1PERLPOLICY(1) Perl Programmers Reference Guide PERLPOLICY(1)
2
6 perlpolicy - Various and sundry policies and commitments related to the
7 Perl core
8
10 This document is the master document which records all written policies
11 about how the Perl 5 Porters collectively develop and maintain the Perl
12 core.
13
15 Perl 5 Porters
16 Subscribers to perl5-porters (the porters themselves) come in several
17 flavours. Some are quiet curious lurkers, who rarely pitch in and
18 instead watch the ongoing development to ensure they're forewarned of
19 new changes or features in Perl. Some are representatives of vendors,
20 who are there to make sure that Perl continues to compile and work on
21 their platforms. Some patch any reported bug that they know how to
22 fix, some are actively patching their pet area (threads, Win32, the
23 regexp -engine), while others seem to do nothing but complain. In
24 other words, it's your usual mix of technical people.
25 Over this group of porters presides Larry Wall. He has the final word
27 in what does and does not change in any of the Perl programming
28 languages. These days, Larry spends most of his time on Perl 6, while
29 Perl 5 is shepherded by a "pumpking", a porter responsible for deciding
30 what goes into each release and ensuring that releases happen on a
31 regular basis.
32 Larry sees Perl development along the lines of the US government:
34 there's the Legislature (the porters), the Executive branch (the
35 -pumpking), and the Supreme Court (Larry). The legislature can discuss
36 and submit patches to the executive branch all they like, but the
37 executive branch is free to veto them. Rarely, the Supreme Court will
38 side with the executive branch over the legislature, or the legislature
39 over the executive branch. Mostly, however, the legislature and the
40 executive branch are supposed to get along and work out their
41 differences without impeachment or court cases.
42 You might sometimes see reference to Rule 1 and Rule 2. Larry's power
44 as Supreme Court is expressed in The Rules:
45 1. Larry is always by definition right about how Perl should behave.
47 This means he has final veto power on the core functionality.
48 2. Larry is allowed to change his mind about any matter at a later
50 date, regardless of whether he previously invoked Rule 1.
51 Got that? Larry is always right, even when he was wrong. It's rare to
53 see either Rule exercised, but they are often alluded to.
54
56 Perl 5 is developed by a community, not a corporate entity. Every
57 change contributed to the Perl core is the result of a donation.
58 Typically, these donations are contributions of code or time by
59 individual members of our community. On occasion, these donations come
60 in the form of corporate or organizational sponsorship of a particular
61 individual or project.
62 As a volunteer organization, the commitments we make are heavily
64 dependent on the goodwill and hard work of individuals who have no
65 obligation to contribute to Perl.
66 That being said, we value Perl's stability and security and have long
68 had an unwritten covenant with the broader Perl community to support
69 and maintain releases of Perl.
70 This document codifies the support and maintenance commitments that the
72 Perl community should expect from Perl's developers:
73 · We "officially" support the two most recent stable release series.
75 5.22.x and earlier are now out of support. As of the release of
76 5.28.0, we will "officially" end support for Perl 5.24.x, other
77 than providing security updates as described below.
78 · To the best of our ability, we will attempt to fix critical issues
80 in the two most recent stable 5.x release series. Fixes for the
81 current release series take precedence over fixes for the previous
82 release series.
83 · To the best of our ability, we will provide "critical" security
85 patches / releases for any major version of Perl whose 5.x.0
86 release was within the past three years. We can only commit to
87 providing these for the most recent .y release in any 5.x.y series.
88 · We will not provide security updates or bug fixes for development
90 releases of Perl.
91 · We encourage vendors to ship the most recent supported release of
93 Perl at the time of their code freeze.
94 · As a vendor, you may have a requirement to backport security fixes
96 beyond our 3 year support commitment. We can provide limited
97 support and advice to you as you do so and, where possible will try
98 to apply those patches to the relevant -maint branches in git,
99 though we may or may not choose to make numbered releases or
100 "official" patches available. See "SECURITY VULNERABILITY CONTACT
101 INFORMATION" in perlsec for details on how to begin that process.
102
104 Our community has a long-held belief that backward-compatibility is a
105 virtue, even when the functionality in question is a design flaw.
106 We would all love to unmake some mistakes we've made over the past
108 decades. Living with every design error we've ever made can lead to
109 painful stagnation. Unwinding our mistakes is very, very difficult.
110 Doing so without actively harming our users is nearly impossible.
111 Lately, ignoring or actively opposing compatibility with earlier
113 versions of Perl has come into vogue. Sometimes, a change is proposed
114 which wants to usurp syntax which previously had another meaning.
115 Sometimes, a change wants to improve previously-crazy semantics.
116 Down this road lies madness.
118 Requiring end-user programmers to change just a few language
120 constructs, even language constructs which no well-educated developer
121 would ever intentionally use is tantamount to saying "you should not
122 upgrade to a new release of Perl unless you have 100% test coverage and
123 can do a full manual audit of your codebase." If we were to have tools
124 capable of reliably upgrading Perl source code from one version of Perl
125 to another, this concern could be significantly mitigated.
126 We want to ensure that Perl continues to grow and flourish in the
128 coming years and decades, but not at the expense of our user community.
129 Existing syntax and semantics should only be marked for destruction in
131 very limited circumstances. If they are believed to be very rarely
132 used, stand in the way of actual improvement to the Perl language or
133 perl interpreter, and if affected code can be easily updated to
134 continue working, they may be considered for removal. When in doubt,
135 caution dictates that we will favor backward compatibility. When a
136 feature is deprecated, a statement of reasoning describing the decision
137 process will be posted, and a link to it will be provided in the
138 relevant perldelta documents.
139 Using a lexical pragma to enable or disable legacy behavior should be
141 considered when appropriate, and in the absence of any pragma legacy
142 behavior should be enabled. Which backward-incompatible changes are
143 controlled implicitly by a 'use v5.x.y' is a decision which should be
144 made by the pumpking in consultation with the community.
145 Historically, we've held ourselves to a far higher standard than
147 backward-compatibility -- bugward-compatibility. Any accident of
148 implementation or unintentional side-effect of running some bit of code
149 has been considered to be a feature of the language to be defended with
150 the same zeal as any other feature or functionality. No matter how
151 frustrating these unintentional features may be to us as we continue to
152 improve Perl, these unintentional features often deserve our
153 protection. It is very important that existing software written in
154 Perl continue to work correctly. If end-user developers have adopted a
155 bug as a feature, we need to treat it as such.
156 New syntax and semantics which don't break existing language constructs
158 and syntax have a much lower bar. They merely need to prove themselves
159 to be useful, elegant, well designed, and well tested. In most cases,
160 these additions will be marked as experimental for some time. See
161 below for more on that.
162 Terminology
164 To make sure we're talking about the same thing when we discuss the
165 removal of features or functionality from the Perl core, we have
166 specific definitions for a few words and phrases.
167 experimental
169 If something in the Perl core is marked as experimental, we may
170 change its behaviour, deprecate or remove it without notice. While
171 we'll always do our best to smooth the transition path for users of
172 experimental features, you should contact the perl5-porters
173 mailinglist if you find an experimental feature useful and want to
174 help shape its future.
175 Experimental features must be experimental in two stable releases
177 before being marked non-experimental. Experimental features will
178 only have their experimental status revoked when they no longer
179 have any design-changing bugs open against them and when they have
180 remained unchanged in behavior for the entire length of a
181 development cycle. In other words, a feature present in v5.20.0
182 may be marked no longer experimental in v5.22.0 if and only if its
183 behavior is unchanged throughout all of v5.21.
184 deprecated
186 If something in the Perl core is marked as deprecated, we may
187 remove it from the core in the future, though we might not.
188 Generally, backward incompatible changes will have deprecation
189 warnings for two release cycles before being removed, but may be
190 removed after just one cycle if the risk seems quite low or the
191 benefits quite high.
192 As of Perl 5.12, deprecated features and modules warn the user as
194 they're used. When a module is deprecated, it will also be made
195 available on CPAN. Installing it from CPAN will silence
196 deprecation warnings for that module.
197 If you use a deprecated feature or module and believe that its
199 removal from the Perl core would be a mistake, please contact the
200 perl5-porters mailinglist and plead your case. We don't deprecate
201 things without a good reason, but sometimes there's a
202 counterargument we haven't considered. Historically, we did not
203 distinguish between "deprecated" and "discouraged" features.
204 discouraged
206 From time to time, we may mark language constructs and features
207 which we consider to have been mistakes as discouraged.
208 Discouraged features aren't currently candidates for removal, but
209 we may later deprecate them if they're found to stand in the way of
210 a significant improvement to the Perl core.
211 removed
213 Once a feature, construct or module has been marked as deprecated,
214 we may remove it from the Perl core. Unsurprisingly, we say we've
215 removed these things. When a module is removed, it will no longer
216 ship with Perl, but will continue to be available on CPAN.
217
219 New releases of maintenance branches should only contain changes that
220 fall into one of the "acceptable" categories set out below, but must
221 not contain any changes that fall into one of the "unacceptable"
222 categories. (For example, a fix for a crashing bug must not be
223 included if it breaks binary compatibility.)
224 It is not necessary to include every change meeting these criteria, and
226 in general the focus should be on addressing security issues, crashing
227 bugs, regressions and serious installation issues. The temptation to
228 include a plethora of minor changes that don't affect the installation
229 or execution of perl (e.g. spelling corrections in documentation)
230 should be resisted in order to reduce the overall risk of overlooking
231 something. The intention is to create maintenance releases which are
232 both worthwhile and which users can have full confidence in the
233 stability of. (A secondary concern is to avoid burning out the maint-
234 pumpking or overwhelming other committers voting on changes to be
235 included (see "Getting changes into a maint branch" below).)
236 The following types of change may be considered acceptable, as long as
238 they do not also fall into any of the "unacceptable" categories set out
239 below:
240 · Patches that fix CVEs or security issues. These changes should be
242 passed using the security reporting mechanism rather than applied
243 directly; see "SECURITY VULNERABILITY CONTACT INFORMATION" in
244 perlsec.
245 · Patches that fix crashing bugs, assertion failures and memory
247 corruption but which do not otherwise change perl's functionality
248 or negatively impact performance.
249 · Patches that fix regressions in perl's behavior relative to
251 previous releases, no matter how old the regression, since some
252 people may upgrade from very old versions of perl to the latest
253 version.
254 · Patches that fix bugs in features that were new in the
256 corresponding 5.x.0 stable release.
257 · Patches that fix anything which prevents or seriously impacts the
259 build or installation of perl.
260 · Portability fixes, such as changes to Configure and the files in
262 the hints/ folder.
263 · Minimal patches that fix platform-specific test failures.
265 · Documentation updates that correct factual errors, explain
267 significant bugs or deficiencies in the current implementation, or
268 fix broken markup.
269 · Updates to dual-life modules should consist of minimal patches to
271 fix crashing bugs or security issues (as above). Any changes made
272 to dual-life modules for which CPAN is canonical should be
273 coordinated with the upstream author.
274 The following types of change are NOT acceptable:
276 · Patches that break binary compatibility. (Please talk to a
278 pumpking.)
279 · Patches that add or remove features.
281 · Patches that add new warnings or errors or deprecate features.
283 · Ports of Perl to a new platform, architecture or OS release that
285 involve changes to the implementation.
286 · New versions of dual-life modules should NOT be imported into
288 maint. Those belong in the next stable series.
289 If there is any question about whether a given patch might merit
291 inclusion in a maint release, then it almost certainly should not be
292 included.
293 Getting changes into a maint branch
295 Historically, only the pumpking cherry-picked changes from bleadperl
296 into maintperl. This has scaling problems. At the same time,
297 maintenance branches of stable versions of Perl need to be treated with
298 great care. To that end, as of Perl 5.12, we have a new process for
299 maint branches.
300 Any committer may cherry-pick any commit from blead to a maint branch
302 by first adding an entry to the relevant voting file in the maint-votes
303 branch announcing the commit as a candidate for back-porting, and then
304 waiting for at least two other committers to add their votes in support
305 of this (i.e. a total of at least three votes is required before a
306 commit may be back-ported).
307 Most of the work involved in both rounding up a suitable set of
309 candidate commits and cherry-picking those for which three votes have
310 been cast will be done by the maint branch release manager, but anyone
311 else is free to add other proposals if they're keen to ensure certain
312 fixes don't get overlooked or fear they already have been.
313 Other voting mechanisms may also be used instead (e.g. sending mail to
315 perl5-porters and at least two other committers responding to the list
316 giving their assent), as long as the same number of votes is gathered
317 in a transparent manner. Specifically, proposals of which changes to
318 cherry-pick must be visible to everyone on perl5-porters so that the
319 views of everyone interested may be heard.
320 It is not necessary for voting to be held on cherry-picking perldelta
322 entries associated with changes that have already been cherry-picked,
323 nor for the maint-pumpking to obtain votes on changes required by the
324 Porting/release_managers_guide.pod where such changes can be applied by
325 the means of cherry-picking from blead.
326
328 A Social Contract about Artistic Control
329 What follows is a statement about artistic control, defined as the
330 ability of authors of packages to guide the future of their code and
331 maintain control over their work. It is a recognition that authors
332 should have control over their work, and that it is a responsibility of
333 the rest of the Perl community to ensure that they retain this control.
334 It is an attempt to document the standards to which we, as Perl
335 developers, intend to hold ourselves. It is an attempt to write down
336 rough guidelines about the respect we owe each other as Perl
337 developers.
338 This statement is not a legal contract. This statement is not a legal
340 document in any way, shape, or form. Perl is distributed under the GNU
341 Public License and under the Artistic License; those are the precise
342 legal terms. This statement isn't about the law or licenses. It's
343 about community, mutual respect, trust, and good-faith cooperation.
344 We recognize that the Perl core, defined as the software distributed
346 with the heart of Perl itself, is a joint project on the part of all of
347 us. From time to time, a script, module, or set of modules (hereafter
348 referred to simply as a "module") will prove so widely useful and/or so
349 integral to the correct functioning of Perl itself that it should be
350 distributed with the Perl core. This should never be done without the
351 author's explicit consent, and a clear recognition on all parts that
352 this means the module is being distributed under the same terms as Perl
353 itself. A module author should realize that inclusion of a module into
354 the Perl core will necessarily mean some loss of control over it, since
355 changes may occasionally have to be made on short notice or for
356 consistency with the rest of Perl.
357 Once a module has been included in the Perl core, however, everyone
359 involved in maintaining Perl should be aware that the module is still
360 the property of the original author unless the original author
361 explicitly gives up their ownership of it. In particular:
362 · The version of the module in the Perl core should still be
364 considered the work of the original author. All patches, bug
365 reports, and so forth should be fed back to them. Their
366 development directions should be respected whenever possible.
367 · Patches may be applied by the pumpkin holder without the explicit
369 cooperation of the module author if and only if they are very
370 minor, time-critical in some fashion (such as urgent security
371 fixes), or if the module author cannot be reached. Those patches
372 must still be given back to the author when possible, and if the
373 author decides on an alternate fix in their version, that fix
374 should be strongly preferred unless there is a serious problem with
375 it. Any changes not endorsed by the author should be marked as
376 such, and the contributor of the change acknowledged.
377 · The version of the module distributed with Perl should, whenever
379 possible, be the latest version of the module as distributed by the
380 author (the latest non-beta version in the case of public Perl
381 releases), although the pumpkin holder may hold off on upgrading
382 the version of the module distributed with Perl to the latest
383 version until the latest version has had sufficient testing.
384 In other words, the author of a module should be considered to have
386 final say on modifications to their module whenever possible (bearing
387 in mind that it's expected that everyone involved will work together
388 and arrive at reasonable compromises when there are disagreements).
389 As a last resort, however:
391 If the author's vision of the future of their module is sufficiently
393 different from the vision of the pumpkin holder and perl5-porters as a
394 whole so as to cause serious problems for Perl, the pumpkin holder may
395 choose to formally fork the version of the module in the Perl core from
396 the one maintained by the author. This should not be done lightly and
397 should always if at all possible be done only after direct input from
398 Larry. If this is done, it must then be made explicit in the module as
399 distributed with the Perl core that it is a forked version and that
400 while it is based on the original author's work, it is no longer
401 maintained by them. This must be noted in both the documentation and
402 in the comments in the source of the module.
403 Again, this should be a last resort only. Ideally, this should never
405 happen, and every possible effort at cooperation and compromise should
406 be made before doing this. If it does prove necessary to fork a module
407 for the overall health of Perl, proper credit must be given to the
408 original author in perpetuity and the decision should be constantly re-
409 evaluated to see if a remerging of the two branches is possible down
410 the road.
411 In all dealings with contributed modules, everyone maintaining Perl
413 should keep in mind that the code belongs to the original author, that
414 they may not be on perl5-porters at any given time, and that a patch is
415 not official unless it has been integrated into the author's copy of
416 the module. To aid with this, and with points #1, #2, and #3 above,
417 contact information for the authors of all contributed modules should
418 be kept with the Perl distribution.
419 Finally, the Perl community as a whole recognizes that respect for
421 ownership of code, respect for artistic control, proper credit, and
422 active effort to prevent unintentional code skew or communication gaps
423 is vital to the health of the community and Perl itself. Members of a
424 community should not normally have to resort to rules and laws to deal
425 with each other, and this document, although it contains rules so as to
426 be clear, is about an attitude and general approach. The first step in
427 any dispute should be open communication, respect for opposing views,
428 and an attempt at a compromise. In nearly every circumstance nothing
429 more will be necessary, and certainly no more drastic measure should be
430 used until every avenue of communication and discussion has failed.
431
433 Perl's documentation is an important resource for our users. It's
434 incredibly important for Perl's documentation to be reasonably coherent
435 and to accurately reflect the current implementation.
436 Just as P5P collectively maintains the codebase, we collectively
438 maintain the documentation. Writing a particular bit of documentation
439 doesn't give an author control of the future of that documentation. At
440 the same time, just as source code changes should match the style of
441 their surrounding blocks, so should documentation changes.
442 Examples in documentation should be illustrative of the concept they're
444 explaining. Sometimes, the best way to show how a language feature
445 works is with a small program the reader can run without modification.
446 More often, examples will consist of a snippet of code containing only
447 the "important" bits. The definition of "important" varies from
448 snippet to snippet. Sometimes it's important to declare "use strict"
449 and "use warnings", initialize all variables and fully catch every
450 error condition. More often than not, though, those things obscure the
451 lesson the example was intended to teach.
452 As Perl is developed by a global team of volunteers, our documentation
454 often contains spellings which look funny to somebody. Choice of
455 American/British/Other spellings is left as an exercise for the author
456 of each bit of documentation. When patching documentation, try to
457 emulate the documentation around you, rather than changing the existing
458 prose.
459 In general, documentation should describe what Perl does "now" rather
461 than what it used to do. It's perfectly reasonable to include notes in
462 documentation about how behaviour has changed from previous releases,
463 but, with very few exceptions, documentation isn't "dual-life" -- it
464 doesn't need to fully describe how all old versions used to work.
465
467 The official forum for the development of perl is the perl5-porters
468 mailing list, mentioned above, and its bugtracker at rt.perl.org.
469 Posting to the list and the bugtracker is not a right: all participants
470 in discussion are expected to adhere to a standard of conduct.
471 · Always be civil.
473 · Heed the moderators.
475 Civility is simple: stick to the facts while avoiding demeaning
477 remarks, belittling other individuals, sarcasm, or a presumption of bad
478 faith. It is not enough to be factual. You must also be civil.
479 Responding in kind to incivility is not acceptable. If you relay
480 otherwise-unposted comments to the list from a third party, you take
481 responsibility for the content of those comments, and you must
482 therefore ensure that they are civil.
483 While civility is required, kindness is encouraged; if you have any
485 doubt about whether you are being civil, simply ask yourself, "Am I
486 being kind?" and aspire to that.
487 If the list moderators tell you that you are not being civil, carefully
489 consider how your words have appeared before responding in any way.
490 Were they kind? You may protest, but repeated protest in the face of a
491 repeatedly reaffirmed decision is not acceptable. Repeatedly
492 protesting about the moderators' decisions regarding a third party is
493 also unacceptable, as is continuing to initiate off-list contact with
494 the moderators about their decisions.
495 Unacceptable behavior will result in a public and clearly identified
497 warning. A second instance of unacceptable behavior from the same
498 individual will result in removal from the mailing list and
499 rt.perl.org, for a period of one calendar month. The rationale for
500 this is to provide an opportunity for the person to change the way they
501 act.
502 After the time-limited ban has been lifted, a third instance of
504 unacceptable behavior will result in a further public warning. A
505 fourth or subsequent instance will result in an indefinite ban. The
506 rationale is that, in the face of an apparent refusal to change
507 behavior, we must protect other community members from future
508 unacceptable actions. The moderators may choose to lift an indefinite
509 ban if the person in question affirms they will not transgress again.
510 Removals, like warnings, are public.
512 The list of moderators will be public knowledge. At present, it is:
514 Aaron Crane, Andy Dougherty, Karen Etheridge, Ricardo Signes, Sawyer X,
515 Steffen Mueller, Todd Rinaldo.
516
518 "Social Contract about Contributed Modules" originally by Russ Allbery
519 <rra@stanford.edu> and the perl5-porters.
520perl v5.28.2 2018-11-01 PERLPOLICY(1)