cross-platform tested and production-ready, and a recent release renamed the package to Tstregex for correct MetaCPAN indexing while keeping the user-facing tstregex script name.

Data::HashMap::Shared provides ultra-fast, file-backed shared-memory hash maps for Linux (64-bit Perl) so multiple processes can read and write a common key/value store with minimal overhead. It offers type-specialized variants for integer and string keys and values, mmap or memfd backing, futex-based read/write locking with a lock-free fast read path, and atomic increment/decrement operations, which makes it especially attractive for counters, shared caches, and high-throughput IPC. Optional features include LRU eviction, per-key TTLs, sharded maps for parallel writes, cursor-safe iteration, batch operations, and a keyword-oriented XS API for top performance; when LRU and TTL are disabled reads are essentially zero-cost beyond a single branch. The API covers the usual map operations plus compare-and-swap, atomic take/pop/shift/drain semantics, multi-key batch calls, diagnostics and reserve/resize controls, and recent releases added CAS for string values along with new per-key TTL helpers such as add_ttl, update_ttl, cas_take, remove_multi, and get_with_ttl. Crash recovery detects and reclaims stale write locks via PID tracking but assumes a shared PID namespace, so cross-container sharing is not supported and calling clear after recovering from a mid-mutation crash is recommended for critical data. If you need a very fast, low-latency shared hash table between processes on Linux and can run 64-bit Perl, this module is highly relevant.

Time::Str is a Perl library for reliably parsing and formatting date and time strings across a wide range of standards. It gives you str2time to turn timestamp strings into Unix epoch seconds, str2date to extract parsed components without requiring a resolved timezone, and time2str to render epochs back into RFC3339, RFC2822, HTTP, SQL, ASN.1 and many other formats. It handles fractional seconds with configurable precision and an exact nanosecond override, includes a permissive DateTime-style parser for many real world inputs, and reports timezone details while intentionally leaving ambiguous abbreviations unresolved so you can decide how to handle them. The module ships with a fast XS backend and a pure-Perl fallback and works smoothly with DateTime and Time::Moment. Note the limitations of the module are English-only month and day names, no ISO week or ordinal dates, a supported year range of 0001 to 9999, and no automatic resolution of timezone abbreviations.

App::Test::Generator turns formal input/output descriptions into ready-to-run Perl test harnesses so you can add comprehensive black‑box checks to your module without hand-writing every case. It reads a schema or extracts one from source, then emits Test::Most .t files that combine randomized fuzzing, deterministic boundary cases, optional static corpora, semantic data generators (email, UUID, timestamps, etc.), and property‑based tests via Test::LectroTest, with support for reproducible seeds, timeouts, and configurable iterations. The distribution also integrates with mutation testing to generate TODO stubs and runnable, augmented schemas for surviving mutants and includes tooling to build a CI dashboard that tracks mutation and coverage metrics. If you maintain CPAN code and want to catch boundary errors, invalid inputs, flakiness, or regressions automatically, this toolkit streamlines that work. The latest release adds MUTANT_SKIP_BEGIN / MUTANT_SKIP_END annotations to exclude source regions from mutation testing and fixes several generator and Windows dependency issues to make the CI and dashboard workflow more reliable.

Authen::Radius is a compact Perl client library for sending and receiving RADIUS requests so your Perl programs can perform authentication, accounting and change-of-authority operations against RADIUS servers. It makes it easy to build packets from named or raw attributes, load FreeRADIUS/GNU-style dictionaries, and use a simple check_pwd helper for quick username/password checks while letting you control timeouts, source binding and retransmit behavior. The module supports modern RADIUS features such as Message-Authenticator, CoA and Status-Server requests, IPv6, tagged and vendor attributes, and can balance requests across a list of cluster nodes. Recent releases enable RFC3579 Message-Authenticator by default and emit it first in Access-Request packets to mitigate the Blast-RADIUS vulnerability, with an option to disable that behavior for legacy servers. Use Authen::Radius when you need straightforward, dictionary-aware RADIUS client functionality from Perl.