Welcome to the CPAN Security Group. This is a community effort for supporting and responding to security incidents on CPAN – the Comprehensive Perl Archive Network.
This group also cares about security-related topics around CPAN distributions, the CPAN/PAUSE infrastructure, and about tooling and the ecosystem in general. Over time, we aim to improve supply chain security, make CPAN a more secure and trustworthy publishing platform, and more.
On CPAN, improving security is a volunteer-driven collaborative effort. If you care and would like to make a contribution or join, you are welcome to do so!
- Explore our main website
- Check us out on Github
- Join us in our Matrix channel, #cpansec-discussion on matrix.org
- Join us in our IRC channel, #cpan-security on irc.perl.org
- Send an e-mail to the CPAN Security Group <[email protected]> 📧
- Subscribe to @[email protected] on the Fediverse 🐘
- Documents and other relevant resources
- How to Report a Security Issue
- Pre-Release Disclosure Agreement
- Group charter
⚠️ DRAFT - Standards and regulations reading list
⚠️ DRAFT - Guides
- Projects overview on Github
- Meetings information and minutes
- Presentations about us and our work