Y
Hacker News
new
|
ask
|
show
|
jobs
by
shabble
4783 days ago
And, that the package(s) you're trojaning aren't signed[1] (I'm not immediately sure if new releases are automagically signed/digested when uploaded via PAUSE, or what fraction of currect packages are signed)
[1]
http://search.cpan.org/~dagolden/CPAN-1.94_65/lib/CPAN.pm#Cr...