App-MechaCPAN
view release on metacpan or search on metacpan
Install modules
Then it will use the installed perl to install all the module
dependencies that are listed in the cpanfile.
COMMANDS
Perl
user@host:~$ mechacpan perl 5.24
The perl command is used to install perl into local/. This removes the
packages dependency on the operating system perl. By default, it tries
to be helpful and include lib/ and local/ into @INC automatically, but
this feature can be disabled. See App::MechaCPAN::Perl for more
details.
Install
user@host:~$ mechacpan install Catalyst
The install command is used for installing specific modules. All
modules are installed into the local/ directory. See See
App::MechaCPAN::Install for more details.
Deploy
user@host:~$ mechacpan deploy
The deploy command is used for automating a deployment. It will install
both perl and all the modules specified from the cpanfile. If there is
a cpanfile.snapshot that was created by Carton, deploy will treat the
modules lised in the snapshot file as the only modules available to
install. See App::MechaCPAN::Deploy for more details.
OPTIONS
Besides the options that the individual commands take, App::MechaCPAN
takes several that are always available.
--verbose
By default only informational descriptions of what is happening is
shown. Turning verbose on will show every command and all output
produced by running each command. Note that this is not the opposite of
quiet.
--quiet
Using quiet means that the normal information descriptions are hidden.
Note that this is not the opposite of verbose, turning both options on
means no descriptions will be show, but all output from all commands
will be.
--no-log
A log is normally outputted into the local/logs directory. This option
will prevent a log from being created.
--verify
When --verify is given, a verification of the CPAN CHECKSUMS file
during module install is required. Note that packages from BackPAN
<https://backpan.perl.org/> will not verify when --verify is given.
This process includes three steps after downloading the CHECKSUMS file
from CPAN for the module.
1. Confirm the shape of CHECKSUMS
CHECKSUMS files contain all the files and the file checksums for a
CPAN author's uploads. This file is compared against a rigid
definition to ensure that it does not appear to be doing anything
malicious.
2. Confirm the signature of CHECKSUMS
Once the CHECKSUMS structure has been examined, the embedded
signature is verified. The CHECKSUMS file is signed using the PAUSE
Batch Signing Key (2E66 557A B97C 19C7 91AF 8E20 328D A867 450F 89EC,
accessible at https://www.cpan.org/modules/04pause.html). This
signature is checked with an external PGP signature verification
program. See below for a list of usable external verification
programs.
3. Compare the sha256 of the downloaded module to CHECKSUMS
Once the CHECKSUMS file has been checked, the size, CPAN author path,
and the sha256 value of the downloaded module archive are compared
against the values from the CHECKSUMS file. These values must match.
You can also disable CHECKSUMS verification completely with
--no-verify. That will prevent all of these steps from running at all.
When neither option is provided then the signature checking step is
attempted, but will not produce an error if the external verification
program could not be found, or the file is from backpan and has no
corrisponding CHECKSUMS entry. An error is still raised if any other
parts of the process finds a problem.
If MetaCPAN <https://metacpan.org> was used to find a module, the
search will include the SHA256 of the package, which will be checked
against the downloaded archive. This check cannot be disabled
currently.
The verification programs that can be used are: gpgv
<https://www.gnupg.org/>, sqv <https://sequoia-pgp.org/>, gpg, sq, and
rnp <https://www.rnpgp.org/>.
--directory=<path>
Changes to a specified directory before any processing is done. This
allows you to specify what directory you want local/ to be in. If this
isn't provided, the current working directory is used instead.
--build-reusable-perl
Giving this options will override the mode of operation and generate a
reusable, relocatable perl archive. This accepts the same parameters as
the Perl command (i.e. "devel" and "threads") to generate the binary.
Note that the lib/ directory is always included unless the --skip-lib
option is included. The archive name will generally reflect what
systems the resuling archive can run on. Because of the nature of how
perl builds binaries, it cannot guarantee that it will work on any
given system. This option will have the best luck if you use it with
the same version of a distribution.
Once you have a reusable binary archive, App::MechaCPAN::Perl can use
that archive as a source file and install the binaries into the local
directory. This can be handy if you are building a lot of identical
systems and only want to build perl once.
The exact parameters included in the archive name are:
* The version built
* The architecture name, as found in the first piece of
$Config{archname}
* The Operating System, as found in $Config{osname}
* Optionally notes if it was built with threads
* The name of the libc used
* The version of the libc used
* The so version of libraries used, with common libaries being
abbreviated
An example archive name would be
perl-v5.36.0-x86_64-linux-glibc-2.35-y1.1n2.0u1.tar.xz
( run in 1.195 second using v1.01-cache-2.11-cpan-85f18b9d64f )