NAME
App::Project::Doctor::Check::Security - Check for missing pragmas and hardcoded secrets
DESCRIPTION
Two security checks across all Perl source files:
- 1.
use strictanduse warningspresent in every.pmand script. - 2. Scan for hardcoded credential patterns (passwords, API keys, AWS key prefixes, PEM private key headers).
Pragma fixes are automated; credential findings require manual resolution.
MESSAGES
Code | Trigger | Resolution
-----|------------------------------|-------------------------------------------
S001 | Missing 'use strict' | Fix inserts pragma after package declaration
S002 | Missing 'use warnings' | Fix inserts pragma after package declaration
S003 | Possible hardcoded secret | Move to env var / external config
FORMAL SPECIFICATION
check : Context -> [Finding]
check ctx ==
concat [ check_file f | f <- perl_files ctx ]
where
check_file f ==
strict_check f ++ warnings_check f ++ credential_check f
AUTHOR
Nigel Horne <njh@nigelhorne.com>
LICENSE
Copyright (C) 2026 Nigel Horne. This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.