Robert Rothenberg (CPAN) wrote:
This is really frustrating. I'm not sure how to solve this, aside from
giving up on signing my CPAN uploads altogether.
That signature failures on automated CPAN Tester Reports show up as test
failures only reinforces this view.
I'm curious as to other authors' views on this.
What good are module signatures, anyway?
Good question. I've posted in a number of places that I repeatedly
experience failures in automated installation of modules via cpan
shell/CPAN.pm when the modules are signed -- even though those same
modules install perfectly well when I go through the manual process.
The threads in which I've posted this issue all peter out inconclusively
(unlike most threads based on my questions, which reach clear conclusions).
I don't claim to understand the security issues well. I just know that
on my laptop I'm never successful in installing Module::Build,
PathTools, etc., with the cpan shell.
jimk
