Perl::Critic::Policy::BuiltinFunctions::ProhibitShellDispatch - simple policy prohibiting shell dispatching
This policy has no affiliation The policy is themed: logiclab
, security
.and portability
This documentation describes version 1.00
Using Perl builtins to dispatch to external shell commands are not particularly portable. This policy aims to assist the user in identifying these critical spots in the code and exchange these for pure-perl solutions and CPAN distributions.
The policy scans for: system, exec, qx and the use of backticks, some basic examples.
system "touch $0.lock";
exec "touch $0.lock";
my $hostname = qx/hostname/;
my $hostname = `hostname`;
Instead use the Perl builtins or CPAN distributions. This will make you distribution easier to control and easier to distribute across platforms.
#hostname
use Net::Domain qw(hostname);
Using CPAN distributions and Perl builtins makes it easier to distribute your code and defined you requirements to platforms in your build system.
Additional examples and remedies are most welcome, since I would love to write a 101 demonstrating violations and their remedies.
This Policy is not configurable except for the standard options.
- Perl version 5.8.0
- Perl::Critic
- Perl::Critic::Utils
- Readonly
- Test::More
- Test::Perl::Critic
This distribution has no known incompatibilities.
This distribution has no known bugs or limitations.
As pointed out in bug report RT:91542, some modules and components might
implement methods/routines holding names similar to the builtins system
,
exec
, qx
and similar. I had not anticipated this when first implementing
the policy and I expect there will be more cases where the current implementation
does not handle this well, please file a bugreport if you run into one of these
issues and I will investigate and address accordingly.
Please use Requets Tracker for bug reporting:
http://rt.cpan.org/NoAuth/Bugs.html?Dist=Perl-Critic-Policy-logicLAB-ProhibitShellDispatch
The following policies have been disabled for this distribution
- Perl::Critic::Policy::ValuesAndExpressions::ProhibitConstantPragma
- Perl::Critic::Policy::NamingConventions::Capitalization
- Documentation::RequirePodLinksIncludeText
See also t/perlcriticrc
---------------------------- ------ ------ ------ ------ ------ ------ ------
File stmt bran cond sub pod time total
---------------------------- ------ ------ ------ ------ ------ ------ ------
.../ProhibitShellDispatch.pm 100.0 100.0 83.3 100.0 100.0 100.0 98.5
Total 100.0 100.0 83.3 100.0 100.0 100.0 98.5
---------------------------- ------ ------ ------ ------ ------ ------ ------
- http://logiclab.jira.com/wiki/display/PCPLPSD/Home, project Wiki
- Jonas B. (jonasbn)
<jonasbn@cpan.org>
- Johan the Olive, bug reporting on Net::OpenSSH's system (RT:91542)
- Adam Kennedy, author of PPI
- Jeffrey Ryan Thalhammer, author of Perl::Critic
Perl::Critic::Policy::BuiltinFunctions::ProhibitShellDispatch is (C) by Jonas B. (jonasbn) 2013-2019
Perl::Critic::Policy::BuiltinFunctions::ProhibitShellDispatch is released under the artistic license 2.0