On Wed, Feb 24, 2010 at 12:17 AM, Andreas J. Koenig
<andreas.koenig.7os6v...@franz.ak.mind.de> wrote:
>>>>>> On Tue, 23 Feb 2010 21:57:07 +1100, Adam Kennedy <a...@ali.as> said:
>
> > There is no reason to impose this kind of thing on end users, as the
> > failure does not actually prevent the module from working, and the end
> > user will have no way to resolve the problem.
>
> > As for the test failing, the problem here is that in order to be work
> > correctly, the test must be run before Makefile.PL is run at the very
> > least, or ideally they should be run before the tarball is
> > extracted.
>
> This is irrelevant here because we absolutely agree that the test is not
> the security test itself, it is a test that indicates that the security
> check isn't flawed.
There's two arguments against it, I just wanted to make clear we were
agreed on the security part.
> This is quite a different argumentation than it was at the beginning of
> this thread, and I have no problem with that. We will agree that
> 'dropped for end user' is not the same as 'removed'. And it's actually
> what Module::Signature suggests in the manpage with
>
> if (!$ENV{TEST_SIGNATURE}) {
> print "ok 1 # skip Set the environment variable",
>
> Isn't it?
What is this TEST_SIGNATURE? It's a completely made up environment
variable for this module alone.
It would be better to at least use RELEASE_TESTING, or
AUTOMATED_TESTING, or both...
Adam K
