CPANscan

Git::Native is a lightweight Perl interface for working with Git repositories directly via libgit2 without spawning the git command. It is a Moo-based wrapper around Git::Libgit2 that uses FFI::Platypus so you can open or init repositories, create blobs, build trees and create commits programmatically inside your process. It provides convenience methods like open, open_ext, init and reference_name_is_valid so common repository tasks are simple and fast. Use it when you need native, non-forking Git operations as an alternative to modules that shell out to git. The author positions it against Git::Wrapper and Git::Repository which run the git binary, Git::Raw which is XS and unmaintained, and Git::PurePerl which is read-only.

Cpanel::JSON::XS is a cPanel-maintained fork of JSON::XS that provides fast and correct JSON encoding and decoding for Perl, implemented in C for high performance. It focuses on proper Unicode handling and preserving round-trip integrity while being strict and secure by default, though it offers many configurable modes for ASCII, latin1, binary, relaxed parsing, big numbers, and object serialization via TO_JSON or a tagged FREEZE/THAW protocol. The module supports incremental streaming parsing, detects BOMs, is thread safe, and is the backend that JSON::MaybeXS will pick when available, so it is a good choice when you need a battle-tested, high-performance JSON tool for Perl. The project is publicly maintained on GitHub with a bug tracker and the author notes it will be replaced by a JSON::Safe module in the future to provide safer defaults.

SignalWire is the Perl port of the SignalWire AI Agents SDK that helps you build, deploy, and run AI agents as small web services that expose HTTP endpoints and connect to the SignalWire platform. It gives a structured prompt model for composing agent prompts, lets you define local tool handlers in Perl or declarative DataMap tools that call external APIs without webhooks, and includes a skills system, context management for multi-step flows, ready-made agent prefabs, a multi-agent HTTP server, a WebSocket Relay client for real-time call control, and a REST client for synchronous API access. You can add capabilities like datetime, math, or web search, host multiple agents in one process, and wire handlers to return structured function results that your agent uses when interacting with users. The module expects SignalWire credentials via environment variables and is available under the MIT License from the project repository at https://github.com/signalwire/signalwire-agents-perl; note the POD mentions a minor documentation encoding glitch.

RT-Extension-AI brings generative AI into Request Tracker to help summarize ticket conversations, assess sentiment, suggest or rewrite responses, autocomplete editor text, translate content, and even guide administrators through creating new queues. It installs as an RT6 plugin and connects to any REST-based AI provider such as OpenAI or Google Gemini with configurable prompts, models, and per-queue settings so you can tune behavior and limit features where needed. The extension provides scripted actions that update ticket custom fields, editor integrations via a CKEditor plugin that insert AI suggestions into replies, and optional context files of past tickets to improve suggestion quality. Setup follows the standard Perl module installation and includes sample configuration showing provider credentials, feature flags, and prompt templates. Be aware that some editor features may call the AI service frequently and that provider authentication or small provider-specific adjustments may be required.

Geo::Coder::OpenCage is a Perl client for the OpenCage Geocoding API that makes forward and reverse geocoding easy to use from Perl programs. You provide an API key and call geocode with a location string to obtain coordinates or reverse_geocode with latitude and longitude to obtain address details, and the module returns a parsed Perl hashref containing status and results. It supports common API options such as language, result limit and country hints, uses HTTP::Tiny by default but lets you supply a custom HTTP client, and it always sets a module-specific User-Agent header. Responses are parsed for you so JSONP is not used and you should check the response status to detect errors or rate limits. If you need programmatic access to OpenCage geocoding from Perl this module provides a straightforward, ready-to-use interface.

Catalyst::Plugin::OpenIDConnect is a Catalyst plugin that enables your application to act as an OpenID Connect provider (authorization server), not as a client. It supplies the standard OIDC endpoints (discovery, authorize, token, userinfo, jwks, logout), RS256 JWT signing and verification, state and one-time code storage, and hooks for your controllers so you can integrate your own login flow and routing by extending the plugin controller. Configuration is done in your Catalyst config with issuer keys and client entries, and the plugin supports pluggable stores including an in-memory backend and a Redis-backed store for multi-process deployments. Recent releases focus on production-grade security hardening, adding PKCE for public clients, refresh-token rotation with server-side JTIs, stricter JWT claim validation and constant-time secret checks, fixes for open-redirect issues, and automatic HTTP security headers on OIDC responses, making it a solid choice when you need a configurable, secure OIDC authorization server inside a Catalyst app.

Data::ReqRep::Shared is a Linux-only, 64-bit Perl module that provides a high-performance shared-memory request/response channel so multiple clients can send requests to multiple worker processes and receive replies without a broker or per-connection sockets. It offers two flavors: Str for variable-length byte payloads with a mutex-protected arena and configurable fixed-size response slots, and Int for lock-free int64 requests that boosts single-process throughput for simple numeric messages. The API supports synchronous and asynchronous calls, timeouts, cancellation, batching on the server, and optional eventfd integration for easy event-loop wiring. Built-in crash recovery reclaims stale mutexes and abandoned slots and generation counters prevent ABA problems. You tune capacity, slot count, and response size to trade memory for concurrency, making this a strong choice for high-throughput MPMC IPC scenarios where you want low latency and no broker process.

Data::Queue::Shared is a Linux-only Perl library that implements high-performance, bounded multi-producer multi-consumer queues in shared memory for fast cross-process IPC. It offers lock-free integer queues (Vyukov MPMC) for very high throughput and compact per-slot storage, plus a futex-protected string queue with a circular arena for variable-length messages and deque operations for requeueing or work stealing. Backings include file-backed mmap, anonymous MAP_ANONYMOUS for fork-inherited sharing, and memfd for passing a single fd between unrelated processes, and the API includes nonblocking and blocking push/pop with futex timeouts, batch operations, optional eventfd integration for event loops, stats, and PID-based stale-lock recovery. The module is useful when you need a fast shared queue for job IDs, counters, or messages and want better performance than kernel message queues or pure-Perl solutions. The latest release fixes a missed-wakeup race in wait operations, changes batch push/pop to wake all relevant waiters instead of one, caps pop_multi requests at the queue capacity to avoid over-allocation, and stops eventfd_set from closing caller-supplied file descriptors.

Data::PubSub::Shared is a Linux-only, 64-bit-Perl library that implements a very fast publish/subscribe channel using shared memory and a circular ring buffer so multiple processes can broadcast messages with minimal overhead. Publishers write into a file-backed, anonymous, or memfd-backed mmap and subscribers read independently with their own cursors so reads never remove data and slow readers simply reset to the oldest available slot while lost messages are counted. The module offers several variants: lock-free Int, Int32, and Int16 modes for compact, high-throughput numeric payloads and a Str mode for variable-length strings where publishers are serialized by a mutex but subscribers remain lock-free; Str messages are stored in a capped arena (default 256 bytes). It includes futex-based blocking polls with timeouts, eventfd integration for event loops, batch publish and drain operations, per-subscriber lag and overflow stats, memfd support for fd passing, and keyword helpers. Throughput numbers are in the millions of messages per second for integer modes and very high for batched operations, making this a good fit for low-latency IPC, telemetry, logging, and event distribution where overwriting old messages is acceptable.

Data::Heap::Shared provides a binary min-heap priority queue that lives in shared memory so multiple Linux processes can push and pop integer (priority, value) pairs concurrently. It offers a simple API including push, pop, peek and pop_wait (blocking with optional timeout), plus construction from a memfd or an existing file descriptor and eventfd-based notification for wait/notify use cases. Operations are mutex-protected with futex waiting and the module implements PID-based stale-mutex recovery, but if a process dies mid-operation the mutex can be recovered while the heap data may be left partially sifted so you should clear and rebuild after recoveries in critical applications. The module is Linux-only and requires 64-bit Perl, delivers solid single- and multi-process throughput, and exposes stats and maintenance methods, and you should avoid sharing the backing file with untrusted processes because the mmap region is writable by any opener. Recent fixes cap the heap capacity at UINT32_MAX to prevent silent truncation and close backing fds on allocation failure to eliminate a memfd leak.

App::Netdisco is an open source, web‑based network management tool that uses SNMP to collect device data into a PostgreSQL database and expose it via a built-in web server and backend daemon. It helps network teams find a machine by MAC or IP and trace the exact switch port, manage port state such as shutdown, VLAN or PoE, generate inventory reports by vendor and software, and produce visual topology maps. The project provides command line utilities, a plugin system for custom extensions, container images and a public demo, and is intended for self‑hosted deployments that meet the Perl and PostgreSQL requirements and perform an initial device discovery to seed the database.

SPVM is a statically typed language that looks and feels like Perl but is designed for higher performance and tighter C and C++ integration. It offers Perl-like core functions and modules, ahead of time and just-in-time compilation, native threads and lightweight goroutine-like coroutines, and tools to run scripts, build standalone executables and call SPVM code from Perl programs, so you can write high‑speed routines in a familiar syntax and bind them to existing C or C++ libraries. The project includes a builder toolchain, resource and packaging support, and a Perl exchange API so Perl and SPVM can interoperate, but it has not yet reached a 1.0 stable release and the author warns that backward compatibility is not guaranteed. Recent work in the 0.99 series focuses on the build system and configuration APIs, with a May 2026 update that fixes a LinkInfo configuration bug and reorganizes several SPVM::Builder::Config classes and methods to make native and executable builds more robust.

Alien::Libgit2 is an installer helper that makes the libgit2 C library available to other Perl modules by either locating a suitable system libgit2 (via pkg-config, requiring version 1.5 or newer) or building a bundled copy with CMake so no network access is needed at install time. It exposes the usual integration points for XS consumers with cflags and libs and for FFI users with dynamic_libs so modules like Git::Libgit2 can link to libgit2 reliably. The current release bundles libgit2 1.9.3, includes updated CI, and has been tested on Debian, Alpine, and macOS, making it a straightforward choice if you need a predictable libgit2 dependency for CPAN modules.

Term::ANSIEncode is a Perl module and companion command-line tool that converts a simple bracketed markup language into ANSI escape sequences so you can produce colored, positioned and styled terminal output from Perl programs or scripts. You write human-friendly tokens such as [% RED %], [% BOLD %], [% LOCATE 10,5 %], box and frame blocks, horizontal rules, wrapped or justified text and small macros inside strings and pass them to ansi_output to render on a UTF-8 capable terminal. The module auto-detects terminal color capability including 256-color and 24-bit truecolor and supports RGB color tokens, a large Unicode symbol table (with an option to abbreviate the table for faster startup), and many frame and formatting tokens to build simple terminal UIs or decorative output. An executable named ansiencode ships with examples and helpers for exploring tokens and colors, and ongoing development has focused on expanding token and color support, improving symbol handling and polishing output and documentation.

Log::Abstraction is a lightweight logging abstraction for Perl that lets you send log messages to a variety of backends without tying your code to a particular logger implementation. You configure it with constructor arguments, a config file, or environment variables on non‑Windows systems and then use familiar methods like debug, info, notice, trace, warn, error and fatal while controlling the minimum level and querying is_debug or messages. Backends can be code references, arrays, files or file descriptors, objects, syslog, or an email sender for high‑priority alerts; formatting tokens are available for level, timestamp, callstack, class, message and environment variables. It defaults to Log::Log4perl but only loads what is needed and supports cloning logger objects with their state. Recent work adds a sendmail throttle so at most one alert email is sent per configured interval and email headers are sanitized, making it useful for apps that need flexible routing of logs and occasional alerting without changing logging calls.

Data::Sync::Shared implements five cross-process synchronization primitives — semaphore, barrier, reader-writer lock, condition variable with a built-in mutex, and a one-time init gate — by storing control state in mmap'ed shared memory and using Linux futexes for efficient blocking. It offers file-backed, anonymous (fork-inherited), and memfd-backed modes, scope-based guard objects that auto-release locks, timeouts on blocking operations, optional eventfd hooks for integrating with event loops, and PID-based detection and recovery when a holder process dies. Note that it is Linux-only and requires 64‑bit Perl, and because the shared memory is writable by any opener you should not expose backing files to untrusted processes. The recent release improved RWLock dead-reader recovery and bumped the RWLock map version, so existing RWLock maps must be recreated after upgrading. Use this module when you need fast, low-level, cross-process synchronization for things like connection pools, worker coordination, or shared data structures.

Data::Pool::Shared implements a fixed-size object pool in shared memory for Linux running 64-bit Perl, letting multiple processes allocate and free numbered slots much like a small cross-process allocator. It provides a raw byte pool plus typed variants for int64, int32, double and fixed-length strings with atomic operations like CAS, exchange and atomic add, and supports blocking, non-blocking and timed allocation as well as batch alloc/free for better throughput. The module is lock-free at the bitmap level and uses futexes to block when the pool is full, offers zero-copy read access via SVs and raw memory pointers for FFI or OpenGL, and has helpers such as RAII-style guards, memfd or anonymous mappings, and a recover_stale routine that reclaims slots owned by dead processes. It is designed for high performance in concurrent and multi-process scenarios but note that the shared mmap is writable by any process that can open it so you should avoid sharing backing files with untrusted processes and prefer anonymous or memfd modes for stronger isolation.

Data::Stack::Shared provides a lock-free, shared-memory LIFO stack for Linux programs written in 64-bit Perl, letting multiple processes push and pop values safely via an atomic top index and per-slot publication state, with futex-backed blocking and optional timeouts. It comes in two variants for 64-bit integers and fixed-length strings and supports anonymous, memfd, or file-backed shared regions so you can attach multiple processes to the same stack. Common operations include non-blocking and blocking push/pop, peek, size/capacity queries, an eventfd-based notification API, and a concurrency-safe drain that can reclaim slots left in a writing state by crashed pushers. The design is MPMC-safe and aims for high throughput while keeping publication and consumption ordered; recovery of stalled publishers is bounded to about two seconds and may silently drop a value if a still-running publisher is falsely reclaimed. Note that the on-disk format moved to version 2 and old v1 files from earlier releases will not open, and the mmap is writable by any process that opens it so you should not share backing files with untrusted code. Recent updates improved drain reliability by adding bounded recovery for stuck write slots and making slot publication CAS-only to avoid clobbering during recovery.

Data::RingBuffer::Shared provides a simple, high-performance fixed-size circular buffer in shared memory so multiple Linux processes can exchange numeric data without blocking writers. It comes in typed variants for 64-bit integers and doubles and always accepts writes by overwriting the oldest entries when full, while readers can fetch the most recent items by relative position or by absolute sequence number and can wait for new data with an optional timeout. The module exposes simple status and lifecycle operations such as size, capacity, head, count, to_list, clear, sync and unlink, supports creation from a file path, memfd or file descriptor, and integrates with eventfd for efficient notification. It is designed for use cases like metrics rings, sensor streams, rolling windows and debug traces, is very fast in single-process benchmarks, and is Linux-only and 64-bit Perl only. Be aware that the shared mmap region is writable by any process that opens it so do not share backing files with untrusted parties.

Data::Log::Shared provides an append-only write-ahead log stored in shared memory for Linux systems running 64-bit Perl. It lets multiple processes append variable-length records concurrently while other processes replay or tail the log from any position, and it can be backed by a file or a memfd. The API is simple: append returns an offset, read_entry and each_entry let readers iterate with built-in handling for in-flight or abandoned writes, wait_for blocks until new entries arrive, and truncate, reset and sync control lifecycle. Truncation marks old entries as logically invalid in a concurrency-safe way but does not reclaim physical space, and reset reclaims space by zeroing the region so it must only be used when no other process is accessing the log. The mmap region is writable by any process that opens it so do not share the backing file with untrusted processes. Recent v2 changes add a per-slot reserve size so readers can skip slots left by crashed writers, introduce an optional abandon_wait_us to control how long readers wait before skipping uncommitted slots, and make reset zero the data region; note that v1 logs must be recreated after this change. This module is designed for high-throughput multi-process logging and is a good fit for audit trails, event sourcing and debug logging where persistent, replayable records are required.

Data::Deque::Shared provides a high-performance shared-memory double-ended queue for Linux, implemented as a ring buffer with atomic CAS push/pop on both ends and futex-based blocking when empty or full. It comes in Int and fixed-max-length Str variants, supports anonymous, file-backed and memfd-backed mappings, and is safe for multi-producer/multi-consumer workloads thanks to a per-slot control word that enforces publication ordering. The module exposes blocking and nonblocking push/pop operations, convenience methods to inspect size and stats, an MPMC-safe drain() that can recover slots whose pushers crashed or stalled, and eventfd-based notification hooks. Note the usual constraints: Linux-only, 64-bit Perl, capacity limited to <= 2^31, and mmap regions are writable by any opener so do not share files with untrusted processes. Recent changes add a bounded (~2s) recovery path for stuck pushers, make slot publish CAS-only to avoid clobbers, and introduce a recoveries counter and stricter header validation for the new file format v2.

Data::Buffer::Shared provides fast, typed, fixed-capacity buffers stored in file-backed or anonymous mmap regions so multiple processes on Linux can share numeric arrays or fixed-length string slots with minimal overhead. It offers per-type modules for common integer, float and string widths and exposes lock-free atomic get/set for single numeric elements plus atomic integer ops like incr, add and compare-and-swap, seqlock-guarded bulk slice and fill operations, and a futex-based read/write lock for safe batch access. You can create buffers from a path, an anonymous mapping or a memfd and reopen a memfd via new_from_fd, and the API includes both XS keyword functions for speed and object methods, zero-copy mmap-backed scalar reads, raw pointers for FFI, explicit lock calls, and helpers such as sync, unlink and stats. Note that it is Linux-only and requires 64-bit Perl. The recent 0.04 release improves recovery when readers die while holding locks and bumps the on-disk header version, so maps created with older releases must be recreated.

Test::MockModule is a lightweight testing aid that lets you temporarily replace or add subroutines in another package so you can isolate and exercise parts of your code without touching the real dependencies. You create a mock object for a package, install mocks, redefine existing functions or add new ones, and the module remembers and restores the original routines automatically when the mock goes out of scope or you call unmock. It supports a strict mode that forces you to only rewrite real APIs, convenience helpers to install no-op stubs or mock an entire package, and special handling so mocked methods play nicely with Moose and Mouse metaclasses. The latest release restores the traditional singleton-per-package behavior by default and adds original_for to let closures call the true original subroutine without capturing the mock object, which avoids scope-leak problems when you opt into layered mocks.

Plack::Middleware::Security::Simple is a lightweight security filter for PSGI/Plack web applications that helps block obvious exploit probes by matching request fields like PATH_INFO, headers, user agent or any custom code you provide. Configure it with built‑in rule sets from Plack::Middleware::Security::Common, a Hash::Match specification or a coderef and the middleware will invoke a handler when a rule matches; the default handler logs the event and returns HTTP 400 so you can hook it into log-based tools like fail2ban or supply your own response. It covers common nuisance and attack patterns such as risky file extensions, CMS and script prefixes, header and script injection attempts and other known probe types, and it is intended as a simple in‑app layer rather than a replacement for a full reverse‑proxy WAF like modsecurity. Recent updates fixed a header_injection rule vulnerability (CVE-2026-9658) and added a misc_vulns rule to improve coverage. Requires Perl 5.14 or later and the project is maintained on GitHub.

Authen::OATH is a lightweight Perl module for generating OATH-compatible one-time passwords using the HOTP and TOTP algorithms, letting you add time- or counter-based OTPs to authentication flows. It exposes a simple OO interface where totp(secret[, manual_time]) returns a time-based code and hotp(secret, counter) returns a counter-based code, with sensible defaults of six digits and SHA1 hashing but options to change digits, digest, and the TOTP timestep. The implementation follows the RFC test vectors so outputs are standards-compliant, and it supports alternative digests if you need them even though SHA1 is the protocol norm. If you use Google Authenticator remember to base32-decode its secret before calling totp. This module is a practical choice when you need straightforward OTP generation in Perl without pulling in heavy dependencies.

Data::HashMap::Shared is a high-performance Perl module that provides file-backed, type-specialized hash maps in shared memory so multiple processes can efficiently share key/value data on Linux. It offers a range of typed variants (integer↔integer, string↔string and mixed forms), lock-free read paths with futex-based writers, atomic integer operations, optional LRU eviction and per-key TTLs, memfd and anonymous mappings for handoff between processes, sharding for parallelism, and both keyword and method APIs for speed and convenience. The module handles string storage with an arena allocator and stores short strings inline to cut latency, includes cursors and batch operations, and exposes rich diagnostics and stats. It also contains logic to detect and recover from dead writers or readers so a crashed process does not permanently block the map, but recovery relies on a common PID namespace and a mid-mutation crash can leave an individual entry partially inconsistent so clearing after recovery is recommended for safety-critical uses. This is a Linux-only module and requires 64-bit Perl, and it is a good fit when you need a fast cross-process cache, counters, or other shared data structures.

RPM::Query is a lightweight Perl module that exposes the system rpm --query functionality as an object-oriented API so Perl scripts can inspect installed RPM packages and their dependency information. It offers simple methods to fetch the most recent matching package or a list of matches, obtain package details as a hash, verify a package, and list what a package provides or requires as well as which packages provide or require a given capability. Methods return Perl objects, arrays, or undef when a package is not present, making it easy to integrate RPM inspection into automation or packaging scripts. Because it wraps the rpm command, it is intended for RPM-based Linux systems and depends on the rpm binary being available.

Markdown::Simple is a compact, fast Perl XS renderer that turns Markdown into HTML using GitHub Flavored Markdown by default while letting you switch to strict CommonMark or toggle individual features like tables, strikethrough, task lists, autolinks and raw HTML handling. You can use the simple functional call markdown_to_html for one-off conversions or create a persistent Markdown::Simple object and call render repeatedly to reuse the parser arena and avoid per-document allocation overhead when processing many files. The module exposes flags for safety and formatting such as disallow_raw_html, unsafe, hard_breaks and strict_utf8, and you can disable specific syntaxes so they remain literal text. Version 0.11 added strip_markdown, which removes formatting markers but keeps list markers and table pipes for scan-readability. Overall it is a practical choice when you want a configurable, CommonMark/GFM-conformant Markdown-to-HTML renderer with native performance.

App::Yath::Plugin::Utilization is a yath plugin that gates test launches based on live system utilization so your test suite does not overwhelm a busy machine. It lets you opt in to a set of resource checks that monitor CPU, free memory, free disk, per-user pipe budgets, process ulimits, and a configurable spawn-rate throttle, and prevents new tests from starting when those resources exceed configured thresholds. You enable it with -pUtilization or in .yath.rc and tune global thresholds with flags like --utilization-utilize (also -U) or the convenient -Z shortcut that flips on the full stack and sets the threshold in one go. Individual resource controls are available and can be added or excluded as needed via the Test2::Harness::Resource::Utilization::* modules. Note that CPU, memory, unixlimits and pipe limits read /proc and so are Linux only, disk checks require Filesys::Df to be installed, and the throttle provides portable fallbacks for core counting. This initial release ports the Test2‑Harness2 resource stack to the legacy yath harness so you get the same practical gating behavior for older test runners.

Net::DNS::Resolver::Unbound is a Net::DNS backend that delegates DNS lookups and DNSSEC validation to the libunbound library so you get a full resolver implementation inside your Perl program. It plugs into Net::DNS as an alternative resolver and can be configured from resolv.conf or programmatically with nameservers, stub zones, forwarders, trust anchors and other Unbound options; it also supports DNS over TLS, hosts-file overrides, automated trust-anchor maintenance, async resolution and various debug controls. The module replaces the send/bgsend behavior of Net::DNS::Resolver::Base and can be registered globally as the default Net::DNS resolver with the -register import flag. Be aware that low-level packet controls are largely handled by libunbound so you cannot set arbitrary DNS header flags or EDNS options, you cannot send raw pre-built packets, and Unbound synthesizes reply packets (the returned query ID is always zero). Recent releases refactored send() to use an asynchronous resolver and added DNS over TLS and other robustness improvements.