CPANscan

File::Copy::clonefile is a tiny Perl wrapper around the clonefile system call that lets you request a filesystem-level clone of a file from Perl. It exports a single function, clonefile, which you call with a source and destination path and then check the return value and $! on error. Because it delegates to the underlying clonefile syscall it only works on platforms that provide that facility, for example macOS, so it is useful when you need fast, space-efficient copies on systems that support copy-on-write cloning but not applicable on other platforms.

Perl500503Syntax::OrDie is a simple compatibility watchdog that helps you catch syntax and runtime constructs introduced after Perl 5.005_03 before you deploy to old systems. When you add use Perl500503Syntax::OrDie to a script it reads the calling file, masks comments and quoted literals, scans for newer language features and regex constructs, and dies with a filename and line number if anything unsupported is found. It also installs runtime guards to prevent certain unsupported uses of open and mkdir, and provides a programmatic API so you can scan strings or files on demand or run it from the command line. The module intentionally does not inspect the contents of string literals or the bodies of regexes and it is not a full Perl lexer so unusual quoting or dynamically generated code may evade or trigger false alarms. It is written to run on Perl 5.005_03 through modern releases, but be aware that its CORE::GLOBAL:: overrides affect the whole interpreter so it is not intended for use inside production processes.

File::FindRoot is a small Perl utility for locating a project's root directory by walking up the filesystem from a starting point until it finds a file, directory name, or pattern you specify. You give it a relative path or regex and it returns the ancestor directory that contains that target or undef if none is found. You can also supply a custom callback to decide what counts as a match, and tune behavior with options such as start_at to change the starting directory, limit to cap how many ancestors are checked, and debug/debug_fh to see progress. The module is minimal and easy to drop into scripts that need to locate config files, libraries, or VCS markers without relying on fixed paths. This is a newly released module with its initial user release in May 2026.

CPANSA::DB provides the CPAN Security Advisory reports as a ready-to-use Perl data structure, primarily to feed tools like CPAN::Audit but available to any code that needs a curated list of security advisories for CPAN distributions. You access it with CPANSA::DB->db and get a hashref of reports, and a matching JSON file is also provided if you prefer non-Perl consumption. Releases are published on GitHub and shipped with both GPG signatures and GitHub attestations so you can verify an archive came from the official source before trusting the data. The database is actively maintained with frequent updates and has recently been made more compact by switching to a terser internal format, so it is a convenient, verifiable source for integrating CPAN security information into scanners, audits, or dashboards.

HP::Handy is a compact, single-file template engine that brings Jinja2-style templating to Perl 5.5.3 and later without any external dependencies. It offers familiar {{ }} variable output, {% %} control tags, filters, tests, loops, template inheritance, macros and includes, plus simple customization like auto-escaping and configurable delimiters, and it exposes render_file and render_string methods as well as hooks to add custom filters and tests. The implementation is intentionally minimal and portable, using a regex-based evaluator so you can drop the file into small web projects or pair it with HTTP::Handy and DB::Handy to build a lightweight MVC stack. Because templates are parsed on each render there is no compiled cache, recursion and some advanced features like super or imports are not supported, and string operations are byte-oriented to preserve compatibility with older Perl versions. If you need a zero-dependency, Jinja-compatible templating layer for legacy or small-scale Perl apps, HP::Handy is a practical and easy-to-use choice.

aozora is a greple module for proofreading texts destined for Aozora Bunko that scans Japanese documents for common OCR and transcription problems, odd punctuation and spacing, kana and katakana anomalies, ruby/annotation issues, rare or old character usage, and other formatting oddities. It integrates with the greple search tool and exposes many command line checks you can enable to flag likely errors so you can inspect and fix them before submission. The module speeds up quality control for contributors preparing texts for Aozora Bunko, but it only highlights potential issues and can produce false positives, so manual review is still required.

App::cpm is a fast command-line installer for Perl modules from CPAN that aims to make installs more stable and predictable. It prepares dependency builds first and performs the final installation separately, so dependency graphs and parallel work complete more reliably. By default it installs the requested distributions and their runtime dependency closure, and it supports reading from cpanfile or STDIN, cached prebuilt builds for speed, and clear terminal progress and logging so failures are easier to diagnose. It targets modern Perls (requires v5.24 or later) and is a practical alternative to cpanminus and other installers for users who need repeatable, efficient installs. Recent releases added GitHub Artifact Attestations for CPAN tarballs to help verify provenance and an opt-out mechanism to report local Perl version usage to MetaDB.

App::ArithmeticsUtils is a tiny Perl distribution that provides a simple command-line utility and helper function for computing a division result and its remainder in one step. The core routine, calc_divide_remainder, takes two numeric arguments a and b and returns the quotient and remainder together as a pair, for example passing 140 and 6 yields [23, 2]. The function is not exported so you can use the provided script or call the function by its fully qualified name in your code. This module is useful when your scripts or command-line workflows need both parts of a division operation without extra boilerplate. The release is the initial 0.001 version and the project is hosted on MetaCPAN and GitHub.

XS::JIT is a compact runtime JIT compiler for Perl that lets you compile and load C/XS code on the fly without the heavier machinery of Inline::C. It is aimed at situations where you generate C dynamically and need fast, in-process compilation and symbol installation, and it avoids C parsing and xsubpp by emitting C directly and invoking the system compiler, with optional caching of compiled modules. You call XS::JIT->compile with your C source, a unique module name and a map of Perl function names to C functions, and you can choose between simple wrapper-style functions or XS-native functions for best performance, or use its generate_code, is_cached, cflags and libs helpers when embedding the JIT into build systems or other XS modules. The module also exposes a C API and Inline::C-compatible macros so existing XS code can be adapted easily. Recent fixes improve cross-platform linking and error reporting so dlopen failures now croak with the .so path and underlying OS error and the link order has been corrected for more reliable builds.

Time::Str is a Perl module for reliably parsing and formatting date and time strings across a wide range of standards. It exposes three main routines: str2time to convert a timestamp string into a Unix epoch (including fractional seconds), str2date to return parsed components such as year, month, day, hour, minute, second, nanosecond and timezone annotations, and time2str to render an epoch into many standard textual formats. The module understands ISO 8601 / RFC 3339, RFC 2822, HTTP dates, SQL/ISO9075, ASN.1 GeneralizedTime and UTCTime, RFC 9557 and common Unix and ECMAScript variants, and includes a permissive DateTime parser for many real-world forms. You get fine control over fractional precision and rounding, an explicit nanosecond override for exact output, a pivot_year option for two-digit years, and the ability to format with arbitrary timezone offsets. str2time requires a UTC designator or numeric offset and will croak on unresolved timezone abbreviations while str2date preserves such abbreviations for external resolution. The module integrates with Time::HiRes, DateTime and Time::Moment, and ships with optional fast C/XS parsers plus a pure-Perl fallback. Note the documented limitations: English-only month and day names, no ISO week or ordinal dates, a supported year range of 0001-9999, and no built-in resolution of ambiguous timezone abbreviations.

App::PTP is a small command-line toolkit that helps you build and run compact Perl-based pipelines and text transformations without writing a full script. It provides many convenience commands and switches for common pipeline tasks such as loading modules on the fly, running shell fragments, feeding arguments like xargs, deduplicating or uniquely filtering streams, grepping with flags, handling quoting modes for shell escaping, merging pipeline stages where specified, and even sorting version strings by semantic version with the new --semver-sort option. The distribution also includes a printable cheat sheet and a built-in set of commonly used modules to make one-liners and ad-hoc processing easier to write and reuse, and it adds workflow helpers like --push/--pop for saving and restoring file content. If you frequently use Perl from the command line to manipulate files or streams and want a richer, opinionated toolkit for composing pipelines, App::PTP is a practical, installable helper to simplify those tasks.

CPAN::Mirror::Tiny is a lightweight tool for building a private or partial CPAN mirror, often called a DarkPAN, so you can host and serve only the distributions you need. It lets you "inject" packages from local tarballs, HTTP URLs, Git repositories, or CPAN itself and then generates the standard CPAN index files so clients like cpanm or cpm can install from your mirror. The module is designed for embedding into CPAN clients and keeps dependencies tiny with no XS modules, making it portable and easy to deploy. A small command line interface is provided, metadata caching speeds up index generation, and Windows support has been improved. The latest stable release raised the minimum Perl requirement to v5.24 and the project publishes GitHub Artifact Attestations for release tarballs if you need provenance.

Proc::ForkSafe provides a small, practical wrapper to make objects safe to use across forked processes by ensuring the wrapped object is reinitialized in child processes instead of being accidentally shared. You supply a factory coderef that creates your persistent resource and then invoke methods through the wrapper; after a fork the wrapper gives the child its own fresh instance so sockets, database handles, and other non-fork-safe resources are not reused across processes. The module is lightweight and easy to integrate into code that uses long-lived clients or handles, and it is distributed under the same license as Perl. Note that the 1.0.0 release raised the minimum required Perl version to 5.24.

Parallel::Pipes is a low level Perl toolkit for running and coordinating worker processes using Unix pipes and select to detect when workers are ready and to collect their results. It exposes primitives for writing tasks to child processes, reading results back, and polling readiness so you can build custom synchronization and communication schemes without heavyweight frameworks. If you prefer a friendlier API there is a higher level Parallel::Pipes::App and real world usage can be seen in tools like App::cpm. Recent releases made the module require Perl 5.24 or newer and earlier updates added a "tick" facility to help heartbeat or timeout-style checks.

PAUSE::Permissions::MetaCPAN is a lightweight Perl wrapper around the MetaCPAN permission search API that fetches PAUSE/CPAN module ownership and co‑maintainer information. You construct it with new, optionally supplying an HTTP::Tiny object or an alternate API URL, and then call get with either an author name or a list of module names to receive a hash reference of permission records. Each record contains fields such as owner and co_maintainers and modules that are not found are returned as undef. This module is handy for maintainers and tooling that need to programmatically check who owns or co‑maintains CPAN modules, for example in release scripts or administrative tools.

Module::cpmfile is an experimental Perl module for reading and interpreting cpmfile dependency manifests, typically stored as cpm.yml, so you can programmatically load, validate and compute effective requirements such as runtime or build deps. It provides simple methods to load a cpm.yml and derive the dependency sets your application needs, and it follows the project JSON Schema on GitHub for validation. If you work with App::cpm or manage cpm.yml files, this module gives a lightweight, code-friendly way to parse and inspect those manifests and complements tools like Module::CPANfile for cpanfile formats.

Distribution::Metadata helps you trace an installed Perl module back to its CPAN distribution and read the metadata left on your system. It locates a module file, finds the .packlist and the distribution search directory, and then reports the distribution name, version, distvname, author and pathname, the distribution's main module and its version and file, the .meta directory, install.json and MYMETA.json paths, the files listed in the .packlist, and parsed hashes of install.json and MYMETA.json. It relies on the metadata layout produced by cpanm so it works best for modules installed with cpanm and may not find metadata for modules installed by hand or other installers. The constructor always returns an object even when metadata is missing so callers should check methods like packlist to know if the distribution was found. The recent 1.0.0 release raised the minimum required Perl to v5.24.

Darwin::InitObjC is a tiny macOS-specific helper that makes it safe to use fork in Perl programs that may touch Objective-C APIs by explicitly initializing the Objective-C runtime before you call fork. On macOS 13 and later, attempting to initialize Objective-C in a forked child can cause immediate crashes, and this module provides a simple maybe_init() call you can run early so child processes will not hit that error. It is lightweight and intended for scripts or modules that load macOS frameworks or bridge to Objective-C, and the v1.0.0 release raised the minimum required Perl to 5.24.

Command::Runner is a simple utility for running external programs or Perl code references from your Perl script while giving you easy control over timeouts, logging and the environment. You construct it with an external command, a code ref, or a command array and can capture stdout and stderr via callbacks or have them returned, redirect stderr to stdout, set environment variables, and run the command in a specific working directory. It is useful when you need reliable quoting across platforms, precise timeout behavior, and flexible logging without wiring up low-level process handling yourself. The run method returns a hashref with result, timeout flag, stdout, stderr and the child pid so you can inspect what happened. Note that the module recently bumped its minimum Perl requirement to v5.24 in the 1.0.0 release, so you will need a modern Perl to use the latest version.

CPAN::Perl::Releases::MetaCPAN fetches Perl release metadata from CPAN via the MetaCPAN API and maps each release to its tarball location and related info such as author, version, date, maturity, download URL and SHA-256 checksum. It provides both an object oriented interface that returns a list of release records and a simple functional interface like perl_tarballs that looks up tarball paths for a specific Perl version. The module is essentially a MetaCPAN-backed drop-in for CPAN::Perl::Releases and is useful when you need up-to-date CPAN release locations and provenance data. Artifact attestations for uploaded tarballs are available on the project GitHub for those who care about provenance. Recent notable change: the minimum required Perl was raised to v5.24 in the v1.0.0 update.

CPAN::02Packages::Search is a small, focused Perl module for quickly looking up package entries in the canonical CPAN index file 02packages.details.txt. You give it the path to the index and call search with a package name to get back a simple record such as version and tarball path or undef if not found. The module strips out everything but package lookup from the larger CPAN::Common::Index::Mirror project, so it is lightweight and easy to integrate into CPAN client code. It uses Search::Dict to perform a binary search, which makes lookups hundreds of times faster than a naive linear scan. Note that recent releases raised the minimum Perl requirement to v5.24 and the module itself is not fork-safe by default, so use a fork-safety wrapper like Proc::ForkSafe if your application forks.

App::RemoteCommand installs rcommand, a lightweight command-line launcher that runs commands or local scripts on many machines over SSH in parallel, collects each host's output with hostname and timestamp annotations, and summarizes success or failure. It is designed for straightforward orchestration tasks and will cache a sudo password so you do not get prompted repeatedly when elevating privileges. The tool assumes you can SSH into target hosts without interactive passwords or that you use ssh-agent for passphrase-protected keys, so it works best in key-based setups. The module is actively maintained and the most recent release raises the minimum required Perl version to 5.24.

OpenAPI::Client::OpenAI is a Perl client that makes it easy to call the OpenAI HTTP API from Perl programs by generating interface methods from an OpenAPI specification. It builds on OpenAPI::Client, exposes every API operation in both camelCase and snake_case, and handles authentication automatically from the OPENAI_API_KEY environment variable so common tasks like creating chat completions are a single method call. The module ships with a default openai.yaml spec but lets you supply your own spec file and includes examples and tests to get you started. Be aware that OpenAI is a paid service and the API evolves quickly, so the module may lag behind the latest API changes.

Net::Statsd::Lite is a lightweight Perl client for StatsD that implements the StatsD Metrics Export Specification v0.1 and lets you batch multiple metrics into a single UDP packet for efficient reporting. It provides the usual metric types you expect from a StatsD client, including counters, gauges, timings (and histogram), as well as set operations and a secure_set_add helper that HMAC-SHA-256 hashes sensitive values before sending. The client is configurable with host, port, prefix, autoflush and buffer size and exposes a record_metric hook so you can easily add extensions such as tagging in subclasses. Notes and caveats are documented by the author and include the fact that many StatsD daemons do not support every metric type or multimetric packets, measured values are expected to be integers within the spec limits, and a consistent secure_set_key must be used across processes and hosts to avoid skewed set counts. The module requires Perl 5.20 or later and is actively developed on GitHub.

Net::Statsd::Tiny is a compact, dependency-light Perl client for sending StatsD metrics that makes it easy to record counters, gauges, timings, histograms and set members and to batch multiple metrics into a single UDP packet. It supports sampling rates, buffered or immediate sending via an autoflush flag, and you can specify host/port/protocol or pass an IO::Socket directly for custom networking; recent releases switched to IO::Socket::IP and made the socket attribute public while fixing flush behavior for alternative sockets. The module follows the StatsD Metrics Export Specification and is suitable for small apps or scripts that need simple metric reporting without heavy libraries, but be aware that some StatsD daemons do not support every metric type or sampling and that historically values were not strictly validated. Security and validation around metric names were improved in recent versions to prevent injection and other issues, and the module requires Perl 5.12 or later.

Crypt::Passphrase::SaltedHash is a small adapter that lets Crypt::Passphrase recognize and validate password hashes produced by Crypt::SaltedHash, so you can verify legacy SaltedHash strings and detect when those hashes should be rehashed under a stronger scheme. It plugs into Crypt::Passphrase via the validators option and supports the usual verify_password and needs_rehash workflow, making it easy to authenticate users stored with SaltedHash and migrate them to modern encoders like Argon2. This is the initial 0.01 release.

Text::Unpack::Auto detects column boundaries in fixed-width plain text and either generates an unpack template or returns parsed rows for you, so you do not need to handcraft unpack strings. It exports guess_unpack to produce an unpack format from sample lines and auto_unpack to split each input line into an arrayref of trimmed fields, returning one arrayref per line. You can tune detection with options such as minimum_gap to control how small spaces are interpreted, which makes it handy for parsing legacy reports, command output, or any columnar text where widths are consistent but formats are not documented.

Test::Returns provides a lightweight testing helper to assert that a function's return value matches a schema, exporting returns_ok (alias returns_is) and returns_not_ok so you can declare expected types and structures for return values in unit tests instead of writing ad hoc checks. It uses Return::Set and Params::Validate::Strict to perform the validation and integrates with Test::Builder so it works smoothly alongside Test::More and Test::Most. If your tests need to verify that routines return the right kind of data structures or types this module makes those checks concise and readable. The recent 0.03 release adds convenient handling of type => 'array' as a synonym for type => 'arrayref', documents that underscore-prefixed schema keys are passed through unchanged, and fixes a bug to make array validations behave correctly while providing clearer diagnostics when a non-reference is returned.

File::Meta::Cache provides a lightweight, high-performance cache of open file descriptors and stat metadata so programs that repeatedly access the same files can avoid repeated open and stat calls and reduce the number of open file descriptors required. It is aimed at servers and other high-frequency readers of static files and offers both an object oriented API and direct callable opener/closer/sweeper/updater subs for minimal overhead. Cache entries are array references with fixed index fields and include a USER slot where you can stash precomputed data such as HTTP headers, so the module favors speed over a fancy interface and requires callers to manage per-user file positions. The cache tracks its own reference counts and exposes a sweep method you should call periodically to expire unused entries. Recent releases added redirected file linking to emulate links on filesystems that lack them and fixed a posix open edge case where a '0 but true' file descriptor value needed conversion. If you need to speed repeated file reads and are comfortable with low-level, index-based entries and manual position management, this module is likely relevant.

Email::Address::List parses RFC-style address lists found in headers like From, To, Cc, Bcc, Reply-To, Sender and Resent-* and turns them into a stream of typed entries such as mailboxes, group start/end markers, standalone comments, and unknown tokens so you can inspect or manipulate the full structured content of a header rather than just pluck addresses from free text. Each mailbox entry carries an Email::Address object and helpful flags for obsolete syntax and non-ASCII local-part or domain parts, and the parser aggressively removes stray whitespace and Unicode format characters from local-part and domain to avoid undeliverable addresses introduced by copy/paste. You can control what the parser emits with options to skip comments, groups, non-ASCII mailboxes, or unknown elements, and it attempts graceful recovery from malformed input by skipping to the next separator. Note that group names are not fully post-processed yet and may include noise, and recent maintenance improved Unicode whitespace stripping and addressed past regex backtracking issues for better robustness.