CPANscan

Attean is a Perl framework for working with Semantic Web data that makes it easy to parse, store, query, and serialize RDF and SPARQL content. It provides a consistent API to load triples and quads from many formats, push them into pluggable stores (including an in-memory store for temporary models), run SPARQL queries and iterate over results, and produce output in a variety of media types. The module discovers parser, serializer, and store implementations via a plugin convention, and includes helpers for HTTP content negotiation, and for registering custom SPARQL functions, functional forms, aggregates, and datatype roles. Use Attean when you need to build RDF data pipelines, convert between RDF formats, or embed SPARQL evaluation in Perl applications.

EV::cares is a high-performance asynchronous DNS resolver for Perl that embeds the c-ares C library directly into the EV event loop so socket I/O and timers run in XS with no Perl-level event overhead. It gives you a simple object API to run many concurrent lookups and bulk queries, resolve A/AAAA and reverse names, perform search/domain-appended queries, issue raw DNS queries, and parse a wide range of record types including MX, SRV, TXT, HTTPS/SVCB, TLSA and DNSSEC-related records while also returning per-record TTLs for cache-aware applications. You can control servers, timeouts, retries, ports, EDNS size, hosts-file lookups, address sorting and local binding, and enable a TTL-bounded result cache. Callbacks are driven safely on the EV loop and exceptions are caught so they do not unwind your program. The module requires c-ares >= 1.24 and gains richer parsing for HTTPS/SVCB and TLSA with c-ares >= 1.28. Be aware that parsed DNSSEC records are not cryptographically validated by this module and that DoT/DoH server URI forms may be unsupported on older c-ares releases.

Data::Throttler is a lightweight Perl module for enforcing rate limits by counting events in time buckets and answering with a simple yes or no when you try to record an event. You call try_push to see whether an action should proceed and you can throttle globally or per key so, for example, a single IP can be limited to 100 sends per hour. It can keep its counters in memory or use a persistent backend like YAML/DBM::Deep so limits survive across processes and restarts, and it includes locking and a reset_key method for coordinated multi-process use. The module splits the configured interval into buckets and sums recent buckets to decide allowance, you can tune the number of buckets, test with a custom time, and dump bucket contents for debugging although that pretty print requires Text::ASCIITable. Note that bucket spacing defaults to the interval divided by ten and sub-second resolution is not supported, making this a good fit for typical per-minute or per-hour throttles such as email or API rate limiting.

XML::PugiXML is a Perl binding for the pugixml C++ XML parser that gives you a DOM-style API for fast parsing, XPath queries, tree navigation, modification and serialization. You can load XML from files or UTF-8 strings, query with XPath or compiled XPath for repeated searches, edit nodes and attributes, clone subtrees and write the result back to a file or string with flexible formatting options. It is significantly faster than XML::LibXML for parsing, traversal and many common operations and is safe by default against XXE and entity expansion attacks. The module uses reference counting so node handles keep their parent document alive, but handles become stale if you reset or reload the document and different document instances may be used from different threads while concurrent access to the same document is not supported. Recent releases improve robustness by catching C++ exceptions at the XS boundary, reject cross-document node arguments and embedded NULs, and fix the default indentation handling.

Text::Stencil is a compact, high-performance template renderer for turning uniform lists or tables of data into text, HTML, JSON, or other flat formats using a precompiled row template with simple placeholders like {0} or {name}. It supports arrayref and hashref rows, rich transform chaining for escaping, formatting and logic (html, json, url, numeric formats, trimming, truncation, defaulting, pluralization, date and more), and can stream output to a filehandle or accept a callback for streaming generation, making it a good fit for fast table or list rendering tasks. Templates are parsed once for maximum speed, and the module exposes conveniences such as header/footer sections, custom delimiter characters, sorted rendering, and a clone method to reuse layout. Note that renderers are not safe for concurrent use from multiple threads and some case conversions are ASCII-only, so create separate objects per thread or serialize access. The recent 0.02 release fixes several safety and correctness issues including render-buffer use-after-free on croak, buffer freeing when a callback dies, an int_comma overflow for very large values, and a few transform validation and pluralization fixes.

JSON::YY is a high-performance Perl JSON module that uses the yyjson C library and offers three ways to work with JSON: ultra-fast functional keywords for one-shot encode/decode, an OO coder compatible with JSON::XS-style options for configurable use, and a Doc API that lets you inspect and surgically edit a mutable JSON document tree via JSON Pointer paths without materializing the whole structure. It provides zero-copy readonly decoding for very fast read access, path-based get/set/delete and iteration, file I/O, RFC 6902 patch and RFC 7386 merge-patch support, and convenient serialization and comparison helpers, making it particularly effective for large documents and operations that change only small parts of a JSON payload. The Doc API delivers big speedups over decode-modify-encode for medium and large payloads. Known limitations are that canonical (sorted-key) output is not implemented, NaN and Infinity cannot be encoded and will croak, and JSON true/false decode to Perl 1/0 rather than to overloaded boolean objects unless you use the Doc API jbool or special scalar refs. If you need very fast encoding or efficient, path-oriented manipulation of large JSON data in Perl, JSON::YY is worth considering.

EV::Gearman is a fast, low-level asynchronous Gearman client and worker for Perl built on the libev event loop, implemented in XS so you do not need a separate libgearman dependency. A single EV::Gearman object can act as client, worker, or both and supports pipelined foreground and background jobs, progress and warning callbacks, scheduled jobs, unique-key de-duplication, and an async worker mode for deferring completion to timers or external IO. The module also handles Gearman’s text admin protocol on the same connection, provides automatic reconnect, configurable timeouts and keepalive, and lightweight buffer management for good throughput and memory behavior, and it runs cleanly under AnyEvent when EV is the backend. Callbacks follow a simple (result, err) convention and exceptions in user code are caught and reported without unwinding the event loop. One caveat is that hostname resolution currently uses a synchronous getaddrinfo call which can block the loop, so prefer IP literals or pre-resolve names for fully non-blocking reconnects. Initial release 0.01 (2026-06-02).

GD is the standard Perl interface to the libgd graphics library that lets you create, load, edit and export bitmap images programmatically. Using GD::Image you can draw primitives such as lines, shapes and arcs, paint with brushes or tiled patterns, flood fill, render text with built‑in or TrueType fonts, and work with alpha transparency, antialiasing and styled lines. It can read and write common formats including PNG, JPEG, GIF and many modern formats like WEBP, HEIF and AVIF when libgd is built with support for them, and it also offers animated GIF construction, resampling, rotation, filters and palette/truecolor conversion. The distribution also exposes GD::Font for font handling, GD::Polygon for vector-like shapes and GD::Simple as a friendlier, higher-level drawing layer. Because GD is a thin wrapper around libgd some features depend on the installed libgd version and compile options and palette-based conversions can reduce quality so for best results use truecolor output. If you need programmatic image generation or light image processing from Perl, GD is a mature and widely used choice.

YAML::Safe is a fast, libyaml-backed YAML parser and emitter for Perl that modernizes the old YAML::XS binding by replacing global settings with an object-oriented interface. It provides the familiar Load and Dump functions while encouraging creation of a YAML::Safe object to hold options such as encoding, boolean handling, indentation, canonical key sorting and more. SafeLoad and SafeDump variants let you restrict which Perl classes or tags are allowed so untrusted YAML cannot recreate arbitrary blessed objects by default. The loader is stricter than many older Perl YAML modules but offers a nonstrict mode to improve compatibility when needed, which makes it useful for validating CPAN metadata and interoperating with other YAML implementations. It targets libyaml behavior and supports YAML 1.1 with 1.2 features and it works with streams of UTF-8 octets so you must handle Perl Unicode encoding at the boundaries. If you want a configurable, safe and performant YAML solution for Perl, YAML::Safe is a solid choice.

CPANSA::DB is a minimal Perl module that provides the CPAN Security Advisory dataset as a ready-to-use Perl data structure via a single db() subroutine. It is primarily used by CPAN::Audit but can be consumed by any code that needs a programmatic copy of CPAN security advisories, and each release also ships a JSON equivalent. Releases are published on GitHub and include .gpg signatures plus GitHub attestations so you can verify an archive with the gh attestation command or confirm the file signature with gpg, giving you a verifiable, local copy of the advisory reports for auditing or tooling.

Net::Ping is a Perl module for checking whether remote hosts are reachable from your machine and for measuring simple response times. It supports several protocols so you can choose the best trade off for your environment, including tcp, udp, icmp and icmpv6, a non-blocking syn mode for sending parallel TCP SYNs, a stream mode for keeping connections open, and an external mode that calls the system ping command. The tcp and udp modes work without special privileges while raw icmp usually requires root, and the module lets you customize timeouts, source address, port, packet size and use high precision timing when Time::HiRes is available. Net::Ping also includes convenience features such as wake-on-lan and tools to collect ACKs when using syn mode. Bear in mind that protocol-level reachability is not the same as application health and that some hosts may block or not respond to certain ping methods.

RT::Extension::AttachmentViewer is a small plugin for Request Tracker (RT) that upgrades the attachment dropzone so clicking a thumbnail opens the file in a modal viewer, letting users preview images, PDFs, audio, HTML, and plain text inline while deferring other types to the browser. It works with RT 5 and RT 6 and installs like a typical RT extension by running the Perl build steps, enabling the plugin in RT_SiteConfig, clearing Mason cache, and restarting the web server. The project is actively maintained with recent updates adding RT5 compatibility and security fixes, and the repository URL was corrected in the latest release. If you want quick, in-place previews of common attachment types in RT, this extension provides a simple, drop-in solution.

SPVM::Sys is a comprehensive, cross-platform system-level API that exposes common OS services to SPVM programs so you can do file I/O, directory operations, low-level syscalls, socket programming, time and timezone handling, process control, signals, and user/group and environment management from one place. It wraps fopen/sysopen/read/write/seek/close and directory iteration, provides stat/lstat/fstat and the familiar file-test helpers (like -r, -w, -x, -s, -z), and gives full socket primitives including socket/connect/bind/listen/accept/send/recv/setsockopt along with helpers for address handling and select/poll. The module also includes process operations such as fork/exec/wait/exit/priorities, signal and alarm support, time utilities like localtime/gmtime/utime, environment access, and convenient STDIN/STDOUT/STDERR streams. Windows filename handling and Unicode are handled automatically by the API, and recent releases added a portable glob implementation with UTF‑8 and Windows case folding support and improvements to TCP keepalive configuration, so it is a good choice when you need low‑level, portable system functionality from SPVM and want a maintained, tested interface.

Async::Event::Interval is a lightweight utility for running Perl callbacks asynchronously on a repeating timer or as one-off background jobs so your main program keeps running. You instantiate an event with a delay and a callback, start and stop it, pass per-run parameters, or use shared_scalar to exchange JSON-representable data between the parent and worker processes, and you can inspect status, runs, errors, pid and other info or wait for a one-shot to finish. The module supports a per-callback timeout, an immediate-on-start option, cooperative stop/restart, automatic child reaping and signal handlers to clean up shared memory, and it exposes a global snapshot of all events for monitoring. In the recent 1.14 update shared_scalar ownership and cleanup were tightened and tied segments are now protected to avoid accidental removal, crash detection and shutdown behavior were hardened, and the IPC::Shareable prerequisite was updated to a newer version to improve reliability.

TimeZone::TimeZoneDB is a compact Perl client for the timezonedb.com API that looks up IANA timezone names and related metadata from latitude and longitude inputs. It lets you plug in your own HTTP user agent, includes optional caching (CHI or a supplied cache) to avoid repeat network calls, and can enforce a minimum interval between requests to respect rate limits. The module validates arguments and surfaces HTTP errors as exceptions while returning undef for non-"OK" API responses, and the API key is sent as a URL parameter but is redacted from error output to avoid leaking secrets. The recent 0.05 release tightened validation so cloning with an invalid ua now croaks and get_time_zone explicitly croaks on undef coordinates, and the distribution added formal specifications and a broad suite of tests. This module is a good fit if you need reliable, cache-aware timezone lookup by coordinates in Perl with easy control over HTTP behavior.

Module::CoreList lets you discover which modules and which versions shipped with every Perl release, either from code or from the command line with the corelist utility. It provides a simple API to ask when a module first appeared, to check whether a module is or was core (optionally requiring a minimum module or Perl version), to search module names by regex, and to find deprecations or removals, plus direct access to built-in data hashes for more detailed inspection. If you need to check portability, decide whether to bundle or depend on a CPAN module, or compare the contents of different Perl releases, this module gives the answers quickly and reliably. It is actively maintained and regularly updated for new Perl releases, most recently including data for Perl v5.43.11.

CPAN::Perl::Releases is a small, up‑to‑date data module that maps Perl release numbers to the relative CPAN authors/id paths where the corresponding tarballs live, making it easy to look up where a given perl tar.gz, tar.bz2 or tar.xz file is stored. Its main routine perl_tarballs returns a hashref of available tarball types for a requested version while perl_versions lists all recorded releases and perl_pumpkins lists the PAUSE IDs of the Perl maintainers. The data is static but maintained regularly as new Perl releases appear on CPAN, most recently updated for Perl v5.43.11.

App::zipdetails is the packaging for the zipdetails utility, a forensic command line tool that inspects and prints the internal structure of ZIP-format files so you can see headers, offsets, compression and encryption methods, extra fields, timestamps and file attributes rather than just the file list. The distribution installs the bin/zipdetails script and focuses on robust parsing and diagnostics for a wide range of ZIP variants including Zip64, spanned or streamed archives, APK/JAR/XPI packages, zipalign padding and many extra-field and OS-specific attribute formats, and it aims to detect inconsistencies, corrupt structures and potential zipbomb or overlap conditions. It offers modes to scan or walk archives, verbose output, filename encoding handling and a redact option for sensitive names. Recent maintenance releases have hardened Zip64 detection and fixed a warning when using --redact, and the module itself is a simple stub that points you to the zipdetails script for usage.

DBIx::QuickDB makes it trivial to spin up temporary database servers for testing and development, supporting PostgreSQL, MySQL/MariaDB, SQLite and an optional DuckDB driver. You can create named databases available globally either at compile time as constants or at runtime via build_db, preload schema files, pick or prefer drivers, and tune behavior with options like autostart, autostop, bootstrap, cleanup and dir for where data lives. Environment variables such as QDB_TMPDIR and DB_VERBOSE let you control temp locations and server output. Recent releases improved shutdown reliability by checking server PIDs and cleaning up stale sockets to avoid hangs and added a DuckDB driver. Note that cleanup will delete the database directory when the program ends so do not enable it on any important data.

Sys::Async::Virt is an asynchronous Perl client for the LibVirt remote protocol that lets you manage virtual machines, networks, storage pools and host resources from Perl code using nonblocking RPC calls that return Future objects you can await with Future::AsyncAwait. It maps the LibVirt C API into an object oriented Perl interface and exposes most LibVirt entry points and constants while also providing event subscriptions so you can react to domain, network, device and storage events. The implementation targets LibVirt protocol version 12.4.0 so it works against newer servers while calls to older servers may fail if the server lacks newer entry points. The distribution is currently marked experimental so the public API may change, and there are a few limitations such as no support for servers missing certain features and some file-descriptor related entry points left unimplemented. If you need a modern, async LibVirt client from Perl to script or automate hypervisor tasks, this module is directly relevant.

Protocol::Sys::Virt implements the LibVirt RPC protocol in Perl, exposing the low-level mechanics needed to build LibVirt-compatible clients and, in theory, servers, and it is designed to enable truly asynchronous interactions with libvirt that higher-level bindings like Sys::Virt do not provide. It tracks LibVirt release v12.4.0 and follows the protocol stability guarantees published by the LibVirt project, making it suitable when you need raw protocol access or want to create non-blocking integrations without relying on Perl threads. Most users who only manage virtual machines will prefer the higher-level Sys::Virt interface, but this distribution is aimed at developers who need protocol-level control or want to implement async client stacks. Be aware that documentation is sparse and the author notes that building a full LibVirt-compatible server is unlikely to be necessary.

EV::Nats is a high-performance, event-driven NATS client for Perl that implements the protocol directly in XS on top of the EV loop with no external C library dependency. It speaks the full NATS protocol including headered messages, wildcards and queue groups, request/reply with an automatic shared inbox, automatic reconnect with state restoration, TCP and Unix sockets, optional TLS and NKey/JWT auth, and higher-level JetStream, KV and ObjectStore helpers. The implementation is optimized for throughput with write coalescing and allocation-free publish paths, and it exposes convenient APIs for publish, subscribe, request, graceful drain and connection callbacks so it fits well in asynchronous applications. Caveats include blocking DNS resolution via getaddrinfo so numeric IPs are recommended for latency-sensitive use, TLS and NKey require OpenSSL at build time, the module treats data as bytes so UTF-8 must be encoded by the caller, and you must not let the EV::Nats instance be destroyed from inside a running callback. Recent fixes in 0.03 address an HMSG header out-of-bounds read and a stack-pointer drift when cancelling pending requests, improving stability for headered messages and request handling.

EV::Memcached is a high-performance asynchronous memcached client for Perl that runs on the libev event loop. It implements the memcached binary protocol in pure XS so no external C library is required and all commands are non-blocking with results delivered to your callbacks. The client supports TCP and Unix sockets, optional SASL PLAIN authentication, pipelined multi-get and fire-and-forget quiet commands, and configurable flow control, timeouts and automatic reconnection while providing predictable lifecycle semantics so pending callbacks are always fired on teardown. It is a good fit for evented Perl applications that need low-latency, high-throughput access to memcached and it treats keys and values as raw byte strings so you should encode/decode UTF-8 yourself. The recent 0.03 release adds scheduling of reconnect attempts for transient connect-setup failures and fixes a short ARITH response parsing bug.

EV::Kafka is a high-performance, asynchronous Kafka and Redpanda client for Perl that implements the Kafka binary protocol in XS and plugs into the EV event loop. It gives you non-blocking producer and consumer APIs, cluster metadata discovery, broker connection pooling, key-based partitioning, idempotent and transactional produce, consumer groups with automatic rebalancing, and offset management, plus optional TLS and SASL (PLAIN and SCRAM-SHA-256/512) authentication and several compression codecs. The module ships a higher-level EV::Kafka::Client for cluster routing and a low-level EV::Kafka::Conn for talking to a single broker, uses request pipelining for throughput, and avoids any librdkafka dependency. Be aware it treats all payloads as raw bytes so you must encode UTF-8 yourself and that DNS lookups for named hosts are blocking, GSSAPI and OAUTHBEARER are not implemented, and the client uses non-flexible API versions to remain compatible with Kafka 0.11+ and Redpanda. Recent updates added zstd and snappy compression support, CRC32C RecordBatch validation and SCRAM server-signature verification, and stricter checks that reject malformed broker response lengths.

EV::ClickHouse is a high-performance, asynchronous ClickHouse client for Perl that plugs into the EV event loop and speaks both the HTTP and native TCP protocols. It gives non-blocking query and insert APIs with built-in features you need in production such as parameterized queries, external in-memory tables, streaming result delivery, an iterator-style pull API, buffered streaming inserts with backpressure, automatic reconnect and multi-host failover, and a connection pool with hedged queries and circuit-breaker behavior. The client supports compression, optional TLS, rich ClickHouse data types with opt-in decoding options, per-query settings and instrumentation hooks, and diagnostic helpers for health checks and graceful shutdown. It is implemented in XS, requires zlib and EV, and will optionally use OpenSSL and liblz4 when available. Use EV::ClickHouse when you need non-blocking, feature-rich access to ClickHouse from event-driven Perl programs such as ETL pipelines, real-time dashboards, or high-concurrency services.

EV::Websockets is a Perl binding that provides high-performance WebSocket client and server support by embedding the libwebsockets C library into the EV event loop. It is aimed at applications that already use EV and runs non-blocking so idle connections do not stall other watchers. You create a Context to manage integration and can open outbound connections, listen for incoming upgrades, or adopt existing sockets. Connections are represented by Connection objects with simple send and send_binary APIs, support for fragmented streaming writes, ping/pong, pause and resume of receives, backpressure hooks via send_queue_size and on_drain, and a per-connection stash for metadata. The module supports TLS, proxies, custom headers and subprotocols and provides lifecycle callbacks such as on_connect, on_message, on_close and on_error. The distribution includes examples, Feersum PSGI integration and benchmarks comparing latency and throughput. Recent 0.08 fixes addressed idle connections stalling the EV loop and crashes when recycling TLS contexts.

Data::Stack::Shared provides a fast, lock-free LIFO stack that multiple processes can use via shared memory on 64-bit Linux. It offers multi-producer, multi-consumer safety by handing out positions with atomic CAS on a top index and using a per-slot publication state so push and pop observe consistent values, and it supports blocking waits with futexes and optional timeouts. There are typed variants for 64-bit integers and fixed-length strings, and stacks can be anonymous, memfd-backed, or file-backed with eventfd support for notifications and simple stats and introspection methods. The module includes a concurrency-safe drain operation that recovers slots left in a writing state after a crashed pusher and recent releases introduce a v2 file format to enable per-slot control for MPMC safety and stricter validation of capacity and file descriptors. Note that the mmap region is writable by any process that opens it so do not share backing files with untrusted parties, and this module is most relevant when you need a high-throughput, low-latency interprocess stack on Linux.

Data::Pool::Shared provides a fixed-size, cross-process object pool in Linux shared memory so you can allocate and return numbered slots much like a tiny allocator and share simple values or raw bytes between processes; it offers raw byte pools plus typed variants for 64-bit and 32-bit integers, doubles, and fixed-length strings, supports memfd and anonymous mappings for safer fd-passing, and exposes raw pointers for FFI and OpenGL. Allocation is lock-free using a CAS bitmap with futex-based blocking when the pool is full, and the module includes atomic primitives for the integer variants, zero-copy read-only scalars for large slots, batch alloc/free for efficiency, guard objects that auto-free on scope exit, and PID-based stale-slot recovery for process crashes. Use this when you need fast, compact shared-state storage across forks or processes and want low-level control and high throughput; be aware the backing region is writable by any process that can open it so do not share files with untrusted parties. Recent updates fixed a leak in batch free, tightened recovery to avoid an ABA race that could free freshly allocated slots, and corrected capacity handling for very large pools.

Data::Graph::Shared provides a fast, concurrent directed weighted graph stored in POSIX shared memory so multiple Linux processes can read and mutate the same graph structure without copying data between processes. It exposes a compact API to add and remove nodes and edges, read node payloads and neighbor lists, and query counts and degrees while protecting mutations with mutexes and a PID-based stale-lock recovery mechanism. The module supports file-backed, anonymous, and memfd-backed maps and integrates with event loops via an eventfd you can notify when the graph changes, making it useful for IPC-heavy tasks such as shared caches, routing tables, or multi-process graph algorithms. Be aware that remove_node is intentionally O(1) and only clears outgoing edges leaving incoming edge slots dangling until reused, and remove_node_full is available when you need to splice incoming edges at O(N+E) cost. It requires 64-bit Perl and Linux and the mmap is writable by any process that opens it so do not share backing files with untrusted parties. Recent releases tightened safety checks to reject max_nodes and max_edges values larger than 2^32 to avoid silent truncation and also improved atomic operations and eventfd behavior for more robust lifecycle handling.

Data::Deque::Shared is a Linux-only, 64-bit Perl module that implements a double-ended queue in shared memory for fast interprocess communication. It provides lock-free push and pop operations at both ends with blocking waits via futex when the deque is full or empty, and it is safe for multi-producer, multi-consumer workloads. The interface includes integer and fixed-length string variants, optional file-backed or memfd-backed backing stores and the ability to reopen from a file descriptor, plus helpers for eventfd notification, stats, sync and unlink. The implementation uses per-slot control words so consumers always see fully published values and the module can drain and force-recover stalled pushes after a short timeout, with recoveries tracked in the stats. It is optimized for throughput and benchmarks show strong single- and multi-process performance versus older shared-queue modules, but string slots use fixed per-entry memory and the capacity is limited to 2^31 or less. Note that the on-disk format was bumped to v2 and older v1 files will not open, the clear method is not concurrency-safe, and the mmap region is writable by any process that opens it so you should not share backing files with untrusted processes.