CONTENTS

NAME

Perl::Critic::Policy::ValuesAndExpressions::ProhibitComplexVersion - Prohibit version values from outside the module.

AFFILIATION

This Policy is part of the core Perl::Critic distribution.

DESCRIPTION

One tempting way to keep a group of related modules at the same version number is to have all of them import the version number from a designated module. For example, module Foo::Master could be the version master for the Foo package, and all other modules could use its $VERSION by

use Foo::Master; our $VERSION = $Foo::Master::VERSION;

This turns out not to be a good idea, because all sorts of unintended things can happen - anything from unintended version number changes to denial-of-service attacks (since Foo::Master is executed by the 'use').

This policy examines statements that assign to $VERSION, and declares a violation under two circumstances: first, if that statement uses a fully-qualified symbol that did not originate in a package declared in the file; second if there is a use statement on the same line that makes the assignment.

By default, an exception is made for use version; because of its recommendation by Perl Best Practices. See the forbid_use_version configuration variable if you do not want an exception made for use version;.

CONFIGURATION

The construction

use version; our $VERSION = qv('1.2.3');

is exempt from this policy by default, because it is recommended by Perl Best Practices. Should you wish to identify use version; as a violation, add the following to your perlcriticrc file:

[ValuesAndExpressions::ProhibitComplexVersion]
forbid_use_version = 1

CAVEATS

This code assumes that the hallmark of a violation is a 'use' on the same line as the $VERSION assignment, because that is the way to have it seen by ExtUtils::MakeMaker->parse_version(). Other ways to get a version value from outside the module can be imagined, and this policy is currently oblivious to them.

AUTHOR

Thomas R. Wyant, III wyant at cpan dot org

COPYRIGHT

Copyright (c) 2009-2023 Tom Wyant

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The full text of this license can be found in the LICENSE file included with this module.