NAME

Test::CPAN::Health::Check::StaleDeps - Check for dependencies pinned to old major versions

SYNOPSIS

use Test::CPAN::Health::Check::StaleDeps;

my $check  = Test::CPAN::Health::Check::StaleDeps->new;
my $result = $check->run($dist);

DESCRIPTION

Compares the minimum declared version for each runtime dependency against the latest release on MetaCPAN. A dependency is flagged as stale when:

  • It has a declared minimum version greater than zero, AND

  • The latest release's leading integer (the component before the first decimal point) is strictly greater than the declared minimum's leading integer.

The score is the fraction of non-stale dependencies expressed as a 0-100 integer. Perl built-in pragmas (lowercase names) and core modules (identified via Module::CoreList when available, or a hardcoded fallback set) are excluded from analysis.

Status thresholds: pass ≥ 80, warn ≥ 60, fail otherwise.

LIMITATIONS

  • Heuristic leading-integer comparison may produce false positives for modules that use date-based (20250101-style) versioning where each year is a new "major".

  • Dependencies declared with version 0 (any version acceptable) are not flagged even if the module has advanced significantly.

  • MetaCPAN is queried serially for each dependency.

run

PURPOSE

Compare declared dependency versions against the latest MetaCPAN releases and return a scored result listing stale dependencies.

API SPECIFICATION

INPUT

dist     Test::CPAN::Health::Distribution  required
context  Hashref                           optional

OUTPUT

Test::CPAN::Health::Result with check_id 'stale_deps'.

MESSAGES

Code  | Severity | Message                               | Resolution
------+----------+---------------------------------------+-----------
SD001 | SKIP     | Network checks disabled               | Remove --no-network
SD002 | SKIP     | No META file found                    | Add META.yml / META.json
SD003 | SKIP     | No checkable runtime dependencies     | n/a
SD004 | PASS     | All N dependencies are current        |
SD005 | WARN     | N of M dependencies may be stale      | Update declared versions
SD006 | FAIL     | N of M dependencies may be stale      | Update declared versions

FORMAL SPECIFICATION

-- Z schema (placeholder) --
StaleDepsOp
stale   : N    -- count of stale deps
total   : N    -- count of checked deps
score   : 0..100
-------------------------------------------------------
no_network    => status = skip
meta = undef  => status = skip
total = 0     => status = skip
score >= 80   => status = pass
score >= 60   => status = warn
score < 60    => status = fail

SIDE EFFECTS

Makes one HTTPS GET request to fastapi.metacpan.org per dependency.

USAGE EXAMPLE

my $result = Test::CPAN::Health::Check::StaleDeps->new->run($dist);
printf "Stale: %s\n", $result->summary;

AUTHOR

Nigel Horne, <njh at nigelhorne.com>

LICENSE AND COPYRIGHT

Copyright (C) 2025-2026 Nigel Horne.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.