> On Apr 11, 2018, at 3:28 AM, Neil Bowers <> wrote:
> Hi Moritz,
> I’m emailing you wearing my PAUSE admins hat.
> John Napiorkowski would like to get co-maint on Crypt::OpenSSL::RSA, so he 
> can do a bug fix release (see below).
> If you’re happy for him to have co-maint, I can give it to him on your 
> behalf. Is that ok?
> Cheers,
> Neil
>> Begin forwarded message:
>> From: john napiorkowski <>
>> Subject: Wishing to adopt
>> Date: 10 April 2018 at 15:17:34 BST
>> To:
>> Hi,
>> My company (and apparently a number of people from the look of the bug 
>> queue) rely on this module ( on 
>> the job.  However there is a critical bug in it with an outstanding patch 
>> that the current maintainer doesn't seem interested in dealing with.  Here's 
>> the testers reports:
>> As you can see its failing to install quite consistently over the past year 
>> plus, which is due to critical security fixes in open-ssl becoming the 
>> commonly default install on most servers.  This security fixed version of 
>> open-ssl does not compile with the currently released CPAN code.
>> Here's the bug report / patch from last year:
>> As you can see the patch is trivial.
>> When I emailed the current maintainer, cpan ID 'PERLER' he at first seemed 
>> willing to do one more emergency release to get us past the current crisis.  
>> He did indeed merge the PR but has not released the code to CPAN.  In the 
>> email exchange I had with him he seems to indicate that he doesn't do Perl a 
>> lot anymore and had forgotten how to upload and prep a module for CPAN.  I 
>> gave him instructions via email on how to do that and offered to pair on it 
>> if he was stuck, but I never heard back (that was 2 weeks ago).  Its 
>> starting to look like this is not something the current maintainer wants to 
>> deal with or has time for.  Additionally its not a long term solution since 
>> he has only comaint rights and can't transfer ownership to a willing 
>> maintainer should issues arise in the future.
>> I also emailed the current 'first-come' author 'IROBERTS' who has not  
>> responded to emails for more than 6 weeks and from reviewing the record does 
>> not seem to be active in Perl / CPAN anymore (no uploads to CPAN in more 
>> than 10 years from what I can see).
>> This module is actually fairly important as a number of other modules 
>> related to cryptography use it.  Given that I think it needs a maintainer 
>> willing to do the basics and also one that will turn it over to someone else 
>> should s/he decide to retire (someone with first-come that is willing to 
>> migrate that authority to someone else when the time comes).  I'd be very 
>> willing to become first come on this and release an update since my company 
>> uses it. My CPAN id is JJNAPIORK and I've got a pretty decent track record 
>> on CPAN of doing trustworthy releases.  My plan would be to release quickly 
>> a patched version of this, and also it looks like from the github pull 
>> request record that there's a number of outstanding patches that could be 
>> merged as well.  Also I will contact some of the people that send patches to 
>> this code and find out if they want comaint that way there's no longer a 
>> single point of failure on this.  So I'm requesting that I be granted 
>> first-come on this module.
>> Please let me know what else I should do to make this possible.
>> Regards,
>> John Napiorkowski (JJNAPIORK)
> Cogendo
> T: +44 7880 741899
> W:
> M:
> Cogendo is the trading name of Cogendo Limited, Registered in England & 
> Wales, company no. 8944534. 
> Registered office: 51 West Street, Marlow, Buckinghamshire. SL7 2LS.

Reply via email to