K
kj
I'm writing a library that is supposed to be customized with
potentially sensitive info (passwords, etc.). All these variables
are defined in a file MyModule/Config.pm:
package MyModule::Config;
our %Config = (
user => 'yours_truly',
password => 'topsecret',
# etc., etc.
);
During development, my working copy of MyModule/Config.pm holds
real values for various variables, which obviously I don't want to
publicize. This means that, in order to build the distribution
package for release, one of the things I must do is change all the
values of these variables. Conversely, if I want to test a released
version of our software, as stored in our CVS repository, I first
must change the values of these variables back to those that make
sense for our system. There is always a mismatch between what we
release and what we use locally , and at least one of these must
necessarily be different from what is stored in our CVS repository.
Hence, there's a major conflict between the desire to make our CVS
repository world-accessible, and the the developers' wish to be
able to commit to the repository files that have sensitive information.
Some possible ways to solve or mitigate this problem (e.g.
/usr/bin/make) have nothing to do with Perl, but I was wondering
if there are Perl techniques to architect such software that would
facilitate implementing a solution to this problem.
Thank you very much for your thoughts,
kj
potentially sensitive info (passwords, etc.). All these variables
are defined in a file MyModule/Config.pm:
package MyModule::Config;
our %Config = (
user => 'yours_truly',
password => 'topsecret',
# etc., etc.
);
During development, my working copy of MyModule/Config.pm holds
real values for various variables, which obviously I don't want to
publicize. This means that, in order to build the distribution
package for release, one of the things I must do is change all the
values of these variables. Conversely, if I want to test a released
version of our software, as stored in our CVS repository, I first
must change the values of these variables back to those that make
sense for our system. There is always a mismatch between what we
release and what we use locally , and at least one of these must
necessarily be different from what is stored in our CVS repository.
Hence, there's a major conflict between the desire to make our CVS
repository world-accessible, and the the developers' wish to be
able to commit to the repository files that have sensitive information.
Some possible ways to solve or mitigate this problem (e.g.
/usr/bin/make) have nothing to do with Perl, but I was wondering
if there are Perl techniques to architect such software that would
facilitate implementing a solution to this problem.
Thank you very much for your thoughts,
kj