diff --git a/ChangeLog b/ChangeLog
index 7d3ab71664185bec727c47b7df44c36965d8d0c1..7755997955ef29b9aaa296cd994fa2c9b5137700 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+0.62 - 2025-01-13, H.Merijn Brand
+ * doc should not be part of test
+
+0.61 - 2025-01-13, H.Merijn Brand
+ * Replace "use vars" with "our" (James Raspass: PR #9)
+ * Specify recommended versions based on known CVE's
+ * Update doc for groff-1.24
+ * It's 2024
+ * Tested with perl-5.40.0
+ * It's 2025
+ * Add SECURITY.md
+
0.60 - 2023-01-06, H.Merijn Brand
* It's 2023
diff --git a/MANIFEST b/MANIFEST
index 3ca0823b31b0c4e447161c07f99382e3965945c1..285b72f805a066b1b38a94c6f14d42d5a04059ce 100755
--- a/MANIFEST
+++ b/MANIFEST
@@ -2,6 +2,7 @@ ChangeLog
MANIFEST
Makefile.PL
CONTRIBUTING.md
+SECURITY.md
cpanfile
README
lib/Bundle/DBD/CSV.pm
diff --git a/META.json b/META.json
index e90f8cebe4ac585b4700d39f62c3ba4abd1c0363..2e7a19c53f1d9243324ebc7bdf5de2be30243466 100644
--- a/META.json
+++ b/META.json
@@ -1,81 +1,94 @@
{
+ "meta-spec" : {
+ "version" : 2,
+ "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec"
+ },
+ "name" : "DBD-CSV",
+ "resources" : {
+ "repository" : {
+ "web" : "https://github.com/perl5-dbi/DBD-CSV",
+ "url" : "https://github.com/perl5-dbi/DBD-CSV",
+ "type" : "git"
+ },
+ "license" : [
+ "http://dev.perl.org/licenses/"
+ ],
+ "bugtracker" : {
+ "web" : "https://github.com/perl5-dbi/DBD-CSV/issues"
+ }
+ },
"provides" : {
"DBD::CSV" : {
- "version" : "0.60",
+ "version" : "0.62",
"file" : "lib/DBD/CSV.pm"
- }
- },
- "abstract" : "DBI driver for CSV files",
- "author" : [
- "Jochen Wiedmann",
- "Jeff Zucker",
- "H.Merijn Brand <h.m.brand@xs4all.nl>",
- "Jens Rehsack <rehsack@cpan.org>"
- ],
+ }
+ },
+ "dynamic_config" : 1,
"prereqs" : {
"configure" : {
+ "suggests" : {
+ "ExtUtils::MakeMaker" : "7.70"
+ },
"requires" : {
"ExtUtils::MakeMaker" : "0",
"DBI" : "1.628"
- }
},
+ "recommends" : {
+ "ExtUtils::MakeMaker" : "7.22"
+ }
+ },
+ "runtime" : {
+ "suggests" : {
+ "DBI" : "1.646"
+ },
+ "recommends" : {
+ "DBD::File" : "0.44",
+ "SQL::Statement" : "1.414",
+ "DBI" : "1.643",
+ "Text::CSV_XS" : "1.59"
+ },
+ "requires" : {
+ "DBD::File" : "0.42",
+ "SQL::Statement" : "1.405",
+ "DBI" : "1.628",
+ "perl" : "5.008001",
+ "Text::CSV_XS" : "1.01"
+ }
+ },
"test" : {
+ "recommends" : {
+ "Encode" : "3.12",
+ "Test::More" : "1.302207"
+ },
"requires" : {
- "charnames" : "0",
"Test::Harness" : "0",
"Test::More" : "0.90",
+ "charnames" : "0",
"Cwd" : "0",
"Encode" : "0"
- },
- "recommends" : {
- "Test::More" : "1.302191"
- }
},
+ "suggests" : {
+ "Encode" : "3.21"
+ }
+ },
"build" : {
"requires" : {
"Config" : "0"
- }
- },
- "runtime" : {
- "recommends" : {
- "DBI" : "1.643",
- "SQL::Statement" : "1.414",
- "DBD::File" : "0.44",
- "Text::CSV_XS" : "1.49"
- },
- "requires" : {
- "perl" : "5.008001",
- "DBI" : "1.628",
- "SQL::Statement" : "1.405",
- "Text::CSV_XS" : "1.01",
- "DBD::File" : "0.42"
- }
}
- },
- "generated_by" : "Author",
+ }
+ },
"license" : [
"perl_5"
- ],
- "meta-spec" : {
- "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec",
- "version" : 2
- },
- "version" : "0.60",
- "release_status" : "stable",
+ ],
+ "author" : [
+ "Jochen Wiedmann",
+ "Jeff Zucker",
+ "H.Merijn Brand <hmbrand@cpan.org>",
+ "Jens Rehsack <rehsack@cpan.org>"
+ ],
+ "abstract" : "DBI driver for CSV files",
+ "generated_by" : "Author",
+ "version" : "0.62",
"x_installdirs" : "site",
- "name" : "DBD-CSV",
- "resources" : {
- "bugtracker" : {
- "web" : "https://github.com/perl5-dbi/DBD-CSV/issues"
- },
- "repository" : {
- "web" : "https://github.com/perl5-dbi/DBD-CSV",
- "url" : "https://github.com/perl5-dbi/DBD-CSV",
- "type" : "git"
- },
- "license" : [
- "http://dev.perl.org/licenses/"
- ]
- },
- "dynamic_config" : 1
- }
+ "release_status" : "stable"
+}
diff --git a/META.yml b/META.yml
index d7a99fb5186854ab4764340b58bbe7f7cc98a341..9b86b1ef6a0601ddc8d793d692d6d5cef7a6398c 100644
--- a/META.yml
+++ b/META.yml
@@ -3,7 +3,7 @@ abstract: DBI driver for CSV files
author:
- Jochen Wiedmann
- Jeff Zucker
- - H.Merijn Brand <h.m.brand@xs4all.nl>
+ - H.Merijn Brand <hmbrand@cpan.org>
- Jens Rehsack <rehsack@cpan.org>
build_requires:
Config: 0
@@ -20,13 +20,14 @@ name: DBD-CSV
provides:
DBD::CSV:
file: lib/DBD/CSV.pm
- version: '0.60'
+ version: '0.62'
recommends:
DBD::File: '0.44'
DBI: '1.643'
+ Encode: '3.12'
SQL::Statement: '1.414'
- Test::More: '1.302191'
- Text::CSV_XS: '1.49'
+ Test::More: '1.302207'
+ Text::CSV_XS: '1.59'
requires:
Cwd: 0
DBD::File: '0.42'
@@ -42,5 +43,5 @@ resources:
bugtracker: https://github.com/perl5-dbi/DBD-CSV/issues
license: http://dev.perl.org/licenses/
repository: https://github.com/perl5-dbi/DBD-CSV
-version: '0.60'
+version: '0.62'
x_installdirs: site
diff --git a/Makefile.PL b/Makefile.PL
index 57942f1b901ac479abf376ae96d2f701314edf71..cb1f479ef33c83a34ae19e02fbca2fbbcc8abdaf 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -1,6 +1,6 @@
# -*- perl -*-
-# Copyright (c) 2009-2023 H.Merijn Brand
+# Copyright (c) 2009-2025 H.Merijn Brand
require 5.008001;
@@ -51,8 +51,6 @@ MSG
sleep 5;
}
-use vars qw( $DBI_INC_DIR );
-
{ my $tmp_dir = File::Spec->tmpdir ();
if (!$ENV{AUTOMATED_TESTING} &&
prompt ("Enable the use of $tmp_dir for tests?", "y") =~ m/[Yy]/) {
@@ -163,13 +161,7 @@ sub postamble {
'',
'doc docs: doc/DBD-CSV.md doc/DBD-CSV.html doc/DBD-CSV.man',
' -@rm -f pod2html.tmp',
- 'doc/DBD-CSV.md: lib/DBD/CSV.pm',
- ' pod2markdown < $? > $@',
- 'doc/DBD-CSV.html: lib/DBD/CSV.pm',
- ' pod2html < $? 2>&1 | grep -v "^Cannot find" > $@',
- 'doc/DBD-CSV.3: lib/DBD/CSV.pm',
- ' pod2man < $? > $@',
- 'doc/DBD-CSV.man: doc/DBD-CSV.3',
- ' nroff -mandoc < $? > $@',
+ 'doc/DBD-CSV.md: lib/DBD/CSV.pm',
+ ' perl doc/make-doc.pl',
$min_vsn;
} # postamble
diff --git a/README b/README
index e3a48349ad9308b8157855c7f384eb221d66dcc2..9c86f3dd14954ec60f9f2ac1557bc90030036618 100755
--- a/README
+++ b/README
@@ -9,7 +9,7 @@ Description
values).
Copying
- Copyright (C) 2009-2023 by H.Merijn Brand
+ Copyright (C) 2009-2025 by H.Merijn Brand
Copyright (C) 2004-2009 by Jeff Zucker
Copyright (C) 1998-2004 by Jochen Wiedmann
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000000000000000000000000000000000..8010621179a657388ea4c3ed081e8c8c2e7a2854
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,101 @@
+# Security Policy for the DBD::CSV distribution.
+
+Report issues via email at: Jochen Wiedmann.
+
+
+This is the Security Policy for the Perl DBD::CSV distribution.
+
+The latest version of the Security Policy can be found in the
+[git repository for DBD::CSV](https://github.com/perl5-dbi/DBD-CSV).
+
+This text is based on the CPAN Security Group's Guidelines for Adding
+a Security Policy to Perl Distributions (version 1.0.0)
+https://security.metacpan.org/docs/guides/security-policy-for-authors.html
+
+# How to Report a Security Vulnerability
+
+Security vulnerabilities can be reported by e-mail to the current
+project maintainers at Jochen Wiedmann.
+
+Please include as many details as possible, including code samples
+or test cases, so that we can reproduce the issue. Check that your
+report does not expose any sensitive data, such as passwords,
+tokens, or personal information.
+
+If you would like any help with triaging the issue, or if the issue
+is being actively exploited, please copy the report to the CPAN
+Security Group (CPANSec) at <cpan-security@security.metacpan.org>.
+
+Please *do not* use the public issue reporting system on RT or
+GitHub issues for reporting security vulnerabilities.
+
+Please do not disclose the security vulnerability in public forums
+until past any proposed date for public disclosure, or it has been
+made public by the maintainers or CPANSec. That includes patches or
+pull requests.
+
+For more information, see
+[Report a Security Issue](https://security.metacpan.org/docs/report.html)
+on the CPANSec website.
+
+## Response to Reports
+
+The maintainer(s) aim to acknowledge your security report as soon as
+possible. However, this project is maintained by a single person in
+their spare time, and they cannot guarantee a rapid response. If you
+have not received a response from them within 10 days, then
+please send a reminder to them and copy the report to CPANSec at
+<cpan-security@security.metacpan.org>.
+
+Please note that the initial response to your report will be an
+acknowledgement, with a possible query for more information. It
+will not necessarily include any fixes for the issue.
+
+The project maintainer(s) may forward this issue to the security
+contacts for other projects where we believe it is relevant. This
+may include embedded libraries, system libraries, prerequisite
+modules or downstream software that uses this software.
+
+They may also forward this issue to CPANSec.
+
+# Which Software This Policy Applies To
+
+Any security vulnerabilities in DBD::CSV are covered by this policy.
+
+Security vulnerabilities are considered anything that allows users
+to execute unauthorised code, access unauthorised resources, or to
+have an adverse impact on accessibility or performance of a system.
+
+Security vulnerabilities in upstream software (embedded libraries,
+prerequisite modules or system libraries, or in Perl), are not
+covered by this policy unless they affect DBD::CSV, or DBD::CSV can
+be used to exploit vulnerabilities in them.
+
+Security vulnerabilities in downstream software (any software that
+uses DBD::CSV, or plugins to it that are not included with the
+DBD::CSV distribution) are not covered by this policy.
+
+## Supported Versions of DBD::CSV
+
+The maintainer(s) will only commit to releasing security fixes for
+the latest version of DBD::CSV.
+
+Note that the DBD::CSV project only supports major versions of Perl
+released in the past 5 years, even though DBD::CSV will run on
+older versions of Perl. If a security fix requires us to increase
+the minimum version of Perl that is supported, then we may do so.
+
+# Installation and Usage Issues
+
+The distribution metadata specifies minimum versions of
+prerequisites that are required for DBD::CSV to work. However, some
+of these prerequisites may have security vulnerabilities, and you
+should ensure that you are using up-to-date versions of these
+prerequisites.
+
+Where security vulnerabilities are known, the metadata may indicate
+newer versions as recommended.
+
+## Usage
+
+Please see the software documentation for further information.
diff --git a/cpanfile b/cpanfile
index 7b6bb392b21f1c2654426c9f00f593729a040fa3..cfc8561cb39476a0152da06e8f4b2e74d23cb68a 100644
--- a/cpanfile
+++ b/cpanfile
@@ -6,11 +6,17 @@ requires "Text::CSV_XS" => "1.01";
recommends "DBD::File" => "0.44";
recommends "DBI" => "1.643";
recommends "SQL::Statement" => "1.414";
-recommends "Text::CSV_XS" => "1.49";
+recommends "Text::CSV_XS" => "1.59";
+
+suggests "DBI" => "1.646";
on "configure" => sub {
requires "DBI" => "1.628";
requires "ExtUtils::MakeMaker";
+
+ recommends "ExtUtils::MakeMaker" => "7.22";
+
+ suggests "ExtUtils::MakeMaker" => "7.70";
};
on "build" => sub {
@@ -24,5 +30,8 @@ on "test" => sub {
requires "Test::More" => "0.90";
requires "charnames";
- recommends "Test::More" => "1.302191";
+ recommends "Encode" => "3.12";
+ recommends "Test::More" => "1.302207";
+
+ suggests "Encode" => "3.21";
};
diff --git a/debian/changelog b/debian/changelog
index 13b034d82660fceb481f253d1cf4873f9bfde32f..b9ce32e338ee5abd03e4f071d92335c266417855 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+libdbd-csv-perl (0.6200-1) unstable; urgency=medium
+
+ * Import upstream version 0.6200.
+ * Update years of upstream and packaging copyright.
+ * Update upstream email address.
+ * Add new SECURITY.md file.
+ * Declare compliance with Debian Policy 4.7.0.
+
+ -- gregor herrmann <gregoa@debian.org> Sat, 01 Feb 2025 00:49:06 +0100
+
libdbd-csv-perl (0.6000-1) unstable; urgency=medium
* Import upstream version 0.5900.
diff --git a/debian/control b/debian/control
index 2b65601a37b4322f16f181b52ae86388c0755a07..86be916445366773762d58a557be7d2d48eee3d5 100644
--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,7 @@ Build-Depends-Indep: libdbi-perl <!nocheck>,
libsql-statement-perl <!nocheck>,
libtext-csv-xs-perl <!nocheck>,
perl
-Standards-Version: 4.6.2
+Standards-Version: 4.7.0
Vcs-Browser: https://salsa.debian.org/perl-team/modules/packages/libdbd-csv-perl
Vcs-Git: https://salsa.debian.org/perl-team/modules/packages/libdbd-csv-perl.git
Homepage: https://metacpan.org/release/DBD-CSV
diff --git a/debian/copyright b/debian/copyright
index 85844ad1b93dab3a60831d18da61d1d00fd9a476..78dae169c364f8f097fd231ce46dd12306c6a4f4 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,12 +1,12 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: DBD-CSV
-Upstream-Contact: H.Merijn Brand <h.m.brand@xs4all.nl>
+Upstream-Contact: H.Merijn Brand <hmbrand@cpan.org>
Source: https://metacpan.org/release/DBD-CSV
Files: *
Copyright: 1998-2004, Jochen Wiedmann <jwied@cpan.org>
2004-2009, Jeff Zucker <jeff@vpservices.com>
- 2009-2023, H.Merijn Brand <h.m.brand@xs4all.nl>
+ 2009-2025, H.Merijn Brand <hmbrand@cpan.org>
License: Artistic or GPL-1+
Files: debian/*
@@ -16,7 +16,7 @@ Copyright: 1998, Craig Sanders <cas@taz.net.au>
2004, Christian Hammers <ch@debian.org>
2004, Frank Lichtenheld <djpig@debian.org>
2004-2005, Gunnar Wolf <gwolf@debian.org>
- 2006-2023, gregor herrmann <gregoa@debian.org>
+ 2006-2025, gregor herrmann <gregoa@debian.org>
2009-2010, Jonathan Yu <jawnsy@cpan.org>
2010-2011, Ansgar Burchardt <ansgar@debian.org>
2010, Nicholas Bamber <nicholas@periapt.co.uk>
diff --git a/debian/libdbd-csv-perl.docs b/debian/libdbd-csv-perl.docs
index a1892e3ce55ba0f9454fdf1695b48156312d1b58..a6f176259cbdab1a92322250395c24a9636387ee 100644
--- a/debian/libdbd-csv-perl.docs
+++ b/debian/libdbd-csv-perl.docs
@@ -1 +1,2 @@
CONTRIBUTING.md
+SECURITY.md
diff --git a/lib/Bundle/DBD/CSV.pm b/lib/Bundle/DBD/CSV.pm
index 4b99e40932c3ed31926424646a8bd33a6ed9f09f..9ed60ee1e93ab3ba5d8f811d098efc8ce44ff128 100755
--- a/lib/Bundle/DBD/CSV.pm
+++ b/lib/Bundle/DBD/CSV.pm
@@ -5,7 +5,7 @@ package Bundle::DBD::CSV;
use strict;
use warnings;
-our $VERSION = "1.16";
+our $VERSION = "1.17";
1;
@@ -21,15 +21,15 @@ Bundle::DBD::CSV - A bundle to install the DBD::CSV driver
=head1 CONTENTS
-DBI 1.643
+DBI 1.646
-Text::CSV_XS 1.49
+Text::CSV_XS 1.59
SQL::Statement 1.414
DBD::File 0.44
-DBD::CSV 0.60
+DBD::CSV 0.62
=head1 DESCRIPTION
@@ -44,7 +44,7 @@ This module is currently maintained by
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2009-2023 by H.Merijn Brand
+Copyright (C) 2009-2025 by H.Merijn Brand
Copyright (C) 2004-2009 by Jeff Zucker
Copyright (C) 1998-2004 by Jochen Wiedmann
diff --git a/lib/DBD/CSV.pm b/lib/DBD/CSV.pm
index 054323cfa1fd3ae939245ebf413aa595eff59e7a..60deb111e0be7b001a1d3d213d195e0f5cd228e3 100755
--- a/lib/DBD/CSV.pm
+++ b/lib/DBD/CSV.pm
@@ -27,17 +27,15 @@ package DBD::CSV;
use strict;
-use vars qw( @ISA $VERSION $ATTRIBUTION $drh $err $errstr $sqlstate );
+our @ISA = qw( DBD::File );
-@ISA = qw( DBD::File );
+our $VERSION = "0.62";
+our $ATTRIBUTION = "DBD::CSV $DBD::CSV::VERSION by H.Merijn Brand";
-$VERSION = "0.60";
-$ATTRIBUTION = "DBD::CSV $DBD::CSV::VERSION by H.Merijn Brand";
-
-$err = 0; # holds error code for DBI::err
-$errstr = ""; # holds error string for DBI::errstr
-$sqlstate = ""; # holds error state for DBI::state
-$drh = undef; # holds driver handle once initialized
+our $err = 0; # holds error code for DBI::err
+our $errstr = ""; # holds error string for DBI::errstr
+our $sqlstate = ""; # holds error state for DBI::state
+our $drh = undef; # holds driver handle once initialized
sub CLONE { # empty method: prevent warnings when threads are cloned
} # CLONE
@@ -49,9 +47,8 @@ package DBD::CSV::dr;
use strict;
use Text::CSV_XS ();
-use vars qw( @ISA @CSV_TYPES );
-@CSV_TYPES = (
+our @CSV_TYPES = (
Text::CSV_XS::IV (), # SQL_TINYINT
Text::CSV_XS::IV (), # SQL_BIGINT
Text::CSV_XS::PV (), # SQL_LONGVARBINARY
@@ -1341,7 +1338,7 @@ Previous maintainer was Jeff Zucker
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2009-2023 by H.Merijn Brand
+Copyright (C) 2009-2025 by H.Merijn Brand
Copyright (C) 2004-2009 by Jeff Zucker
Copyright (C) 1998-2004 by Jochen Wiedmann