Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide -Dfortify_inc Configure option to remove . from @INC #15258

Closed
p5pRT opened this issue Apr 1, 2016 · 78 comments
Closed

Provide -Dfortify_inc Configure option to remove . from @INC #15258

p5pRT opened this issue Apr 1, 2016 · 78 comments

Comments

@p5pRT
Copy link

p5pRT commented Apr 1, 2016

Migrated from rt.perl.org#127810 (status was 'resolved')

Searchable as RT127810$

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @toddr

Created by @toddr

Several discussions have been had over the years about removing . from @​INC.

In 2010, Ansgar brought it up​:
http​://www.nntp.perl.org/group/perl.perl5.porters/2010/08/msg162729.html
In 2012, I brought it up​:
http​://code.activestate.com/lists/perl5-porters/176081/

My summary of the responses to these email chains would be​:

1. A certain percentage of people do not agree that . in @​INC is a
security issue. Others feel it's "a basic sanity provision"
2. There is a general agreement that the Perl toolchain highly depends
on this behavior so the toolchain would have to be fixed.
3. Some predicted disastrous consequences.
4. Many feel the problem is unfixable because of how long Perl has
been this way.

I didn't quite make the Perl 5.18 deadline like I promised in the
email, but I now have a proposal complete with patches.

What I propose is a small patch to perl.c which causes . to be missing
from @​INC unless the environment variable PERL_USE_UNSAFE_INC=1 is
present. This would only happen based on a Configure question which
would default to being off so that the default Perl install does not
change.

Cpanel currently ships and updates Perl 5.22 along with roughly 900
perl modules. In the coming version of our product, we will be
shipping a Perl that does not have . in @​INC. These modules are all
built as RPMs and I consider the RPMs a failed build if their unit
tests cannot pass. There were about 3 of these 900 modules I had to do
something weird with (because they were stripping %ENV or just being
weird themselves). I did this by Simply adding PERL_USE_UNSAFE_INC=1
in the appropriate places to EU​::MM, M​::B, M​::B​::Tiny.

I am attaching the patches which will provide this option. I have
updated no documentation yet. I can provide that if I can get some
agreement for this to merge for 5.25.0 (I assume I've missed the 5.24
deadline for something like this?)

You can also find the commits here on github if you prefer to see them
there​: https://github.com/toddr/perl/compare/blead...toddr:pop_INC?diff=unified&expand=1&name=pop_INC

Once this merges, it will provide an opportunity for me to begin
providing patches to authors so that PERL_USE_UNSAFE_INC is for the
most part unneeded.

Perl Info

Flags:
    category=core
    severity=medium

Site configuration information for perl 5.22.1:

Configured by cPanel at Wed Mar  2 15:47:40 CST 2016.

Summary of my perl5 (revision 5 version 22 subversion 1) configuration:

  Platform:
    osname=linux, osvers=2.6.32-431.29.2.el6.i686, archname=i386-linux-64int
    uname='linux rpmb-32-centos-65.dev.cpanel.net
2.6.32-431.29.2.el6.i686 #1 smp tue sep 9 20:14:52 utc 2014 i686 i686
i386 gnulinux '
    config_args='-des -Dusedevel -Darchname=i386-linux-64int
-Dcc=/usr/bin/gcc -Dcpp=/usr/bin/cpp -DDEBUGGING=none -Doptimize=-Os
-Dusemymalloc=n -Duseshrplib -Duselargefiles=yes -Duseposix=true
-Dhint=recommended -Duseperlio=yes -Dccflags=-DPERL_DISABLE_PMC
-I/usr/local/cpanel/3rdparty/perl/522/include
-L/usr/local/cpanel/3rdparty/perl/522/lib
-I/usr/local/cpanel/3rdparty/include -L/usr/local/cpanel/3rdparty/lib
-Dcppflags=-I/usr/local/cpanel/3rdparty/perl/522/include
-L/usr/local/cpanel/3rdparty/perl/522/lib
-I/usr/local/cpanel/3rdparty/include -L/usr/local/cpanel/3rdparty/lib
-Dldflags=-Wl,-rpath -Wl,/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/lib
-Dprefix=/usr/local/cpanel/3rdparty/perl/522
-Dsiteprefix=/opt/cpanel/perl5/522 -Dsitebin=/opt/cpanel/perl5/522/bin
-Dsitelib=/opt/cpanel/perl5/522/site_lib -Dusevendorprefix=true
-Dvendorbin=/usr/local/cpanel/3rdparty/perl/522/bin
-Dvendorprefix=/usr/local/cpanel/3rdparty/perl/522/lib/perl5
-Dvendorlib=/usr/local/cpanel/3rdparty/perl/522/lib/perl5/cpanel_lib
-Dprivlib=/usr/local/cpanel/3rdparty/perl/522/lib/perl5/5.22.1
-Dman1dir=none -Dman3dir=none
-Dscriptdir=/usr/local/cpanel/3rdparty/perl/522/bin
-Dscriptdirexp=/usr/local/cpanel/3rdparty/perl/522/bin
-Dsiteman1dir=none -Dsiteman3dir=none -Dinstallman1dir=none
-Dversiononly=no -Dinstallusrbinperl=no -Dcf_by=cPanel
-Dmyhostname=localhost -Dperladmin=root@localhost
-Dcf_email=support@cpanel.net
-Di_dbm=/usr/local/cpanel/3rdparty/include
-Di_gdbm=/usr/local/cpanel/3rdparty/include
-Di_ndbm=/usr/local/cpanel/3rdparty/include -DDB_File=true -Ud_dosuid
-Uuserelocatableinc -Umad -Uusethreads -Uusemultiplicity -Uusesocks
-Uuselongdouble -Aldflags=-L/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/lib -L/usr/lib -L/lib -lgdbm
-Dlocincpth=/usr/local/cpanel/3rdparty/perl/522/include
/usr/local/cpanel/3rdparty/include /usr/local/include  -Duse64bitint
-Uuse64bitall -Acflags=-fPIC -DPIC -m32
-I/usr/local/cpanel/3rdparty/perl/522/include
-I/usr/local/cpanel/3rdparty/include
-Dlibpth=/usr/local/cpanel/3rdparty/perl/522/lib
/usr/local/cpanel/3rdparty/lib /usr/local/lib /lib /usr/lib '
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    use64bitint=define, use64bitall=undef, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='/usr/bin/gcc', ccflags ='-DPERL_DISABLE_PMC
-I/usr/local/cpanel/3rdparty/perl/522/include
-L/usr/local/cpanel/3rdparty/perl/522/lib
-I/usr/local/cpanel/3rdparty/include -L/usr/local/cpanel/3rdparty/lib
-fwrapv -fno-strict-aliasing -pipe -fstack-protector
-I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
-D_FORTIFY_SOURCE=2',
    optimize='-Os',
    cppflags='-I/usr/local/cpanel/3rdparty/perl/522/include
-L/usr/local/cpanel/3rdparty/perl/522/lib
-I/usr/local/cpanel/3rdparty/include -L/usr/local/cpanel/3rdparty/lib
-DPERL_DISABLE_PMC -I/usr/local/cpanel/3rdparty/perl/522/include
-L/usr/local/cpanel/3rdparty/perl/522/lib
-I/usr/local/cpanel/3rdparty/include -L/usr/local/cpanel/3rdparty/lib
-fwrapv -fno-strict-aliasing -pipe -fstack-protector
-I/usr/local/include'
    ccversion='', gccversion='4.4.7 20120313 (Red Hat 4.4.7-4)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8,
byteorder=12345678, doublekind=3
    d_longlong=define, longlongsize=8, d_longdbl=define,
longdblsize=12, longdblkind=3
    ivtype='long long', ivsize=8, nvtype='double', nvsize=8,
Off_t='off_t', lseeksize=8
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='/usr/bin/gcc', ldflags ='-Wl,-rpath
-Wl,/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/lib
-L/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/lib -L/usr/lib -L/lib -lgdbm
-fstack-protector -L/usr/local/lib'
    libpth=/usr/local/cpanel/3rdparty/perl/522/lib
/usr/local/cpanel/3rdparty/lib /usr/local/lib /lib /usr/lib
/usr/local/lib /usr/lib
    libs=-lpthread -lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc
    perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    libc=libc-2.12.so, so=so, useshrplib=true, libperl=libperl.so
    gnulibc_version='2.12'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E
-Wl,-rpath,/usr/local/cpanel/3rdparty/perl/522/lib/perl5/5.22.1/i386-linux-64int/CORE'
    cccdlflags='-fPIC', lddlflags='-shared -Os
-L/usr/local/cpanel/3rdparty/perl/522/lib
-L/usr/local/cpanel/3rdparty/lib -L/usr/lib -L/lib -L/usr/local/lib
-fstack-protector'

Locally applied patches:
    cPanel patches
    cPanel INC path changes
    Remove . from @INC


@INC for perl 5.22.1:
    /usr/local/cpanel
    /usr/local/cpanel/3rdparty/perl/522/lib/perl5/cpanel_lib/i386-linux-64int
    /usr/local/cpanel/3rdparty/perl/522/lib/perl5/cpanel_lib
    /usr/local/cpanel/3rdparty/perl/522/lib/perl5/5.22.1/i386-linux-64int
    /usr/local/cpanel/3rdparty/perl/522/lib/perl5/5.22.1
    /opt/cpanel/perl5/522/site_lib/i386-linux-64int
    /opt/cpanel/perl5/522/site_lib


Environment for perl 5.22.1:
    HOME=/root
    LANG=en_US.UTF-8
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/usr/local/cpanel/bin:/usr/local/cpanel/3rdparty/bin:/usr/local/cpanel/3rdparty/perl/522/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/cpanel/perl5/522/bin
    PERL_BADLANG (unset)
    SHELL=/bin/zsh

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @toddr

Patches for feature attached to RT.

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @toddr

0001-Patch-unit-tests-to-explicitly-insert-.-into-INC-whe.patch
From c122e372fecc0e54621a3f69cc15707829537864 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:29 -0500
Subject: [PATCH 1/4] Patch unit tests to explicitly insert "." into @INC when
 needed.

---
 Porting/pod_rules.pl       | 2 +-
 lib/strict.t               | 2 +-
 lib/warnings.t             | 2 +-
 makedef.pl                 | 2 +-
 regen.pl                   | 2 +-
 regen/ebcdic.pl            | 3 +++
 regen/genpacksizetables.pl | 2 +-
 regen/mg_vtable.pl         | 2 +-
 t/comp/line_debug.t        | 2 ++
 t/lib/warnings/op          | 1 +
 t/op/goto.t                | 2 +-
 t/porting/regen.t          | 2 +-
 t/re/pat.t                 | 4 ++--
 t/run/runenv.t             | 3 ++-
 t/run/switches.t           | 6 +++---
 t/test.pl                  | 4 ++--
 16 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/Porting/pod_rules.pl b/Porting/pod_rules.pl
index 0d837bf..f4c094d 100644
--- a/Porting/pod_rules.pl
+++ b/Porting/pod_rules.pl
@@ -32,7 +32,7 @@ if (ord("A") == 193) {
             # plan9 =>  'plan9/mkfile',
            );
 
-require 'Porting/pod_lib.pl';
+require './Porting/pod_lib.pl';
 sub my_die;
 
 # process command-line switches
diff --git a/lib/strict.t b/lib/strict.t
index d6c6ed0..bfee762 100644
--- a/lib/strict.t
+++ b/lib/strict.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $local_tests = 6;
 require "../t/lib/common.pl";
diff --git a/lib/warnings.t b/lib/warnings.t
index ee696fe..7c24f3a 100644
--- a/lib/warnings.t
+++ b/lib/warnings.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $UTF8 = (${^OPEN} || "") =~ /:utf8/;
 require "../t/lib/common.pl";
diff --git a/makedef.pl b/makedef.pl
index 78ee0b1..5fd192e 100644
--- a/makedef.pl
+++ b/makedef.pl
@@ -70,7 +70,7 @@ BEGIN {
 }
 use constant PLATFORM => $ARGS{PLATFORM};
 
-require "$ARGS{TARG_DIR}regen/embed_lib.pl";
+require "./$ARGS{TARG_DIR}regen/embed_lib.pl";
 
 # Is the following guard strictly necessary? Added during refactoring
 # to keep the same behaviour when merging other code into here.
diff --git a/regen.pl b/regen.pl
index 8788668..71a6eda 100644
--- a/regen.pl
+++ b/regen.pl
@@ -15,7 +15,7 @@ use strict;
 
 my $tap = $ARGV[0] && $ARGV[0] eq '--tap' ? '# ' : '';
 foreach my $pl (map {chomp; "regen/$_"} <DATA>) {
-  my @command =  ($^X, $pl, @ARGV);
+  my @command =  ($^X, '-I.', $pl, @ARGV);
   print "$tap@command\n";
   system @command
     and die "@command failed: $?" 
diff --git a/regen/ebcdic.pl b/regen/ebcdic.pl
index fa8a051..718a7c8 100644
--- a/regen/ebcdic.pl
+++ b/regen/ebcdic.pl
@@ -1,6 +1,9 @@
 use v5.16.0;
 use strict;
 use warnings;
+
+BEGIN { unshift @INC, '.' }
+
 require 'regen/regen_lib.pl';
 require 'regen/charset_translations.pl';
 
diff --git a/regen/genpacksizetables.pl b/regen/genpacksizetables.pl
index 7a03dcd..d886822 100644
--- a/regen/genpacksizetables.pl
+++ b/regen/genpacksizetables.pl
@@ -3,7 +3,7 @@
 # it will generate EBCDIC too. (TODO)
 use strict;
 use Encode;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 sub make_text {
     my ($chrmap, $letter, $unpredictable, $nocsum, $size, $condition) = @_;
diff --git a/regen/mg_vtable.pl b/regen/mg_vtable.pl
index a05a7d4..342f5e0 100644
--- a/regen/mg_vtable.pl
+++ b/regen/mg_vtable.pl
@@ -20,7 +20,7 @@ require 5.004;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 my %mg =
diff --git a/t/comp/line_debug.t b/t/comp/line_debug.t
index 8361194..71626bb 100644
--- a/t/comp/line_debug.t
+++ b/t/comp/line_debug.t
@@ -1,5 +1,7 @@
 #!./perl
 
+BEGIN { unshift @INC, '.' }
+
 chdir 't' if -d 't';
 
 sub ok {
diff --git a/t/lib/warnings/op b/t/lib/warnings/op
index 8256c23..a87cbae 100644
--- a/t/lib/warnings/op
+++ b/t/lib/warnings/op
@@ -1435,6 +1435,7 @@ END { print "in end\n"; }
 print "in mainline\n";
 1;
 --FILE--
+BEGIN { unshift @INC, '.' }
 require abc;
 do "abc.pm";
 EXPECT
diff --git a/t/op/goto.t b/t/op/goto.t
index aa2f24f..a65ede2 100644
--- a/t/op/goto.t
+++ b/t/op/goto.t
@@ -280,7 +280,7 @@ YYY: print "OK\n";
 EOT
 close $f;
 
-$r = runperl(prog => 'use Op_goto01; print qq[DONE\n]');
+$r = runperl(prog => 'BEGIN { unshift @INC, q[.] } use Op_goto01; print qq[DONE\n]');
 is($r, "OK\nDONE\n", "goto within use-d file"); 
 unlink_all "Op_goto01.pm";
 
diff --git a/t/porting/regen.t b/t/porting/regen.t
index 5d08518..d234260 100644
--- a/t/porting/regen.t
+++ b/t/porting/regen.t
@@ -86,7 +86,7 @@ OUTER: foreach my $file (@files) {
 }
 
 foreach (@progs) {
-    my $command = "$^X $_ --tap";
+    my $command = "$^X -I. $_ --tap";
     system $command
         and die "Failed to run $command: $?";
 }
diff --git a/t/re/pat.t b/t/re/pat.t
index 295a9f7..8652bf6 100644
--- a/t/re/pat.t
+++ b/t/re/pat.t
@@ -1663,7 +1663,7 @@ EOP
             # NOTE - Do not put quotes in the code!
             # NOTE - We have to triple escape the backref in the pattern below.
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 watchdog(3);
                 for my $len (1 .. 20) {
                     my $eights= q(8) x $len;
@@ -1679,7 +1679,7 @@ EOP
             # #123562]
 
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 use Encode qw(_utf8_on);
                 # \x80 and \x41 are continuation bytes in their respective
                 # character sets
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 82846a4..8861a3d 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,7 +285,8 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-is ($default_inc[-1], '.', '. is last in @INC');
+ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
+#is ($default_inc[-1], '.', '. is last in @INC');
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/t/run/switches.t b/t/run/switches.t
index aa9bda3..5f03386 100644
--- a/t/run/switches.t
+++ b/t/run/switches.t
@@ -194,12 +194,12 @@ sub import { print map "<\$_>", \@_ }
 SWTESTPM
     close $f or die "Could not close: $!";
     $r = runperl(
-	switches    => [ "-M$package" ],
+	switches    => [ "-I.", "-M$package" ],
 	prog	    => '1',
     );
     is( $r, "<$package>", '-M' );
     $r = runperl(
-	switches    => [ "-M$package=foo" ],
+	switches    => [ "-I.", "-M$package=foo" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo>", '-M with import parameter' );
@@ -213,7 +213,7 @@ SWTESTPM
         is( $r, '', '-m' );
     }
     $r = runperl(
-	switches    => [ "-m$package=foo,bar" ],
+	switches    => [ "-I.", "-m$package=foo,bar" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo><bar>", '-m with import parameters' );
diff --git a/t/test.pl b/t/test.pl
index 84475ea..9c35c2e 100644
--- a/t/test.pl
+++ b/t/test.pl
@@ -1244,8 +1244,8 @@ sub run_multiple_progs {
 	close $fh or die "Cannot close $tmpfile: $!";
 	my $results = runperl( stderr => 1, progfile => $tmpfile,
 			       stdin => undef, $up
-			       ? (switches => ["-I$up/lib", $switch], nolib => 1)
-			       : (switches => [$switch])
+			       ? (switches => [ "-I.", "-I$up/lib", $switch], nolib => 1)
+			       : (switches => [ "-I.", $switch])
 			        );
 	my $status = $?;
 	$results =~ s/\n+$//;
-- 
2.8.0

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @toddr

0002-Add-PERL_USE_UNSAFE_INC-support-to-EU-MM-for-fortify.patch
From 209aab49bf75216b4b63e77cf36a6764f3d34d85 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:42 -0500
Subject: [PATCH 2/4] Add PERL_USE_UNSAFE_INC support to EU::MM for fortify_inc
 support.

This change allows the majority of Perl modules that cannot build/test/install
without . in INC to be able to do so, while maintaining a safer perl under
normal use.
---
 cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm   | 4 ++--
 cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm | 5 +++++
 t/porting/customized.dat                          | 4 ++--
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
index e24a61b..e2fd61c 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -3564,7 +3564,7 @@ PERL_DL_NONLAZY set for tests.
 
 sub test_via_harness {
     my($self, $perl, $tests) = @_;
-    return $self->SUPER::test_via_harness("PERL_DL_NONLAZY=1 $perl", $tests);
+    return $self->SUPER::test_via_harness("PERL_DL_NONLAZY=1 PERL_USE_UNSAFE_INC=1 $perl", $tests);
 }
 
 =item test_via_script (override)
@@ -3575,7 +3575,7 @@ Again, the PERL_DL_NONLAZY thing.
 
 sub test_via_script {
     my($self, $perl, $script) = @_;
-    return $self->SUPER::test_via_script("PERL_DL_NONLAZY=1 $perl", $script);
+    return $self->SUPER::test_via_script("PERL_DL_NONLAZY=1 PERL_USE_UNSAFE_INC=1 $perl", $script);
 }
 
 
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
index f9fb8fe..406d32b 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
@@ -5,6 +5,11 @@ use strict;
 
 BEGIN {require 5.006;}
 
+# Assure anything called from Makefile.PL is allowed to have . in @INC.
+BEGIN {
+    $ENV{PERL_USE_UNSAFE_INC} = 1;
+}
+
 require Exporter;
 use ExtUtils::MakeMaker::Config;
 use ExtUtils::MakeMaker::version; # ensure we always have our fake version.pm
diff --git a/t/porting/customized.dat b/t/porting/customized.dat
index c48ba7e..5f80d18 100644
--- a/t/porting/customized.dat
+++ b/t/porting/customized.dat
@@ -4,7 +4,7 @@ ExtUtils::Constant cpan/ExtUtils-Constant/t/Constant.t a0369c919e216fb02767a6376
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Command/MM.pm 8d772fbc6a57637ab24d12a02794073ee71b489c
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist.pm 9be9ac3fee6fd6df702469904e02c8b4c6f2502e
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm bb2443c2314c50f09f7eab4aacc03ade8b9907dd
-ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm 830acdc810e2974d7fd4ec408ea1bfa825c75b69
+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm 50957b52a2e9e46851a2e7238a6dccd195ac824d
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/Config.pm 5c41b40e33464c6635258061dff4ece018b46bd9
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/FAQ.pod 062e5d14a803fbbec8d61803086a3d7997e8a473
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/Tutorial.pod a8a9cab7d67922ed3d6883c864e1fe29aaa6ad89
@@ -23,7 +23,7 @@ ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_MacOS.pm 83601fa89eb
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_NW5.pm 8185a7db6c4d7e0fdc5001aeaa8c2b612a884a5e
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_OS2.pm 2fe66ca8a894d6a2ae340b8bf6f8d69c5e1f7fbe
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_QNX.pm e8a4dbba69a1d551bd581ea6a3f2415bacbc0ae5
-ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm d666ac424618c3e11b8549755c9646d942bd2d57
+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b31da2dae4f3c8769c5e9cb196cdaf6878e033cb
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_UWIN.pm f6581a0e75e45bfc26f343f173d3366c43fb1221
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VMS.pm 1997912b5018970cdeb3dae8fd7e0c24f6e5d567
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VOS.pm 210a4eda8b081d9986477e3a9762fce6ebea8474
-- 
2.8.0

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @toddr

0003-Set-PERL_USE_UNSAFE_INC-for-cpan-usage.patch
From f22ff70044b523868bc1a79af08647b5cf434ebc Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:47 -0500
Subject: [PATCH 3/4] Set PERL_USE_UNSAFE_INC for cpan usage

This change allows the majority of Perl modules to build/test/install from the
cpan client without having to modify them.
---
 cpan/CPAN/scripts/cpan | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cpan/CPAN/scripts/cpan b/cpan/CPAN/scripts/cpan
index 5f4320e..d93b3bc 100644
--- a/cpan/CPAN/scripts/cpan
+++ b/cpan/CPAN/scripts/cpan
@@ -3,6 +3,11 @@
 use strict;
 use vars qw($VERSION);
 
+BEGIN {
+    # make sure we can install any modules from CPAN without patching them
+    $ENV{PERL_USE_UNSAFE_INC} = 1;
+}
+
 use App::Cpan '1.60_02';
 $VERSION = '1.61';
 
-- 
2.8.0

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @toddr

0004-Provide-Dfortify_inc-Configure-option-to-remove-.-fr.patch
From 4b8fb407013fa0b718978cbf3049ef17ab88d4aa Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:53 -0500
Subject: [PATCH 4/4] Provide -Dfortify_inc Configure option to remove . from
 @INC

This provides a Perl that removes . in the default @INC.

Because the testing / make process for perl modules do not function well
with . missing from @INC, Perl now supports the environment variable
PERL_USE_UNSAFE_INC=1 which makes Perl behave as it prev iously did,
returning . to @INC in all child processes.
---
 Configure   | 26 ++++++++++++++++++++++++++
 Makefile.SH |  2 +-
 config_h.SH |  7 +++++++
 perl.c      |  9 +++++++--
 4 files changed, 41 insertions(+), 3 deletions(-)

diff --git a/Configure b/Configure
index ff864b0..2f01eac 100755
--- a/Configure
+++ b/Configure
@@ -1384,6 +1384,8 @@ vendorscriptexp=''
 versiononly=''
 yacc=''
 yaccflags=''
+fortify_inc=''
+
 CONFIG=''
 
 : Detect odd OSs
@@ -5102,6 +5104,29 @@ rp='What is the file extension used for shared libraries?'
 . ./myread
 so="$ans"
 
+: Remove . from @INC
+$cat << EOM
+
+Historically Perl has provided a final fallback of the current working
+directory '.' when searching for a library. This, however, can lead to
+problems when a Perl program which loads optional modules is called from
+a shared directory. This can lead to executing unexpected code.
+
+
+EOM
+
+case "$fortify_inc" in
+    $define|true|[yY]*)     dflt="y";;
+    *)  dflt='n';;
+esac
+
+rp='Remove . from @INC unless $ENV{PERL_USE_UNSAFE_INC}=1 ?'
+. ./myread
+case "$ans" in
+    y*|define) fortify_inc="$define" ;;
+    *)   fortify_inc="$undef"  ;;
+esac
+
 : Does target system insist that shared library basenames are unique
 $cat << EOM
 
@@ -25325,6 +25350,7 @@ vi='$vi'
 xlibpth='$xlibpth'
 yacc='$yacc'
 yaccflags='$yaccflags'
+fortify_inc='$fortify_inc'
 zcat='$zcat'
 zip='$zip'
 EOT
diff --git a/Makefile.SH b/Makefile.SH
index e03a349..6323b57 100755
--- a/Makefile.SH
+++ b/Makefile.SH
@@ -345,7 +345,7 @@ RUN_PERL = \$(LDLIBPTH) \$(RUN) $perl\$(EXE_EXT)
 	$spitshell >>$Makefile <<!GROK!THIS!
 # Macros to invoke a copy of our fully operational perl during the build.
 PERL_EXE = perl\$(EXE_EXT)
-RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib
+RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib -I.
 !GROK!THIS!
 	;;
 esac
diff --git a/config_h.SH b/config_h.SH
index 6bd7c30..22699b5 100755
--- a/config_h.SH
+++ b/config_h.SH
@@ -2990,6 +2990,13 @@ sed <<!GROK!THIS! >$CONFIG_H -e 's!^#undef\(.*/\)\*!/\*#define\1 \*!' -e 's!^#un
 #$i_stdarg I_STDARG		/**/
 #$i_varargs I_VARARGS	/**/
 
+/* FORTIFY_INC:
+ *     This symbol, when defined, makes perl omit the '.' directory from
+ *     @INC unless $ENV{PERL_USE_UNSAFE_INC}=1 is set when the interpreter starts.
+ */
+#$fortify_inc FORTIFY_INC                /**/
+
+
 /* PERL_INC_VERSION_LIST:
  *	This variable specifies the list of subdirectories in over
  *	which perl.c:incpush() and lib/lib.pm will automatically
diff --git a/perl.c b/perl.c
index 15e9150..3776256 100644
--- a/perl.c
+++ b/perl.c
@@ -4602,8 +4602,13 @@ S_init_perllib(pTHX)
 #endif
 #endif /* !PERL_IS_MINIPERL */
 
-    if (!TAINTING_get)
-	S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    if (!TAINTING_get) {
+#if !defined(PERL_IS_MINIPERL) && defined(FORTIFY_INC)
+        const char * const unsafe = PerlEnv_getenv("PERL_USE_UNSAFE_INC");
+        if (unsafe && strEQ(unsafe, "1"))
+#endif
+          S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    }
 }
 
 #if defined(DOSISH) || defined(__SYMBIAN32__)
-- 
2.8.0

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From [Unknown Contact. See original ticket]

Patches for feature attached to RT.

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @iabyn

On Thu, Mar 31, 2016 at 05​:01​:11PM -0700, Todd Rinaldo wrote​:

What I propose is a small patch to perl.c which causes . to be missing
from @​INC unless the environment variable PERL_USE_UNSAFE_INC=1 is
present. This would only happen based on a Configure question which
would default to being off so that the default Perl install does not
change.

Cpanel currently ships and updates Perl 5.22 along with roughly 900
perl modules. In the coming version of our product, we will be
shipping a Perl that does not have . in @​INC. These modules are all
built as RPMs and I consider the RPMs a failed build if their unit
tests cannot pass. There were about 3 of these 900 modules I had to do
something weird with (because they were stripping %ENV or just being
weird themselves). I did this by Simply adding PERL_USE_UNSAFE_INC=1
in the appropriate places to EU​::MM, M​::B, M​::B​::Tiny.

I am attaching the patches which will provide this option. I have
updated no documentation yet. I can provide that if I can get some
agreement for this to merge for 5.25.0 (I assume I've missed the 5.24
deadline for something like this?)

Yes, 5.25.0 would be the earliest.

I have no objection in principle to something like this, but haven't
looked very closely at your patch yet. However I see that it needs more
work. Building perl without -Dfortify_inc fails several tests. I've
attached a patch that fixes one issue, but there are still more to fix​:

run/runenv.t (Wstat​: 0 Tests​: 104 Failed​: 1)
  Failed test​: 62
porting/checkcfgvar.t (Wstat​: 0 Tests​: 22 Failed​: 11)
  Failed tests​: 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22
porting/cmp_version.t (Wstat​: 0 Tests​: 14 Failed​: 2)

Also, looking at run/runenv.t, in the test in question the grep swallows
the test description rather than providing it as an arg to is().

I'm not familiar enough with the config system to know whether the
fortify_inc probe should be called d_fortify_inc or something instead,
I also wonder whether the define in config.h should be prefixed with
PERL. 'FORTIFY_INC' is pretty generic and could conceivably clash with
something else.

--
No man treats a motor car as foolishly as he treats another human being.
When the car will not go, he does not attribute its annoying behaviour to
sin, he does not say, You are a wicked motorcar, and I shall not give you
any more petrol until you go. He attempts to find out what is wrong and
set it right.
  -- Bertrand Russell,
  Has Religion Made Useful Contributions to Civilization?

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @iabyn

0001-add-fortify_inc-to-unconfig.sh.patch
From ab22ac7063d3c25182674e372e22c7acd1d609cc Mon Sep 17 00:00:00 2001
From: David Mitchell <davem@iabyn.com>
Date: Fri, 1 Apr 2016 15:11:57 +0100
Subject: [PATCH] add fortify_inc to unconfig.sh

---
 uconfig.h  | 11 +++++++++--
 uconfig.sh |  1 +
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/uconfig.h b/uconfig.h
index cf3369d..e32c5e0 100644
--- a/uconfig.h
+++ b/uconfig.h
@@ -2955,6 +2955,13 @@
 #define I_STDARG		/**/
 /*#define I_VARARGS	/ **/
 
+/* FORTIFY_INC:
+ *     This symbol, when defined, makes perl omit the '.' directory from
+ *     @INC unless {PERL_USE_UNSAFE_INC}=1 is set when the interpreter starts.
+ */
+/*#define FORTIFY_INC                / **/
+
+
 /* PERL_INC_VERSION_LIST:
  *	This variable specifies the list of subdirectories in over
  *	which perl.c:incpush() and lib/lib.pm will automatically
@@ -5248,6 +5255,6 @@
 #endif
 
 /* Generated from:
- * dc6a0dd949dd1c707248914e2fdada06beb0e6193be5e94cb1423c6f050e65c3 config_h.SH
- * ea0c70d2693a5911f8c16818794db0e782e9c4b40b9688a200dea7bcfcdfd820 uconfig.sh
+ * 848d7f737ef0b977f54b7fa31a106594a09fec9cf2e2285ab0ab990374a8d46b config_h.SH
+ * 2a6f0a9bc2ce421e971c7095f9641539f365ad63d9689645757987290427fe0a uconfig.sh
  * ex: set ro: */
diff --git a/uconfig.sh b/uconfig.sh
index d0cb2de..1b773cb 100644
--- a/uconfig.sh
+++ b/uconfig.sh
@@ -900,4 +900,5 @@ vendorarchexp=''
 vendorlib_stem=''
 vendorlibexp=''
 versiononly='undef'
+fortify_inc='undef'
 zip=''
-- 
2.4.3

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @cpansprout

On Fri Apr 01 07​:29​:03 2016, davem wrote​:

I'm not familiar enough with the config system to know whether the
fortify_inc probe should be called d_fortify_inc or something instead,

Optionally, one can side-step the whole issue by using -Accflags=-DFORTIFY_INC, but that depends on how much you want this to be perceived as an option for ‘geeks’.

I also wonder whether the define in config.h should be prefixed with
PERL. 'FORTIFY_INC' is pretty generic and could conceivably clash with
something else.

PERL_FORTIFY_INC is definitely better.

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Apr 1, 2016

From @tonycoz

On Thu Mar 31 17​:01​:11 2016, TODDR wrote​:

Several discussions have been had over the years about removing . from
@​INC.

In 2010, Ansgar brought it up​:
http​://www.nntp.perl.org/group/perl.perl5.porters/2010/08/msg162729.html
In 2012, I brought it up​:
http​://code.activestate.com/lists/perl5-porters/176081/

My summary of the responses to these email chains would be​:

1. A certain percentage of people do not agree that . in @​INC is a
security issue. Others feel it's "a basic sanity provision"
2. There is a general agreement that the Perl toolchain highly depends
on this behavior so the toolchain would have to be fixed.
3. Some predicted disastrous consequences.
4. Many feel the problem is unfixable because of how long Perl has
been this way.

I didn't quite make the Perl 5.18 deadline like I promised in the
email, but I now have a proposal complete with patches.

What I propose is a small patch to perl.c which causes . to be missing
from @​INC unless the environment variable PERL_USE_UNSAFE_INC=1 is
present. This would only happen based on a Configure question which
would default to being off so that the default Perl install does not
change.

Cpanel currently ships and updates Perl 5.22 along with roughly 900
perl modules. In the coming version of our product, we will be
shipping a Perl that does not have . in @​INC. These modules are all
built as RPMs and I consider the RPMs a failed build if their unit
tests cannot pass. There were about 3 of these 900 modules I had to do
something weird with (because they were stripping %ENV or just being
weird themselves). I did this by Simply adding PERL_USE_UNSAFE_INC=1
in the appropriate places to EU​::MM, M​::B, M​::B​::Tiny.

I am attaching the patches which will provide this option. I have
updated no documentation yet. I can provide that if I can get some
agreement for this to merge for 5.25.0 (I assume I've missed the 5.24
deadline for something like this?)

Is this intended to be a security measure?

I'm not sure how it can be if the user can set an environment variable to override it? (and in this case they can set PERL5LIB anyway).

An alternative might be a command-line option (like -T without the taint parts) to disable '.' in @​INC.

Tony

@p5pRT
Copy link
Author

p5pRT commented Apr 4, 2016

From @toddr

On Fri Apr 01 14​:24​:46 2016, sprout wrote​:

On Fri Apr 01 07​:29​:03 2016, davem wrote​:

I'm not familiar enough with the config system to know whether the
fortify_inc probe should be called d_fortify_inc or something
instead,
I inquired about that a couple of weeks ago. I was informed there was no rhyme / reason / consistency to the use of d_ in Configure script variables. fortify_inc seems to be more intuitive so I went with that.

I also wonder whether the define in config.h should be prefixed with
PERL. 'FORTIFY_INC' is pretty generic and could conceivably clash
with
something else.

PERL_FORTIFY_INC is definitely better.

Agreed. I'll update the patch on the github remote.

@p5pRT
Copy link
Author

p5pRT commented Apr 4, 2016

From @toddr

On Fri Apr 01 15​:13​:05 2016, tonyc wrote​:

Is this intended to be a security measure?
Yes. When not doing development (which aside from toolchain was the other major argument for it being there always), I am asserting that it is a safer thing for . to not be in @​INC by default.

I'm not sure how it can be if the user can set an environment variable
to override it? (and in this case they can set PERL5LIB anyway).
The goal here is not to deny . in INC. The goal is to provide a safer default so unexpected things happen less.

An alternative might be a command-line option (like -T without the
taint parts) to disable '.' in @​INC.
Right but that would be the opposite of what I'm trying to achieve here. This whole thing could be argued as​: "Just use taint"! The problem is that taint is easier said than done at a global level. It requires EVERY script be updated in order to take advantage of this.

The point of this change is to make the default behavior of a perl script not dependent on the current working directory. If the individual running the script wants the '.' restored to @​INC, they can use the environmental variable. If the script author wants this behavior, they can trivially add the '.' to @​INC in their code.

@p5pRT
Copy link
Author

p5pRT commented Apr 11, 2016

From @toddr

After some offline conversations, I'm re-submitting this patch to remove . from @​INC by default. A Configure variable will still be provided but it will be to put perl back in its old mode where . was at the end of @​INC.

./Configure -Dunsafe_inc

There are 4 commits. Attaching them to the case appears to be a little noisy, so for the time being, you can track them in the pull request link I'm providing for reference.

toddr#1

or

https://github.com/toddr/perl.git branch pop_INC

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @tonycoz

On Mon, Apr 11, 2016 at 04​:54​:19PM -0700, Todd Rinaldo via RT wrote​:

There are 4 commits. Attaching them to the case appears to be a little noisy, so for the time being, you can track them in the pull request link I'm providing for reference.

Please attach them.

Tony

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @toddr

On Mon Apr 11 17​:11​:21 2016, tonyc wrote​:

On Mon, Apr 11, 2016 at 04​:54​:19PM -0700, Todd Rinaldo via RT wrote​:

There are 4 commits. Attaching them to the case appears to be a
little noisy, so for the time being, you can track them in the pull
request link I'm providing for reference.

Please attach them.

Tony

Attached.

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @toddr

0001-Patch-unit-tests-to-explicitly-insert-.-into-INC-whe.patch
From c90c2af4aab19bb8a5c31edecfd147d8071da3a3 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:29 -0500
Subject: [PATCH 1/4] Patch unit tests to explicitly insert "." into @INC when
 needed.

---
 Makefile.SH                | 2 +-
 Porting/pod_rules.pl       | 2 +-
 TestInit.pm                | 2 +-
 lib/strict.t               | 2 +-
 lib/warnings.t             | 2 +-
 makedef.pl                 | 2 +-
 regen.pl                   | 2 +-
 regen/ebcdic.pl            | 3 +++
 regen/genpacksizetables.pl | 2 +-
 regen/mg_vtable.pl         | 2 +-
 t/comp/line_debug.t        | 2 ++
 t/lib/warnings/op          | 1 +
 t/op/goto.t                | 2 +-
 t/porting/regen.t          | 2 +-
 t/re/pat.t                 | 6 +++---
 t/run/runenv.t             | 3 ++-
 t/run/switches.t           | 6 +++---
 t/test.pl                  | 3 ++-
 18 files changed, 27 insertions(+), 19 deletions(-)

diff --git a/Makefile.SH b/Makefile.SH
index 916b332..8c5121c 100755
--- a/Makefile.SH
+++ b/Makefile.SH
@@ -345,7 +345,7 @@ RUN_PERL = \$(LDLIBPTH) \$(RUN) $perl\$(EXE_EXT)
 	$spitshell >>$Makefile <<!GROK!THIS!
 # Macros to invoke a copy of our fully operational perl during the build.
 PERL_EXE = perl\$(EXE_EXT)
-RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib
+RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib -I.
 !GROK!THIS!
 	;;
 esac
diff --git a/Porting/pod_rules.pl b/Porting/pod_rules.pl
index 0d837bf..f4c094d 100644
--- a/Porting/pod_rules.pl
+++ b/Porting/pod_rules.pl
@@ -32,7 +32,7 @@ if (ord("A") == 193) {
             # plan9 =>  'plan9/mkfile',
            );
 
-require 'Porting/pod_lib.pl';
+require './Porting/pod_lib.pl';
 sub my_die;
 
 # process command-line switches
diff --git a/TestInit.pm b/TestInit.pm
index f4ed6fd..f9a5e91 100644
--- a/TestInit.pm
+++ b/TestInit.pm
@@ -47,7 +47,7 @@ sub import {
 	} elsif ($_ eq 'T') {
 	    $chdir = '..'
 		unless -f 't/TEST' && -f 'MANIFEST' && -d 'lib' && -d 'ext';
-	    @INC = 'lib';
+	    @INC = qw/ lib . /;
 	    $setopt = 1;
 	} else {
 	    die "Unknown option '$_'";
diff --git a/lib/strict.t b/lib/strict.t
index d6c6ed0..bfee762 100644
--- a/lib/strict.t
+++ b/lib/strict.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $local_tests = 6;
 require "../t/lib/common.pl";
diff --git a/lib/warnings.t b/lib/warnings.t
index ee696fe..7c24f3a 100644
--- a/lib/warnings.t
+++ b/lib/warnings.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $UTF8 = (${^OPEN} || "") =~ /:utf8/;
 require "../t/lib/common.pl";
diff --git a/makedef.pl b/makedef.pl
index 104696c..c0a220a 100644
--- a/makedef.pl
+++ b/makedef.pl
@@ -70,7 +70,7 @@ BEGIN {
 }
 use constant PLATFORM => $ARGS{PLATFORM};
 
-require "$ARGS{TARG_DIR}regen/embed_lib.pl";
+require "./$ARGS{TARG_DIR}regen/embed_lib.pl";
 
 # Is the following guard strictly necessary? Added during refactoring
 # to keep the same behaviour when merging other code into here.
diff --git a/regen.pl b/regen.pl
index 8788668..71a6eda 100644
--- a/regen.pl
+++ b/regen.pl
@@ -15,7 +15,7 @@ use strict;
 
 my $tap = $ARGV[0] && $ARGV[0] eq '--tap' ? '# ' : '';
 foreach my $pl (map {chomp; "regen/$_"} <DATA>) {
-  my @command =  ($^X, $pl, @ARGV);
+  my @command =  ($^X, '-I.', $pl, @ARGV);
   print "$tap@command\n";
   system @command
     and die "@command failed: $?" 
diff --git a/regen/ebcdic.pl b/regen/ebcdic.pl
index fa8a051..718a7c8 100644
--- a/regen/ebcdic.pl
+++ b/regen/ebcdic.pl
@@ -1,6 +1,9 @@
 use v5.16.0;
 use strict;
 use warnings;
+
+BEGIN { unshift @INC, '.' }
+
 require 'regen/regen_lib.pl';
 require 'regen/charset_translations.pl';
 
diff --git a/regen/genpacksizetables.pl b/regen/genpacksizetables.pl
index 7a03dcd..d886822 100644
--- a/regen/genpacksizetables.pl
+++ b/regen/genpacksizetables.pl
@@ -3,7 +3,7 @@
 # it will generate EBCDIC too. (TODO)
 use strict;
 use Encode;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 sub make_text {
     my ($chrmap, $letter, $unpredictable, $nocsum, $size, $condition) = @_;
diff --git a/regen/mg_vtable.pl b/regen/mg_vtable.pl
index a05a7d4..342f5e0 100644
--- a/regen/mg_vtable.pl
+++ b/regen/mg_vtable.pl
@@ -20,7 +20,7 @@ require 5.004;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 my %mg =
diff --git a/t/comp/line_debug.t b/t/comp/line_debug.t
index 8361194..71626bb 100644
--- a/t/comp/line_debug.t
+++ b/t/comp/line_debug.t
@@ -1,5 +1,7 @@
 #!./perl
 
+BEGIN { unshift @INC, '.' }
+
 chdir 't' if -d 't';
 
 sub ok {
diff --git a/t/lib/warnings/op b/t/lib/warnings/op
index 528639e..df9dadb 100644
--- a/t/lib/warnings/op
+++ b/t/lib/warnings/op
@@ -1435,6 +1435,7 @@ END { print "in end\n"; }
 print "in mainline\n";
 1;
 --FILE--
+BEGIN { unshift @INC, '.' }
 require abc;
 do "abc.pm";
 EXPECT
diff --git a/t/op/goto.t b/t/op/goto.t
index aa2f24f..a65ede2 100644
--- a/t/op/goto.t
+++ b/t/op/goto.t
@@ -280,7 +280,7 @@ YYY: print "OK\n";
 EOT
 close $f;
 
-$r = runperl(prog => 'use Op_goto01; print qq[DONE\n]');
+$r = runperl(prog => 'BEGIN { unshift @INC, q[.] } use Op_goto01; print qq[DONE\n]');
 is($r, "OK\nDONE\n", "goto within use-d file"); 
 unlink_all "Op_goto01.pm";
 
diff --git a/t/porting/regen.t b/t/porting/regen.t
index 5d08518..d234260 100644
--- a/t/porting/regen.t
+++ b/t/porting/regen.t
@@ -86,7 +86,7 @@ OUTER: foreach my $file (@files) {
 }
 
 foreach (@progs) {
-    my $command = "$^X $_ --tap";
+    my $command = "$^X -I. $_ --tap";
     system $command
         and die "Failed to run $command: $?";
 }
diff --git a/t/re/pat.t b/t/re/pat.t
index 295a9f7..ce9d324 100644
--- a/t/re/pat.t
+++ b/t/re/pat.t
@@ -1663,7 +1663,7 @@ EOP
             # NOTE - Do not put quotes in the code!
             # NOTE - We have to triple escape the backref in the pattern below.
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 watchdog(3);
                 for my $len (1 .. 20) {
                     my $eights= q(8) x $len;
@@ -1679,7 +1679,7 @@ EOP
             # #123562]
 
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 use Encode qw(_utf8_on);
                 # \x80 and \x41 are continuation bytes in their respective
                 # character sets
@@ -1747,7 +1747,7 @@ EOP
                 my ($expr, $expect, $test_name, $cap1)= @$tuple;
                 # avoid quotes in this code!
                 my $code='
-                    BEGIN{require q(test.pl);}
+                    BEGIN{require q(./test.pl);}
                     watchdog(3);
                     my $status= eval(q{ !(' . $expr . ') ? q(failed) : ' .
                         ($cap1 ? '($1 ne q['.$cap1.']) ? qq(badmatch:$1) : ' : '') .
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 82846a4..8861a3d 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,7 +285,8 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-is ($default_inc[-1], '.', '. is last in @INC');
+ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
+#is ($default_inc[-1], '.', '. is last in @INC');
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/t/run/switches.t b/t/run/switches.t
index aa9bda3..5f03386 100644
--- a/t/run/switches.t
+++ b/t/run/switches.t
@@ -194,12 +194,12 @@ sub import { print map "<\$_>", \@_ }
 SWTESTPM
     close $f or die "Could not close: $!";
     $r = runperl(
-	switches    => [ "-M$package" ],
+	switches    => [ "-I.", "-M$package" ],
 	prog	    => '1',
     );
     is( $r, "<$package>", '-M' );
     $r = runperl(
-	switches    => [ "-M$package=foo" ],
+	switches    => [ "-I.", "-M$package=foo" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo>", '-M with import parameter' );
@@ -213,7 +213,7 @@ SWTESTPM
         is( $r, '', '-m' );
     }
     $r = runperl(
-	switches    => [ "-m$package=foo,bar" ],
+	switches    => [ "-I.", "-m$package=foo,bar" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo><bar>", '-m with import parameters' );
diff --git a/t/test.pl b/t/test.pl
index 84475ea..991d8a6 100644
--- a/t/test.pl
+++ b/t/test.pl
@@ -646,7 +646,7 @@ sub _create_runperl { # Create the string to qx in runperl().
 	$runperl = "$ENV{PERL_RUNPERL_DEBUG} $runperl";
     }
     unless ($args{nolib}) {
-	$runperl = $runperl . ' "-I../lib"'; # doublequotes because of VMS
+	$runperl = $runperl . ' "-I../lib" "-I." '; # doublequotes because of VMS
     }
     if ($args{switches}) {
 	local $Level = 2;
@@ -1235,6 +1235,7 @@ sub run_multiple_progs {
 	open my $fh, '>', $tmpfile or die "Cannot open >$tmpfile: $!";
 	print $fh q{
         BEGIN {
+            push @INC, '.';
             open STDERR, '>&', STDOUT
               or die "Can't dup STDOUT->STDERR: $!;";
         }
-- 
2.8.1

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @toddr

0002-Add-PERL_USE_UNSAFE_INC-support-to-EU-MM-for-fortify.patch
From 29b67a33c7f762f7c2352d4db4d6ff17995d77d5 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:42 -0500
Subject: [PATCH 2/4] Add PERL_USE_UNSAFE_INC support to EU::MM for fortify_inc
 support.

This change allows the majority of Perl modules that cannot build/test/install
without . in INC to be able to do so, while maintaining a safer perl under
normal use.
---
 cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm   | 6 +++---
 cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm | 7 ++++++-
 t/porting/customized.dat                          | 4 ++--
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
index e24a61b..85194ed 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -15,7 +15,7 @@ use ExtUtils::MakeMaker qw($Verbose neatvalue);
 
 # If we make $VERSION an our variable parse_version() breaks
 use vars qw($VERSION);
-$VERSION = '7.10_01';
+$VERSION = '7.10_02';
 $VERSION = eval $VERSION;  ## no critic [BuiltinFunctions::ProhibitStringyEval]
 
 require ExtUtils::MM_Any;
@@ -3564,7 +3564,7 @@ PERL_DL_NONLAZY set for tests.
 
 sub test_via_harness {
     my($self, $perl, $tests) = @_;
-    return $self->SUPER::test_via_harness("PERL_DL_NONLAZY=1 $perl", $tests);
+    return $self->SUPER::test_via_harness("PERL_DL_NONLAZY=1 PERL_USE_UNSAFE_INC=1 $perl", $tests);
 }
 
 =item test_via_script (override)
@@ -3575,7 +3575,7 @@ Again, the PERL_DL_NONLAZY thing.
 
 sub test_via_script {
     my($self, $perl, $script) = @_;
-    return $self->SUPER::test_via_script("PERL_DL_NONLAZY=1 $perl", $script);
+    return $self->SUPER::test_via_script("PERL_DL_NONLAZY=1 PERL_USE_UNSAFE_INC=1 $perl", $script);
 }
 
 
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
index f9fb8fe..686bebb 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
@@ -5,6 +5,11 @@ use strict;
 
 BEGIN {require 5.006;}
 
+# Assure anything called from Makefile.PL is allowed to have . in @INC.
+BEGIN {
+    $ENV{PERL_USE_UNSAFE_INC} = 1;
+}
+
 require Exporter;
 use ExtUtils::MakeMaker::Config;
 use ExtUtils::MakeMaker::version; # ensure we always have our fake version.pm
@@ -24,7 +29,7 @@ my %Recognized_Att_Keys;
 our %macro_fsentity; # whether a macro is a filesystem name
 our %macro_dep; # whether a macro is a dependency
 
-our $VERSION = '7.10_01';
+our $VERSION = '7.10_02';
 $VERSION = eval $VERSION;  ## no critic [BuiltinFunctions::ProhibitStringyEval]
 
 # Emulate something resembling CVS $Revision$
diff --git a/t/porting/customized.dat b/t/porting/customized.dat
index f871a32..d4ff48e 100644
--- a/t/porting/customized.dat
+++ b/t/porting/customized.dat
@@ -4,7 +4,7 @@ ExtUtils::Constant cpan/ExtUtils-Constant/t/Constant.t a0369c919e216fb02767a6376
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Command/MM.pm 8d772fbc6a57637ab24d12a02794073ee71b489c
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist.pm 9be9ac3fee6fd6df702469904e02c8b4c6f2502e
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm bb2443c2314c50f09f7eab4aacc03ade8b9907dd
-ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm 830acdc810e2974d7fd4ec408ea1bfa825c75b69
+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm 1d33d5891922dfd0b25b44712ea692b93598909b
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/Config.pm 5c41b40e33464c6635258061dff4ece018b46bd9
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/FAQ.pod 062e5d14a803fbbec8d61803086a3d7997e8a473
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/Tutorial.pod a8a9cab7d67922ed3d6883c864e1fe29aaa6ad89
@@ -23,7 +23,7 @@ ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_MacOS.pm 83601fa89eb
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_NW5.pm 8185a7db6c4d7e0fdc5001aeaa8c2b612a884a5e
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_OS2.pm 2fe66ca8a894d6a2ae340b8bf6f8d69c5e1f7fbe
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_QNX.pm e8a4dbba69a1d551bd581ea6a3f2415bacbc0ae5
-ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm d666ac424618c3e11b8549755c9646d942bd2d57
+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm 6944a58ce519707eb73a1ac3391ff1d8a329642d
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_UWIN.pm f6581a0e75e45bfc26f343f173d3366c43fb1221
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VMS.pm 1997912b5018970cdeb3dae8fd7e0c24f6e5d567
 ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VOS.pm 210a4eda8b081d9986477e3a9762fce6ebea8474
-- 
2.8.1

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @toddr

0003-Set-PERL_USE_UNSAFE_INC-for-cpan-usage.patch
From 918247a11f1a0989ef0f66a73c2992e1f4cbac4b Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:47 -0500
Subject: [PATCH 3/4] Set PERL_USE_UNSAFE_INC for cpan usage

This change allows the majority of Perl modules to build/test/install from the
cpan client without having to modify them.
---
 cpan/CPAN/scripts/cpan | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cpan/CPAN/scripts/cpan b/cpan/CPAN/scripts/cpan
index 5f4320e..d93b3bc 100644
--- a/cpan/CPAN/scripts/cpan
+++ b/cpan/CPAN/scripts/cpan
@@ -3,6 +3,11 @@
 use strict;
 use vars qw($VERSION);
 
+BEGIN {
+    # make sure we can install any modules from CPAN without patching them
+    $ENV{PERL_USE_UNSAFE_INC} = 1;
+}
+
 use App::Cpan '1.60_02';
 $VERSION = '1.61';
 
-- 
2.8.1

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @toddr

0004-Remove-.-from-default-INC.patch
From f712ba245f71688530553aa47471694565a3bb2f Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:53 -0500
Subject: [PATCH 4/4] Remove "." from default @INC

Perl now does not provide . in @INC by default. If you need this legacy feature,
you can re-build with -Dunsafe_inc

Because the testing / make process for perl modules do not function well
with . missing from @INC, Perl now supports the environment variable
PERL_USE_UNSAFE_INC=1 which makes Perl behave as it previously did,
returning . to @INC in all child processes.

Update unit tests and default value files to work with the new %Config
variable "unsafe_inc"

ExtUtils::MakeMaker was patched but has not yet been tested for windows.
---
 Configure                 | 28 ++++++++++++++++++++++++++++
 Cross/config.sh-arm-linux |  1 +
 NetWare/config.wc         |  1 +
 Porting/config.sh         |  1 +
 config_h.SH               |  6 ++++++
 configure.com             |  1 +
 perl.c                    |  9 +++++++--
 plan9/config_sh.sample    |  1 +
 regen/uconfig_h.pl        |  2 +-
 symbian/config.sh         |  1 +
 t/run/runenv.t            |  9 +++++++--
 uconfig.h                 | 10 ++++++++--
 uconfig.sh                |  1 +
 uconfig64.sh              |  1 +
 win32/config.ce           |  1 +
 win32/config.gc           |  1 +
 win32/config.vc           |  1 +
 17 files changed, 68 insertions(+), 7 deletions(-)

diff --git a/Configure b/Configure
index ff864b0..f93cf6b 100755
--- a/Configure
+++ b/Configure
@@ -1384,6 +1384,8 @@ vendorscriptexp=''
 versiononly=''
 yacc=''
 yaccflags=''
+unsafe_inc=''
+
 CONFIG=''
 
 : Detect odd OSs
@@ -5102,6 +5104,31 @@ rp='What is the file extension used for shared libraries?'
 . ./myread
 so="$ans"
 
+: Include . in @INC
+$cat << EOM
+
+Historically Perl has provided a final fallback of the current working
+directory '.' when searching for a library. This, however, can lead to
+problems when a Perl program which loads optional modules is called from
+a shared directory. This can lead to executing unexpected code.
+
+Perl now no longer starts with '.' in @INC unless the environment variable
+PERL_USE_UNSAFE_INC=1 is set.
+
+EOM
+
+case "$unsafe_inc" in
+    $define|true|[yY]*)     dflt="y";;
+    *)  dflt='n';;
+esac
+
+rp='Provide '.' in @INC by default? '
+. ./myread
+case "$ans" in
+    y*|define) unsafe_inc="$define" ;;
+    *)   unsafe_inc="$undef"  ;;
+esac
+
 : Does target system insist that shared library basenames are unique
 $cat << EOM
 
@@ -25325,6 +25352,7 @@ vi='$vi'
 xlibpth='$xlibpth'
 yacc='$yacc'
 yaccflags='$yaccflags'
+unsafe_inc='$unsafe_inc'
 zcat='$zcat'
 zip='$zip'
 EOT
diff --git a/Cross/config.sh-arm-linux b/Cross/config.sh-arm-linux
index 4857806..d52916b 100644
--- a/Cross/config.sh-arm-linux
+++ b/Cross/config.sh-arm-linux
@@ -1103,6 +1103,7 @@ uidsize='4'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned long long'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/NetWare/config.wc b/NetWare/config.wc
index a06d89c..f6af454 100644
--- a/NetWare/config.wc
+++ b/NetWare/config.wc
@@ -1066,6 +1066,7 @@ uidsize='4'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned __int64'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/Porting/config.sh b/Porting/config.sh
index aee9550..0ec31f3 100644
--- a/Porting/config.sh
+++ b/Porting/config.sh
@@ -1128,6 +1128,7 @@ uidsize='4'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned long long'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/config_h.SH b/config_h.SH
index 6bd7c30..a1c98a4 100755
--- a/config_h.SH
+++ b/config_h.SH
@@ -2990,6 +2990,12 @@ sed <<!GROK!THIS! >$CONFIG_H -e 's!^#undef\(.*/\)\*!/\*#define\1 \*!' -e 's!^#un
 #$i_stdarg I_STDARG		/**/
 #$i_varargs I_VARARGS	/**/
 
+/* PERL_UNSAFE_INC_BY_DEFAULT:
+ *     This symbol, when defined, causes @INC to include . as a final fallback.
+ */
+#$unsafe_inc PERL_UNSAFE_INC_BY_DEFAULT                /**/
+
+
 /* PERL_INC_VERSION_LIST:
  *	This variable specifies the list of subdirectories in over
  *	which perl.c:incpush() and lib/lib.pm will automatically
diff --git a/configure.com b/configure.com
index ffcbc22..3de173d 100644
--- a/configure.com
+++ b/configure.com
@@ -6777,6 +6777,7 @@ $ WC "u64size='" + u64size + "'"
 $ WC "u64type='" + u64type + "'"
 $ WC "u8size='" + u8size + "'"
 $ WC "u8type='" + u8type + "'"
+$ WC "unsafe_inc=''"
 $ WC "uidformat='lu'"
 $ WC "uidsign='1'"
 $ WC "uidsize='4'"
diff --git a/perl.c b/perl.c
index 228a0d8..8a32a47 100644
--- a/perl.c
+++ b/perl.c
@@ -4606,8 +4606,13 @@ S_init_perllib(pTHX)
 #endif
 #endif /* !PERL_IS_MINIPERL */
 
-    if (!TAINTING_get)
-	S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    if (!TAINTING_get) {
+#if !defined(PERL_IS_MINIPERL) && !defined(PERL_UNSAFE_INC_BY_DEFAULT)
+        const char * const unsafe = PerlEnv_getenv("PERL_USE_UNSAFE_INC");
+        if (unsafe && strEQ(unsafe, "1"))
+#endif
+          S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    }
 }
 
 #if defined(DOSISH) || defined(__SYMBIAN32__)
diff --git a/plan9/config_sh.sample b/plan9/config_sh.sample
index fef2205..2dc9e79 100644
--- a/plan9/config_sh.sample
+++ b/plan9/config_sh.sample
@@ -1074,6 +1074,7 @@ uidsize='2'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned long long'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/regen/uconfig_h.pl b/regen/uconfig_h.pl
index 99a74f1..1c3d1b2 100755
--- a/regen/uconfig_h.pl
+++ b/regen/uconfig_h.pl
@@ -10,7 +10,7 @@
 
 use strict;
 use Config;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my ($uconfig_h, $uconfig_h_new, $config_h_sh)
     = ('uconfig.h', 'uconfig.h-new', 'config_h.SH');
diff --git a/symbian/config.sh b/symbian/config.sh
index 48cb7a5..223162c 100644
--- a/symbian/config.sh
+++ b/symbian/config.sh
@@ -889,6 +889,7 @@ uidformat='"lu"'
 uidsign='1'
 uidsize='4'
 uidtype=int
+unsafe_inc=''
 uquadtype='uint64_t'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 8861a3d..c8f7975 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,8 +285,13 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
-#is ($default_inc[-1], '.', '. is last in @INC');
+# Based on the unsafe_inc Configuration variable, we either do or don't expect . to be in the default @INC.
+if ( $Config{unsafe_inc} && $Config{unsafe_inc} eq 'define' ) {
+    ok( ( grep { $_ eq '.' } @default_inc ), '. is in @INC' );
+}
+else {
+    ok( ( !grep { $_ eq '.' } @default_inc ), '. is not in @INC' );
+}
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/uconfig.h b/uconfig.h
index e14589e..b52c7ce 100644
--- a/uconfig.h
+++ b/uconfig.h
@@ -2955,6 +2955,12 @@
 #define I_STDARG		/**/
 /*#define I_VARARGS	/ **/
 
+/* PERL_UNSAFE_INC_BY_DEFAULT:
+ *     This symbol, when defined, causes @INC to include . as a final fallback.
+ */
+# PERL_UNSAFE_INC_BY_DEFAULT                /**/
+
+
 /* PERL_INC_VERSION_LIST:
  *	This variable specifies the list of subdirectories in over
  *	which perl.c:incpush() and lib/lib.pm will automatically
@@ -5248,6 +5254,6 @@
 #endif
 
 /* Generated from:
- * dc6a0dd949dd1c707248914e2fdada06beb0e6193be5e94cb1423c6f050e65c3 config_h.SH
- * fc611849cb5b1e14ec1687b255dac15414cc5e2e11b192d94e08136cfe277f75 uconfig.sh
+ * bf51571546f32a94d3b551ed5c839263a7d44664daa320efaf77cfde99da2c6a config_h.SH
+ * a45e3f02525748a692e593ed2ddff26f3d583c752839e98c6d273704c1881a19 uconfig.sh
  * ex: set ro: */
diff --git a/uconfig.sh b/uconfig.sh
index 93a2ee3..a80e55d 100644
--- a/uconfig.sh
+++ b/uconfig.sh
@@ -856,6 +856,7 @@ uidformat='"lu"'
 uidsign='1'
 uidsize='4'
 uidtype=int
+unsafe_inc=''
 uquadtype='uint64_t'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/uconfig64.sh b/uconfig64.sh
index 0b12147..4e43657 100644
--- a/uconfig64.sh
+++ b/uconfig64.sh
@@ -857,6 +857,7 @@ uidformat='"u"'
 uidsign='1'
 uidsize='4'
 uidtype=int
+unsafe_inc=''
 uquadtype='unsigned long'
 use5005threads='undef'
 use64bitall='define'
diff --git a/win32/config.ce b/win32/config.ce
index a5ee737..19dce09 100644
--- a/win32/config.ce
+++ b/win32/config.ce
@@ -1056,6 +1056,7 @@ uidsize='4'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned __int64'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/win32/config.gc b/win32/config.gc
index e9cf4ed..356a482 100644
--- a/win32/config.gc
+++ b/win32/config.gc
@@ -1097,6 +1097,7 @@ uidsize='4'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned long long'
 use5005threads='undef'
 use64bitall='undef'
diff --git a/win32/config.vc b/win32/config.vc
index 2fc37b0..d4f16a6 100644
--- a/win32/config.vc
+++ b/win32/config.vc
@@ -1096,6 +1096,7 @@ uidsize='4'
 uidtype='uid_t'
 uname='uname'
 uniq='uniq'
+unsafe_inc=''
 uquadtype='unsigned __int64'
 use5005threads='undef'
 use64bitall='undef'
-- 
2.8.1

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @Leont

On Tue, Apr 12, 2016 at 2​:15 AM, Todd Rinaldo via RT <
perlbug-followup@​perl.org> wrote​:

On Mon Apr 11 17​:11​:21 2016, tonyc wrote​:

On Mon, Apr 11, 2016 at 04​:54​:19PM -0700, Todd Rinaldo via RT wrote​:

There are 4 commits. Attaching them to the case appears to be a
little noisy, so for the time being, you can track them in the pull
request link I'm providing for reference.

Please attach them.

Tony

Attached.

. is normally at the end of @​INC, so wouldn't it be more appropriate to
push it instead of unshift it?

Leon

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2016

From @toddr

On Tue Apr 12 03​:12​:04 2016, LeonT wrote​:

On Tue, Apr 12, 2016 at 2​:15 AM, Todd Rinaldo via RT <
perlbug-followup@​perl.org> wrote​:

On Mon Apr 11 17​:11​:21 2016, tonyc wrote​:

On Mon, Apr 11, 2016 at 04​:54​:19PM -0700, Todd Rinaldo via RT wrote​:

There are 4 commits. Attaching them to the case appears to be a
little noisy, so for the time being, you can track them in the pull
request link I'm providing for reference.

Please attach them.

Tony

Attached.

. is normally at the end of @​INC, so wouldn't it be more appropriate to
push it instead of unshift it?

Leon

The attached patches make it so . is exactly where it has always been when PERL_USE_UNSAFE_INC=1 is set.

There have been more offline conversations. I'm going to try to pull them into this public location so all are aware.

Q​: We should hide the Configure option so people won't be able to compile perl with . in INC any more? (-Accflags=-DPERL_UNSAFE_INC)
A​: Sure you could and I don't feel strongly about it. But IMO, we let people do much sillier things than this in Configure. I prefer to make the rope readily available to anyone who wants to hang themselves. I vote for leaving the option to put . back in @​INC during Configure as long as it defaults to off.

Q​: Couldn't we just use PERL5LIB?
A​: If you do so then you'll be putting "." in the first not the last spot so you'll end up chasing bugs that happen because the wrong libraries are chosen in the tool chain. You also risk toolchain code manipulating PERL5LIB and breaking this workaround.

Q​: If people need to put . back in @​INC like it was, it should be a Perl command line option (--add-dot-to-inc-flag) or even -MDotInc
A​: If you take this approach, you lose the advantage of the environment variable bleeding through to child processes unless you use PERL5OPT. This happens quite a bit in the tool chain, so you'd have to end up fixing more stuff. Also I suspect that perl 5.8.8 will not take kindly to PERL5OPT="--add-dot-to-inc-flag".

Right now, I've identified the following as work that has to be done outside perl once this merges. The needed patches are already staged in the issues.

1. 3 tickets to update (Makefile|Build).PL module installers to address PERL_USE_UNSAFE_INC​:
https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3AMakefile.PL

2. 3 tickets to fix the CPAN installers (cpanm/cpan/cpanplus) to make use of PERL_USE_UNSAFE_INC (just for good measure)
https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3ACPAN-INSTALLERS

3. 3 tickets to address modules where PERL_USE_UNSAFE_INC doesn't blead through to all installer bits​:
https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3ACPAN

If we do not use PERL_USE_UNSAFE_INC=1, it is my belief that we will end up with WAY more than 9 fixes to CPAN to get this in place. PERL_USE_UNSAFE_INC is also 100% backward compatible.

Todd

@p5pRT
Copy link
Author

p5pRT commented Apr 13, 2016

From @Leont

On Tue, Apr 12, 2016 at 7​:24 PM, Todd Rinaldo via RT <
perlbug-followup@​perl.org> wrote​:

Q​: If people need to put . back in @​INC like it was, it should be a Perl
command line option (--add-dot-to-inc-flag) or even -MDotInc
A​: If you take this approach, you lose the advantage of the environment
variable bleeding through to child processes unless you use PERL5OPT.

I don't see this as an advantage; I see it as an action at a distance and I
generally don't like those. While they can be useful it should always be
the second option, just like how -I has PERL5LIB (though in this case I
don't really see the advantage of a separate variable for this).

This happens quite a bit in the tool chain, so you'd have to end up fixing

more stuff.

I'm not sure it really happens in so many places. It's mostly just running
the Makefile.PL/Build.PL, and running the tests. That's only two niches
that need to be adapted, essentially.

Not saying it's trivial, but I don't think an environmental variable makes
things less complicated than a command line argument.

Also I suspect that perl 5.8.8 will not take kindly to
PERL5OPT="--add-dot-to-inc-flag".

"Doctor, it hurts when I do this".

I can vaguely imagine workflows where this is an issue, but that's the same
sort of workflow where PERL5LIB falls on its face because perl-5.8.whatever
can't load perl-5.22's modules.

Right now, I've identified the following as work that has to be done
outside perl once this merges. The needed patches are already staged in the
issues.

1. 3 tickets to update (Makefile|Build).PL module installers to address
PERL_USE_UNSAFE_INC​:

https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3AMakefile.PL

The way these patches are currently written suggests to me they're intended
for dealing with tests that assume . is in @​INC. In MM these would be
copied to blib/lib anyway, for MB and MBT I suppose it would help if people
put some testing library in a weird place. Adding it in
Test​::Harness/TAP​::Harness would seem like a more obvious place to me
though.

2. 3 tickets to fix the CPAN installers (cpanm/cpan/cpanplus) to make use
of PERL_USE_UNSAFE_INC (just for good measure)

https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3ACPAN-INSTALLERS

Given that there are more than a thousand distributions (according to
grep.cpan.me) on CPAN that do «use inc​::<whatever>» I think it's fairly
unavoidable to handle this here somehow; Module​::Install is largely
responsible for this. This is singlehandedly the one place where this
change will hurt the most.

3. 3 tickets to address modules where PERL_USE_UNSAFE_INC doesn't blead
through to all installer bits​:
https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3ACPAN

I suspect in these cases it's easier to add a BEGIN { push @​INC, '.' } to
these script than to fiddle with the Makefile.PL.

Leon

@p5pRT
Copy link
Author

p5pRT commented Apr 14, 2016

From @ntyni

On Tue, Apr 12, 2016 at 10​:24​:04AM -0700, Todd Rinaldo via RT wrote​:

Q​: We should hide the Configure option so people won't be able to compile perl with . in INC any more? (-Accflags=-DPERL_UNSAFE_INC)
A​: Sure you could and I don't feel strongly about it. But IMO, we let people do much sillier things than this in Configure. I prefer to make the rope readily available to anyone who wants to hang themselves. I vote for leaving the option to put . back in @​INC during Configure as long as it defaults to off.

Thanks very much for driving this.

So far, this discussion seems to have been mostly about fixing toolchain
issues. While those are of course a precondition for this, I'd like to
discuss the problem of potentially breaking user programs.

For people building perl themselves, it seems fine to remove '.' from
@​INC by default and offer a Configure option (hidden or otherwise) to
those who need it. However, various distributions (GNU/Linux variants,
FreeBSD etc.) offer pre-built (binary) perl packages for a "system
perl". The Configure option isn't much use in such cases. So once the
distribution starts shipping perl with no '.' in @​INC, a system perl
upgrade can break user scripts. Users then need to take action, either
by setting PERL_USE_UNSAFE_INC=1 in the script environment, or otherwise
fixing the actual issue.

It seems to me that deprecation warnings could be useful here, so that
distributors could turn them on for one release to notify users that
things will need changing.

I'm thinking of something like

if @​INC is unmodified and
  $ENV{PERL_USE_UNSAFE_INC} is not set and
  require() loads something under "."
then warn "using unsafe @​INC is deprecated and will break in the future"

I suppose this would need a tri-state Configure option or two separate
ones, but I'm sure such details are solvable.

It may be that I'm just too cautious about local breakage.
Do people see something like this as feasible and/or desirable?
--
Niko Tyni ntyni@​debian.org

@p5pRT
Copy link
Author

p5pRT commented Apr 14, 2016

From @toddr

On Tue Apr 12 17​:14​:36 2016, LeonT wrote​:

On Tue, Apr 12, 2016 at 7​:24 PM, Todd Rinaldo via RT <
perlbug-followup@​perl.org> wrote​:

Q​: If people need to put . back in @​INC like it was, it should be a Perl
command line option (--add-dot-to-inc-flag) or even -MDotInc
A​: If you take this approach, you lose the advantage of the environment
variable bleeding through to child processes unless you use PERL5OPT.

I don't see this as an advantage; I see it as an action at a distance and I
generally don't like those. While they can be useful it should always be
the second option, just like how -I has PERL5LIB (though in this case I
don't really see the advantage of a separate variable for this).

PERL_USE_UNSAFE_INC is a shim to minimize the amount of CPAN installation processes that break immediately when we put the core perl patch in. It is the only approach I see that has little or no risk of side effects. I would envision following this up with a special smoker that would find and identify the CPAN modules that are leaning on . in @​INC and submit patches to fix the modules.

This happens quite a bit in the tool chain, so you'd have to end up fixing
more stuff.

Not sure which stuff you mean. The patches I linked to were the only ones I seemed to need with my approach.

I'm not sure it really happens in so many places. It's mostly just running
the Makefile.PL/Build.PL, and running the tests. That's only two niches
that need to be adapted, essentially.

It happens in more places than you seem to think from what I've seen.

Not saying it's trivial, but I don't think an environmental variable makes
things less complicated than a command line argument.

Ok. I'm not sure what your proposal here is. When I proposed this years ago. One of the major objections was how much of the toolchain and CPAN modules we'd have to fix to make this work. It sounds like you're saying you want to take the pure approach of making everything break and then fixing it. Who's going to do that work? From what I've seen, changes in perl that necessitate a small number of modules be fixed up end up being unachievable by the time we get to RC0. I suspect the pure approach would be an order of magnitude worse.

Also I suspect that perl 5.8.8 will not take kindly to
PERL5OPT="--add-dot-to-inc-flag".

"Doctor, it hurts when I do this".

I can vaguely imagine workflows where this is an issue, but that's the same
sort of workflow where PERL5LIB falls on its face because perl-5.8.whatever
can't load perl-5.22's modules.

At this point, the only proposal I've seen that I think has a chance to work without re-releasing 30% of CPAN immediately would be PERL_USE_UNSAFE_INC or something to inject . into PERL5LIB. I am very worried that PERL5LIB will have unexpected side effects since it puts . at the front of @​INC, not the end.

Right now, I've identified the following as work that has to be done
outside perl once this merges. The needed patches are already staged
in the issues.

1. 3 tickets to update (Makefile|Build).PL module installers to address
PERL_USE_UNSAFE_INC​:

https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3AMakefile.PL

The way these patches are currently written suggests to me they're intended
for dealing with tests that assume . is in @​INC. In MM these would be
copied to blib/lib anyway, for MB and MBT I suppose it would help if people
put some testing library in a weird place. Adding it in
Test​::Harness/TAP​::Harness would seem like a more obvious place to me
though.

They are not just for addressing unit tests. I initially tried patching *​::Harness to fix this. It was insufficient to solve the problem.

Makefiles do silly things like generating files with external perl processes, firing up servers for testing, calling a secondary Makfile.PL from a Makefile, etc. When I got to my 20th module that needed special patching beyond harness, I abandoned the approach. You can't just assume unit tests are all that need a @​INC fixup.

2. 3 tickets to fix the CPAN installers (cpanm/cpan/cpanplus) to make use
of PERL_USE_UNSAFE_INC (just for good measure)

https://github.com/toddr/perl/issues?q=is%3Aissue+is%3Aopen+label%3ACPAN-
INSTALLERS

Given that there are more than a thousand distributions (according to
grep.cpan.me) on CPAN that do «use inc​::<whatever>» I think it's fairly
unavoidable to handle this here somehow; Module​::Install is largely
responsible for this. This is singlehandedly the one place where this
change will hurt the most.

Yes. Though I really didn't need to mess with Module​::Install modules at all with my approach.

If we were to immediately deprecate PERL_USE_UNSAFE_INC, would this make you feel any more comfortable? We could then yank it out of perl 5.28. This would give people 2 years to fix their CPAN module, etc so it would be able to work without the env var. I think that would be achievable.

Todd

@p5pRT
Copy link
Author

p5pRT commented Apr 15, 2016

From @ap

* Todd Rinaldo via RT <perlbug-followup@​perl.org> [2016-04-15 00​:23]​:

This would give people 2 years to fix their CPAN module, etc so it
would be able to work without the env var. I think that would be
achievable.

Empirically speaking, getting every distro that uses Module​::Install
re-released in 2 years is a pipe dream.

@p5pRT
Copy link
Author

p5pRT commented May 10, 2016

From @toddr

On Fri Apr 15 06​:39​:41 2016, aristotle wrote​:

* Todd Rinaldo via RT <perlbug-followup@​perl.org> [2016-04-15 00​:23]​:

This would give people 2 years to fix their CPAN module, etc so it
would be able to work without the env var. I think that would be
achievable.

Empirically speaking, getting every distro that uses Module​::Install
re-released in 2 years is a pipe dream.

My brief analysis is that if the CPAN clients did a perl -I. Makefile.PL, this would solve Module​::Install. It is not the same behavior since you're pusing . on the front, but it would work. If we could move forward with this, I would probably have to produce a "wall of todos (shame?)" that identified which modules failed build/test/install due to lack of support for a perl without . in INC.

Todd

@p5pRT
Copy link
Author

p5pRT commented May 10, 2016

From @toddr

More offline conversations...

1. Like others, adding a new, highly-specific environment variable,
PERL_USE_UNSAFE_INC, makes me twitchy. How about instead​:
we add a new perl switch, -J, which is exactly the same as -I, except that
it *appends* to @​INC rather than prepending. This sounds reasonably
general-purpose and useful in its own right.

I'm twitchy about adding new args to Perl WAY more than I am to adding a new environment variable that gets otherwise silently ignored.

I'd rather we provide a module to do this if you really insist on it. (-Mdot)

The main issue is when setting this in places like MakeMaker and the cpan
executable, whether some parts of the build process invoked from there
would want to run a sub-process using a different perl (and version) than that
currently running? If so the child could croak with "Unrecognized switch​:
-J".

Agreed.

2) should perl also special-case Makefile.PL and Build.PL? That is to
say, if the name of the executable perl is about to execute looks like one
of those two, should it add back "."? Otherwise a lot of distributions
will fail to build if done manually (rather than via cpan), e.g.
$ perl Makefile.PL
since things like 'use inc​::Module​::Install' in the script will fail.

Yes this is another way it could go wrong.

3) should the MakeMaker and cpan hacks only set the PERL_USE_UNSAFE_INC /
PERL5OPT env var if $Config{inc_dot or whatever} has the right
value? Thus a perl built with the fully-fascist option wouldn't be adding
-J. to PERL5OPT or whatever.

If you take this approach then you end up with a development version of Perl and half of CPAN being broken. I thought we were trying to avoid this?

4) I'm a bit puzzled why PERL_USE_UNSAFE_INC is set in the cpan executable
rather than in CPAN.pm?

Laziness, Impatience, Hubris. Pick any 3.

I think my original reason was that I wanted to address people who run cpan and then invoke a shell by doing "look Moo". This is also one of the places where everyone's alternatives to PERL_USE_UNSAFE_INC has issues. You're now expecting people who do the install by hand to know why perl Makefile.PL is hurling all over their terminal.

My fix wasn't elegant but allowed me to get my perl distro out with minimal effort. I would prefer an alternative patch with the environment variable in the correct place if someone can provide it.

5) I'm also a bit puzzled why MakeMaker sets PERL_USE_UNSAFE_INC=1 in
MM_Unix.pm when it calls out to perl? Isn't this already
covered by the $ENV{PERL_USE_UNSAFE_INC} = 1 in MakeMaker.pm?

Extra paranoia. No side effects. Maximum visibility that it's being done in the build logs.

Others seem keen to hide the unsafe_inc Configure option "a
little deeper", e.g. make it done with -Accflags=-D... rather than as a
Configure option. I don't yet have a strong opinion either way, but I
would be interested to hear arguments for and against.

If you hide it deeper then it's harder to interrogate %Config about what the current Perl behavior is. Your check would end up having to look like this and I suspect it wouldn't be the only var you'd have to check to be sure. Who are you trying to hide this option from? My impression is that Perl doesn't advocate gun control. Only gun education.

  if ( $Config{cc_flags} && $Config{cc_flags} =~ m/-DPERL_UNSAFE_INC_BY_DEFAULT/ ) {

Should all scripts that come bundled with the perl core remove
"." (if possible)? I think probably yes.

I have taken a look at an even more draconian approach to this patch where we simply remove . from INC and provide no specific environment variable to re-enable it. The uber curmudgeons of the community seem to prefer this. We'd then simply rely on PERL5LIB / -I. / PERL5OPT to accomplish what we need. The alternate approaches will ALL have side effects we will have to address. The patch to Perl to address all the places it requires a relative include path during build are significant. Getting this right will take MUCH more time than the PERL_USE_UNSAFE_INC approach. If everyone is behind the draconian approach, I'm all for it, but it will break many CPAN installs the second perl is released to CPAN with this change.

I'm all for discussing the alternatives but I am having trouble getting a sense of where people stand on my currently submitted patch set. The problem we're trying to solve has been acknowledged for years as an issue, but overly complicated to fix. The solution I've provided is a manageable patch with minimal side effects. It comes at the cost of support for a new environment variable. I hate this too but I hate the status quo even more. The current solution is not ideal but if any of the existing solutions were workable, we would have tried them already, right?

If we take my patches as-is, possibly with some minor fixups, this would give us a way forward to piecemeal fix the rest of core perl incrementally so that it no longer has to depend on . in @​INC. Any alternative requires a significant amount of up front re-work of perl core to even be able to build without support for . in INC.

I don't necessarily want to see this merged tomorrow but I do think it should happen soon so we have a full year to address the CPAN fall out.

How can we move forward on this conversation?

@p5pRT
Copy link
Author

p5pRT commented May 10, 2016

From @cpansprout

On Tue Apr 12 10​:24​:04 2016, TODDR wrote​:

There have been more offline conversations. I'm going to try to pull
them into this public location so all are aware.

I have yet to see (maybe I missed it) what the reasoning was behind making it opt-out, rather than opt-in. That happened at some point during the ‘offline conversations’ you mentioned.

(FWIW, I depend heavily on having . in @​INC in many web applications.)

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Aug 11, 2016

From @xsawyerx

On 08/10/2016 07​:06 PM, Karl Williamson wrote​:

On 08/10/2016 10​:00 AM, Craig A. Berry wrote​:

On Wed, Aug 10, 2016 at 8​:31 AM, Father Chrysostomos via RT
<perlbug-followup@​perl.org> wrote​:

On Tue Aug 09 19​:13​:04 2016, kentfredric@​gmail.com wrote​:

On 10 August 2016 at 08​:58, Craig A. Berry
<craig.a.berry@​gmail.com> wrote​:

Short version​: -DNO_DOT_INC sounds (to me) like we guarantee no
dot in @​INC, but we actually only refrain from putting it there by
default.

Agree. -DNO_DEFAULT_INC_DOT sounds more explanatory to me.

That’s better.

I guess I'll make one more try for a verb and suggest
-Ddefault_inc_excludes_dot.

I like the above wording

+1

Accurate.

@p5pRT
Copy link
Author

p5pRT commented Aug 14, 2016

From @toddr

Attaching 3 updated patches.

Patch 1 should do all of the fixup required to get scripts and unit tests functioning without . in @​INC. It is entirely possible I've left something out which runs on another platform and wouldn't be visible to me.

Patch 2 Is the change. Perl will build with . in @​INC unless you answer interactively during Configure or build perl with -Ddefault_inc_excludes_dot.

For the most part, Configure and perl.c were the only thing changed but you have to modify quite a few files when you add a Configure variable.

I may be re-stating but I believe VMS may need a minor patch to command.com. If I recall correctly, I was told there are VMS specialists that usually help with the needful after the fact.

Patch 3 modifies digest entries directly for some of the files I modified. Given the nature of the files that were modified, I don't really see a reason for me to re-gen these files. When I played with doing so, I found far more changes than just the digest variable, which probably means my bison parser does not match the normal ones used to generated these files?

The above patches should make it possible but not default to build a perl without . in @​INC. Once these changes are applied, it is my understanding that people want a crack at fixing CPAN when Perl is built with -Ddefault_inc_excludes_dot. Please let me know if you need anything further.

Thanks,
Todd

@p5pRT
Copy link
Author

p5pRT commented Aug 14, 2016

From @toddr

0001-Patch-unit-tests-to-explicitly-insert-.-into-INC-whe.patch
From 806dc6c15c0c6f8fbd277e61ca34d43faf022af9 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:29 -0500
Subject: [PATCH 1/3] Patch unit tests to explicitly insert "." into @INC when
 needed.

require calls now require ./ to be prepended to the file since . is no
longer guaranteed to be in @INC.
---
 Makefile.SH                              | 2 +-
 Porting/checkcfgvar.pl                   | 2 +-
 Porting/makemeta                         | 2 +-
 Porting/new-perldelta.pl                 | 2 +-
 Porting/pod_rules.pl                     | 2 +-
 TestInit.pm                              | 2 +-
 autodoc.pl                               | 4 ++--
 cpan/Devel-PPPort/devel/mktodo           | 2 +-
 cpan/Devel-PPPort/devel/mktodo.pl        | 2 +-
 cpan/Devel-PPPort/devel/regenerate       | 2 +-
 cpan/Devel-PPPort/devel/scanprov         | 2 +-
 cpan/Devel-PPPort/parts/apicheck.pl      | 2 +-
 cpan/Math-BigInt/t/bare_mbf.t            | 2 +-
 cpan/Math-BigInt/t/bare_mbi.t            | 2 +-
 cpan/Math-BigInt/t/bare_mif.t            | 2 +-
 cpan/Math-BigInt/t/bigfltpm.t            | 2 +-
 cpan/Math-BigInt/t/bigintpm.t            | 2 +-
 cpan/Math-BigInt/t/mbf_ali.t             | 2 +-
 cpan/Math-BigInt/t/mbi_ali.t             | 2 +-
 cpan/Math-BigInt/t/mbimbf.t              | 2 +-
 cpan/Math-BigInt/t/sub_ali.t             | 2 +-
 cpan/Math-BigInt/t/sub_mbf.t             | 2 +-
 cpan/Math-BigInt/t/sub_mbi.t             | 2 +-
 cpan/Math-BigInt/t/sub_mif.t             | 2 +-
 cpan/Math-BigInt/t/upgrade.t             | 2 +-
 cpan/Math-BigInt/t/upgradef.t            | 2 +-
 cpan/Math-BigInt/t/with_sub.t            | 2 +-
 cpan/Math-BigRat/t/bigfltrt.t            | 2 +-
 cpan/Math-BigRat/t/bigratpm.t            | 2 +-
 cpan/perlfaq/lib/perlfaq5.pod            | 4 ++--
 cpan/perlfaq/lib/perlfaq8.pod            | 2 +-
 dist/Thread-Queue/t/01_basic.t           | 2 +-
 dist/Thread-Queue/t/02_refs.t            | 2 +-
 dist/Thread-Queue/t/03_peek.t            | 2 +-
 dist/Thread-Queue/t/05_extract.t         | 2 +-
 dist/Thread-Queue/t/06_insert.t          | 2 +-
 dist/Thread-Queue/t/07_lock.t            | 2 +-
 dist/Thread-Queue/t/10_timed.t           | 2 +-
 dist/Thread-Semaphore/t/01_basic.t       | 2 +-
 dist/Thread-Semaphore/t/04_nonblocking.t | 2 +-
 dist/Thread-Semaphore/t/05_force.t       | 2 +-
 ext/DynaLoader/t/DynaLoader.t            | 2 +-
 h2pl/cbreak.pl                           | 2 +-
 h2pl/cbreak2.pl                          | 2 +-
 lib/h2ph.t                               | 1 -
 lib/strict.t                             | 2 +-
 lib/warnings.t                           | 2 +-
 makedef.pl                               | 2 +-
 pod/buildtoc                             | 2 +-
 pod/perlmodlib.PL                        | 2 +-
 regen.pl                                 | 2 +-
 regen/ebcdic.pl                          | 7 +++++--
 regen/embed.pl                           | 4 ++--
 regen/feature.pl                         | 2 +-
 regen/genpacksizetables.pl               | 2 +-
 regen/keywords.pl                        | 2 +-
 regen/lib_cleanup.pl                     | 4 ++--
 regen/mg_vtable.pl                       | 2 +-
 regen/miniperlmain.pl                    | 2 +-
 regen/mk_PL_charclass.pl                 | 4 ++--
 regen/mk_invlists.pl                     | 4 ++--
 regen/opcode.pl                          | 4 ++--
 regen/overload.pl                        | 2 +-
 regen/reentr.pl                          | 2 +-
 regen/regcharclass.pl                    | 4 ++--
 regen/regcomp.pl                         | 2 +-
 regen/uconfig_h.pl                       | 2 +-
 regen/unicode_constants.pl               | 4 ++--
 regen/warnings.pl                        | 2 +-
 regen_perly.pl                           | 2 +-
 t/comp/line_debug.t                      | 2 ++
 t/lib/warnings/op                        | 1 +
 t/op/goto.t                              | 2 +-
 t/porting/authors.t                      | 2 +-
 t/porting/bench.t                        | 2 +-
 t/porting/cmp_version.t                  | 2 +-
 t/porting/corelist.t                     | 2 +-
 t/porting/diag.t                         | 4 ++--
 t/porting/globvar.t                      | 2 +-
 t/porting/manifest.t                     | 2 +-
 t/porting/pending-author.t               | 2 +-
 t/porting/pod_rules.t                    | 2 +-
 t/porting/readme.t                       | 2 +-
 t/porting/regen.t                        | 6 +++---
 t/porting/utils.t                        | 2 +-
 t/re/pat.t                               | 6 +++---
 t/run/runenv.t                           | 3 ++-
 t/run/switches.t                         | 6 +++---
 t/test.pl                                | 3 ++-
 utils/Makefile.PL                        | 2 +-
 utils/c2ph.PL                            | 4 ++--
 utils/perlivp.PL                         | 2 +-
 92 files changed, 115 insertions(+), 108 deletions(-)

diff --git a/Makefile.SH b/Makefile.SH
index 561d5e1..c61046a 100755
--- a/Makefile.SH
+++ b/Makefile.SH
@@ -345,7 +345,7 @@ RUN_PERL = \$(LDLIBPTH) \$(RUN) $perl\$(EXE_EXT)
 	$spitshell >>$Makefile <<!GROK!THIS!
 # Macros to invoke a copy of our fully operational perl during the build.
 PERL_EXE = perl\$(EXE_EXT)
-RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib
+RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib -I.
 !GROK!THIS!
 	;;
 esac
diff --git a/Porting/checkcfgvar.pl b/Porting/checkcfgvar.pl
index 4dc93df..601be18 100755
--- a/Porting/checkcfgvar.pl
+++ b/Porting/checkcfgvar.pl
@@ -36,7 +36,7 @@ GetOptions (
 
 $default and $default =~ s/^'(.*)'$/$1/; # Will be quoted on generation
 
-require 'regen/regen_lib.pl' if $opt_r;
+require './regen/regen_lib.pl' if $opt_r;
 
 my $MASTER_CFG = "config_h.SH";
 # Inclusive bounds on the main part of the file, $section == 1 below:
diff --git a/Porting/makemeta b/Porting/makemeta
index cb6944e..249f2d4 100644
--- a/Porting/makemeta
+++ b/Porting/makemeta
@@ -61,7 +61,7 @@ use CPAN::Meta;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 use Maintainers qw(%Modules get_module_files get_module_pat);
diff --git a/Porting/new-perldelta.pl b/Porting/new-perldelta.pl
index 09b7783..47376cb 100644
--- a/Porting/new-perldelta.pl
+++ b/Porting/new-perldelta.pl
@@ -4,7 +4,7 @@ use strict;
 # This needs to be able to run from a clean checkout, hence assume only system
 # perl, which may be too old to have autodie
 
-require 'Porting/pod_lib.pl';
+require './Porting/pod_lib.pl';
 
 my $state = get_pod_metadata(1);
 my (undef, $old_major, $old_minor) = @{$state->{delta_version}};
diff --git a/Porting/pod_rules.pl b/Porting/pod_rules.pl
index af5550e..582d658 100644
--- a/Porting/pod_rules.pl
+++ b/Porting/pod_rules.pl
@@ -32,7 +32,7 @@ if (ord("A") == 193) {
             # plan9 =>  'plan9/mkfile',
            );
 
-require 'Porting/pod_lib.pl';
+require './Porting/pod_lib.pl';
 sub my_die;
 
 # process command-line switches
diff --git a/TestInit.pm b/TestInit.pm
index f4ed6fd..f9a5e91 100644
--- a/TestInit.pm
+++ b/TestInit.pm
@@ -47,7 +47,7 @@ sub import {
 	} elsif ($_ eq 'T') {
 	    $chdir = '..'
 		unless -f 't/TEST' && -f 'MANIFEST' && -d 'lib' && -d 'ext';
-	    @INC = 'lib';
+	    @INC = qw/ lib . /;
 	    $setopt = 1;
 	} else {
 	    die "Unknown option '$_'";
diff --git a/autodoc.pl b/autodoc.pl
index 161310d..220ac28 100644
--- a/autodoc.pl
+++ b/autodoc.pl
@@ -29,8 +29,8 @@ if (@ARGV) {
     chdir $workdir
         or die "Couldn't chdir to '$workdir': $!";
 }
-require 'regen/regen_lib.pl';
-require 'regen/embed_lib.pl';
+require './regen/regen_lib.pl';
+require './regen/embed_lib.pl';
 
 #
 # See database of global and static function prototypes in embed.fnc
diff --git a/cpan/Devel-PPPort/devel/mktodo b/cpan/Devel-PPPort/devel/mktodo
index c5c2a9b..2eb9ea3 100644
--- a/cpan/Devel-PPPort/devel/mktodo
+++ b/cpan/Devel-PPPort/devel/mktodo
@@ -17,7 +17,7 @@
 use strict;
 use Getopt::Long;
 
-require 'devel/devtools.pl';
+require './devel/devtools.pl';
 
 our %opt = (
   base    => 0,
diff --git a/cpan/Devel-PPPort/devel/mktodo.pl b/cpan/Devel-PPPort/devel/mktodo.pl
index 9345a23..c479eab 100644
--- a/cpan/Devel-PPPort/devel/mktodo.pl
+++ b/cpan/Devel-PPPort/devel/mktodo.pl
@@ -22,7 +22,7 @@ use IO::Select;
 use Config;
 use Time::HiRes qw( gettimeofday tv_interval );
 
-require 'devel/devtools.pl';
+require './devel/devtools.pl';
 
 our %opt = (
   debug   => 0,
diff --git a/cpan/Devel-PPPort/devel/regenerate b/cpan/Devel-PPPort/devel/regenerate
index dad5338..bc1742d 100644
--- a/cpan/Devel-PPPort/devel/regenerate
+++ b/cpan/Devel-PPPort/devel/regenerate
@@ -20,7 +20,7 @@ use File::Copy;
 use Getopt::Long;
 use Pod::Usage;
 
-require 'devel/devtools.pl';
+require './devel/devtools.pl';
 
 our %opt = (
   check   => 1,
diff --git a/cpan/Devel-PPPort/devel/scanprov b/cpan/Devel-PPPort/devel/scanprov
index 86910e4..804524c 100644
--- a/cpan/Devel-PPPort/devel/scanprov
+++ b/cpan/Devel-PPPort/devel/scanprov
@@ -17,7 +17,7 @@
 use strict;
 use Getopt::Long;
 
-require 'parts/ppptools.pl';
+require './parts/ppptools.pl';
 
 our %opt = (
   mode    => 'check',
diff --git a/cpan/Devel-PPPort/parts/apicheck.pl b/cpan/Devel-PPPort/parts/apicheck.pl
index ac119a6..69d8502 100644
--- a/cpan/Devel-PPPort/parts/apicheck.pl
+++ b/cpan/Devel-PPPort/parts/apicheck.pl
@@ -15,7 +15,7 @@
 ################################################################################
 
 use strict;
-require 'parts/ppptools.pl';
+require './parts/ppptools.pl';
 
 if (@ARGV) {
   my $file = pop @ARGV;
diff --git a/cpan/Math-BigInt/t/bare_mbf.t b/cpan/Math-BigInt/t/bare_mbf.t
index 6b9af66..2167dca 100644
--- a/cpan/Math-BigInt/t/bare_mbf.t
+++ b/cpan/Math-BigInt/t/bare_mbf.t
@@ -13,4 +13,4 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigFloat";
 $CALC  = "Math::BigInt::BareCalc";      # backend
 
-require 't/bigfltpm.inc';	        # all tests here for sharing
+require './t/bigfltpm.inc';	        # all tests here for sharing
diff --git a/cpan/Math-BigInt/t/bare_mbi.t b/cpan/Math-BigInt/t/bare_mbi.t
index 93dbc7a..f2b768d 100644
--- a/cpan/Math-BigInt/t/bare_mbi.t
+++ b/cpan/Math-BigInt/t/bare_mbi.t
@@ -15,4 +15,4 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigInt";
 $CALC  = "Math::BigInt::BareCalc";      # backend
 
-require 't/bigintpm.inc';               # perform same tests as bigintpm.t
+require './t/bigintpm.inc';               # perform same tests as bigintpm.t
diff --git a/cpan/Math-BigInt/t/bare_mif.t b/cpan/Math-BigInt/t/bare_mif.t
index d63e3da..e7b9774 100644
--- a/cpan/Math-BigInt/t/bare_mif.t
+++ b/cpan/Math-BigInt/t/bare_mif.t
@@ -21,4 +21,4 @@ $mbf = 'Math::BigFloat';
 is(Math::BigInt->config()->{lib}, 'Math::BigInt::BareCalc',
    'Math::BigInt->config()->{lib}');
 
-require 't/mbimbf.inc';
+require './t/mbimbf.inc';
diff --git a/cpan/Math-BigInt/t/bigfltpm.t b/cpan/Math-BigInt/t/bigfltpm.t
index 629cb56..a256b9f 100644
--- a/cpan/Math-BigInt/t/bigfltpm.t
+++ b/cpan/Math-BigInt/t/bigfltpm.t
@@ -33,4 +33,4 @@ SKIP: {
     is(ref($e->{_e}->[0]), '', '$e->{_e}->[0] is a scalar');
 }
 
-require 't/bigfltpm.inc';	# all tests here for sharing
+require './t/bigfltpm.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigInt/t/bigintpm.t b/cpan/Math-BigInt/t/bigintpm.t
index e87e05a..cd552ca 100644
--- a/cpan/Math-BigInt/t/bigintpm.t
+++ b/cpan/Math-BigInt/t/bigintpm.t
@@ -44,4 +44,4 @@ is($x, "9903520314281112085086151826",
 #############################################################################
 # all the other tests
 
-require 't/bigintpm.inc';       # all tests here for sharing
+require './t/bigintpm.inc';       # all tests here for sharing
diff --git a/cpan/Math-BigInt/t/mbf_ali.t b/cpan/Math-BigInt/t/mbf_ali.t
index b44b64c..3999aa7 100644
--- a/cpan/Math-BigInt/t/mbf_ali.t
+++ b/cpan/Math-BigInt/t/mbf_ali.t
@@ -12,4 +12,4 @@ use Math::BigFloat;
 our $CLASS;
 $CLASS = 'Math::BigFloat';
 
-require 't/alias.inc';
+require './t/alias.inc';
diff --git a/cpan/Math-BigInt/t/mbi_ali.t b/cpan/Math-BigInt/t/mbi_ali.t
index e65aa3c..45ed6c4 100644
--- a/cpan/Math-BigInt/t/mbi_ali.t
+++ b/cpan/Math-BigInt/t/mbi_ali.t
@@ -12,4 +12,4 @@ use Math::BigInt;
 our $CLASS;
 $CLASS = 'Math::BigInt';
 
-require 't/alias.inc';
+require './t/alias.inc';
diff --git a/cpan/Math-BigInt/t/mbimbf.t b/cpan/Math-BigInt/t/mbimbf.t
index dd65da4..107da31 100644
--- a/cpan/Math-BigInt/t/mbimbf.t
+++ b/cpan/Math-BigInt/t/mbimbf.t
@@ -15,7 +15,7 @@ use Math::BigFloat;
 our $mbi = 'Math::BigInt';
 our $mbf = 'Math::BigFloat';
 
-require 't/mbimbf.inc';
+require './t/mbimbf.inc';
 
 # some tests that won't work with subclasses, since the things are only
 # guaranteed in the Math::Big(Int|Float) (unless subclass chooses to support
diff --git a/cpan/Math-BigInt/t/sub_ali.t b/cpan/Math-BigInt/t/sub_ali.t
index 6023be3..2f145b4 100644
--- a/cpan/Math-BigInt/t/sub_ali.t
+++ b/cpan/Math-BigInt/t/sub_ali.t
@@ -14,4 +14,4 @@ use Math::BigInt::Subclass;
 our $CLASS;
 $CLASS = 'Math::BigInt::Subclass';
 
-require 't/alias.inc';
+require './t/alias.inc';
diff --git a/cpan/Math-BigInt/t/sub_mbf.t b/cpan/Math-BigInt/t/sub_mbf.t
index 69311d4..e438581 100644
--- a/cpan/Math-BigInt/t/sub_mbf.t
+++ b/cpan/Math-BigInt/t/sub_mbf.t
@@ -14,7 +14,7 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigFloat::Subclass";
 $CALC  = Math::BigFloat->config()->{lib};       # backend
 
-require 't/bigfltpm.inc';	# perform same tests as bigfltpm
+require './t/bigfltpm.inc';	# perform same tests as bigfltpm
 
 ###############################################################################
 # Now do custom tests for Subclass itself
diff --git a/cpan/Math-BigInt/t/sub_mbi.t b/cpan/Math-BigInt/t/sub_mbi.t
index e991ad9..500f2a4 100644
--- a/cpan/Math-BigInt/t/sub_mbi.t
+++ b/cpan/Math-BigInt/t/sub_mbi.t
@@ -14,7 +14,7 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigInt::Subclass";
 $CALC  = "Math::BigInt::Calc";          # backend
 
-require 't/bigintpm.inc';	        # perform same tests as bigintpm
+require './t/bigintpm.inc';	        # perform same tests as bigintpm
 
 ###############################################################################
 # Now do custom tests for Subclass itself
diff --git a/cpan/Math-BigInt/t/sub_mif.t b/cpan/Math-BigInt/t/sub_mif.t
index 96bf82f..250db3f 100644
--- a/cpan/Math-BigInt/t/sub_mif.t
+++ b/cpan/Math-BigInt/t/sub_mif.t
@@ -17,4 +17,4 @@ our ($mbi, $mbf);
 $mbi = 'Math::BigInt::Subclass';
 $mbf = 'Math::BigFloat::Subclass';
 
-require 't/mbimbf.inc';
+require './t/mbimbf.inc';
diff --git a/cpan/Math-BigInt/t/upgrade.t b/cpan/Math-BigInt/t/upgrade.t
index 2307a48..7ed4378 100644
--- a/cpan/Math-BigInt/t/upgrade.t
+++ b/cpan/Math-BigInt/t/upgrade.t
@@ -19,4 +19,4 @@ is(Math::BigInt->upgrade(), "Math::BigFloat",
 is(Math::BigInt->downgrade() || "", "",
    qq/Math::BigInt->downgrade() || ""/);
 
-require 't/upgrade.inc';	# all tests here for sharing
+require './t/upgrade.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigInt/t/upgradef.t b/cpan/Math-BigInt/t/upgradef.t
index d208890..dbe373f 100644
--- a/cpan/Math-BigInt/t/upgradef.t
+++ b/cpan/Math-BigInt/t/upgradef.t
@@ -67,4 +67,4 @@ is($z, 321,
    . q| $z = $x->badd($y); $z|);
 
 # not yet:
-#require 't/upgrade.inc';	# all tests here for sharing
+#require './t/upgrade.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigInt/t/with_sub.t b/cpan/Math-BigInt/t/with_sub.t
index 2c54107..299eea5 100644
--- a/cpan/Math-BigInt/t/with_sub.t
+++ b/cpan/Math-BigInt/t/with_sub.t
@@ -19,4 +19,4 @@ $CALC  = "Math::BigInt::Calc";          # backend
 is(Math::BigFloat->config()->{with}, 'Math::BigInt::Calc',
    'Math::BigFloat->config()->{with}');
 
-require 't/bigfltpm.inc';	# all tests here for sharing
+require './t/bigfltpm.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigRat/t/bigfltrt.t b/cpan/Math-BigRat/t/bigfltrt.t
index 4f36bde..97f8032 100644
--- a/cpan/Math-BigRat/t/bigfltrt.t
+++ b/cpan/Math-BigRat/t/bigfltrt.t
@@ -16,4 +16,4 @@ $CALC  = "Math::BigInt::Calc";
 pass();
 
 # fails still too many tests
-#require 't/bigfltpm.inc';		# all tests here for sharing
+#require './t/bigfltpm.inc';		# all tests here for sharing
diff --git a/cpan/Math-BigRat/t/bigratpm.t b/cpan/Math-BigRat/t/bigratpm.t
index a5bb947..675d1e9 100644
--- a/cpan/Math-BigRat/t/bigratpm.t
+++ b/cpan/Math-BigRat/t/bigratpm.t
@@ -11,4 +11,4 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigRat";
 $CALC  = "Math::BigInt::Calc";  # backend
 
-require 't/bigratpm.inc';	# all tests here for sharing
+require './t/bigratpm.inc';	# all tests here for sharing
diff --git a/cpan/perlfaq/lib/perlfaq5.pod b/cpan/perlfaq/lib/perlfaq5.pod
index 22e88b8..239f92a 100644
--- a/cpan/perlfaq/lib/perlfaq5.pod
+++ b/cpan/perlfaq/lib/perlfaq5.pod
@@ -1278,7 +1278,7 @@ comes with Perl tries to convert C include files to Perl code, which
 can be C<require>d. FIONREAD ends up defined as a function in the
 I<sys/ioctl.ph> file:
 
-    require 'sys/ioctl.ph';
+    require './sys/ioctl.ph';
 
     $size = pack("L", 0);
     ioctl(FH, FIONREAD(), $size)    or die "Couldn't call ioctl: $!\n";
@@ -1378,7 +1378,7 @@ used for things that Perl opened itself, even if it was a dup of a
 numeric descriptor as with C<MHCONTEXT> above. But if you really have
 to, you may be able to do this:
 
-    require 'sys/syscall.ph';
+    require './sys/syscall.ph';
     my $rc = syscall(SYS_close(), $fd + 0);  # must force numeric
     die "can't sysclose $fd: $!" unless $rc == -1;
 
diff --git a/cpan/perlfaq/lib/perlfaq8.pod b/cpan/perlfaq/lib/perlfaq8.pod
index 3431417..42b27ab 100644
--- a/cpan/perlfaq/lib/perlfaq8.pod
+++ b/cpan/perlfaq/lib/perlfaq8.pod
@@ -239,7 +239,7 @@ and in pixels:
 This is more portable than the raw C<ioctl>, but not as
 illustrative:
 
-    require 'sys/ioctl.ph';
+    require './sys/ioctl.ph';
     die "no TIOCGWINSZ " unless defined &TIOCGWINSZ;
     open(my $tty_fh, "+</dev/tty")                     or die "No tty: $!";
     unless (ioctl($tty_fh, &TIOCGWINSZ, $winsize='')) {
diff --git a/dist/Thread-Queue/t/01_basic.t b/dist/Thread-Queue/t/01_basic.t
index 2983f0b..4ec5195 100644
--- a/dist/Thread-Queue/t/01_basic.t
+++ b/dist/Thread-Queue/t/01_basic.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/02_refs.t b/dist/Thread-Queue/t/02_refs.t
index 0cebdc1..fdf8f6b 100644
--- a/dist/Thread-Queue/t/02_refs.t
+++ b/dist/Thread-Queue/t/02_refs.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/03_peek.t b/dist/Thread-Queue/t/03_peek.t
index d543b59..29ef75e 100644
--- a/dist/Thread-Queue/t/03_peek.t
+++ b/dist/Thread-Queue/t/03_peek.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/05_extract.t b/dist/Thread-Queue/t/05_extract.t
index de0e78b..d8cb417 100644
--- a/dist/Thread-Queue/t/05_extract.t
+++ b/dist/Thread-Queue/t/05_extract.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/06_insert.t b/dist/Thread-Queue/t/06_insert.t
index 4f9d1df..93617e1 100644
--- a/dist/Thread-Queue/t/06_insert.t
+++ b/dist/Thread-Queue/t/06_insert.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/07_lock.t b/dist/Thread-Queue/t/07_lock.t
index b20e060..6337221 100644
--- a/dist/Thread-Queue/t/07_lock.t
+++ b/dist/Thread-Queue/t/07_lock.t
@@ -14,7 +14,7 @@ use Thread::Queue;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/10_timed.t b/dist/Thread-Queue/t/10_timed.t
index 8404720..da8b03a 100644
--- a/dist/Thread-Queue/t/10_timed.t
+++ b/dist/Thread-Queue/t/10_timed.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Semaphore/t/01_basic.t b/dist/Thread-Semaphore/t/01_basic.t
index b10f725..be3a223 100644
--- a/dist/Thread-Semaphore/t/01_basic.t
+++ b/dist/Thread-Semaphore/t/01_basic.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Semaphore/t/04_nonblocking.t b/dist/Thread-Semaphore/t/04_nonblocking.t
index d1538e8..bef964e 100644
--- a/dist/Thread-Semaphore/t/04_nonblocking.t
+++ b/dist/Thread-Semaphore/t/04_nonblocking.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Semaphore/t/05_force.t b/dist/Thread-Semaphore/t/05_force.t
index 8803cfa..667efba 100644
--- a/dist/Thread-Semaphore/t/05_force.t
+++ b/dist/Thread-Semaphore/t/05_force.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/ext/DynaLoader/t/DynaLoader.t b/ext/DynaLoader/t/DynaLoader.t
index 77fb65d..7fe30b3 100644
--- a/ext/DynaLoader/t/DynaLoader.t
+++ b/ext/DynaLoader/t/DynaLoader.t
@@ -4,7 +4,7 @@ use strict;
 use Config;
 push @INC, '.';
 if (-f 't/test.pl') {
-  require 't/test.pl';
+  require './t/test.pl';
 } else {
   require '../../t/test.pl';
 }
diff --git a/h2pl/cbreak.pl b/h2pl/cbreak.pl
index 422185e..ad4c187 100644
--- a/h2pl/cbreak.pl
+++ b/h2pl/cbreak.pl
@@ -12,7 +12,7 @@ sub set_cbreak {
     local($on) = @_;
 
     require 'sizeof.ph';
-    require 'sys/ioctl.ph';
+    require './sys/ioctl.ph';
 
     ioctl(STDIN,&TIOCGETP,$sgttyb)
         || die "Can't ioctl TIOCGETP: $!";
diff --git a/h2pl/cbreak2.pl b/h2pl/cbreak2.pl
index 8ac55a3..db71d26 100644
--- a/h2pl/cbreak2.pl
+++ b/h2pl/cbreak2.pl
@@ -11,7 +11,7 @@ sub cooked {
 sub set_cbreak {
     local($on) = @_;
 
-    require 'sys/ioctl.pl';
+    require './sys/ioctl.pl';
 
     ioctl(STDIN,$TIOCGETP,$sgttyb)
         || die "Can't ioctl TIOCGETP: $!";
diff --git a/lib/h2ph.t b/lib/h2ph.t
index 64d9dc0..bdcc389 100644
--- a/lib/h2ph.t
+++ b/lib/h2ph.t
@@ -1,5 +1,4 @@
 #!./perl
-use strict;
 
 # quickie tests to see if h2ph actually runs and does more or less what is
 # expected
diff --git a/lib/strict.t b/lib/strict.t
index d6c6ed0..bfee762 100644
--- a/lib/strict.t
+++ b/lib/strict.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $local_tests = 6;
 require "../t/lib/common.pl";
diff --git a/lib/warnings.t b/lib/warnings.t
index ee696fe..7c24f3a 100644
--- a/lib/warnings.t
+++ b/lib/warnings.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $UTF8 = (${^OPEN} || "") =~ /:utf8/;
 require "../t/lib/common.pl";
diff --git a/makedef.pl b/makedef.pl
index 80723ca..767e428 100644
--- a/makedef.pl
+++ b/makedef.pl
@@ -70,7 +70,7 @@ BEGIN {
 }
 use constant PLATFORM => $ARGS{PLATFORM};
 
-require "$ARGS{TARG_DIR}regen/embed_lib.pl";
+require "./$ARGS{TARG_DIR}regen/embed_lib.pl";
 
 # Is the following guard strictly necessary? Added during refactoring
 # to keep the same behaviour when merging other code into here.
diff --git a/pod/buildtoc b/pod/buildtoc
index acb8cf6..75bdcf2 100644
--- a/pod/buildtoc
+++ b/pod/buildtoc
@@ -14,7 +14,7 @@ no locale;
 BEGIN {
   my $Top = File::Spec->catdir($FindBin::Bin, File::Spec->updir);
   chdir $Top or die "Can't chdir to $Top: $!";
-  require 'Porting/pod_lib.pl';
+  require './Porting/pod_lib.pl';
 }
 
 die "$0: Usage: $0 [--quiet]\n"
diff --git a/pod/perlmodlib.PL b/pod/perlmodlib.PL
index 484d906..6ebe844 100644
--- a/pod/perlmodlib.PL
+++ b/pod/perlmodlib.PL
@@ -13,7 +13,7 @@ if (@ARGV) {
     chdir $workdir
         or die "Couldn't chdir to '$workdir': $!";
 }
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 # MANIFEST itself is Unix style filenames, so we have to assume that Unix style
 # filenames will work.
diff --git a/regen.pl b/regen.pl
index 8788668..71a6eda 100644
--- a/regen.pl
+++ b/regen.pl
@@ -15,7 +15,7 @@ use strict;
 
 my $tap = $ARGV[0] && $ARGV[0] eq '--tap' ? '# ' : '';
 foreach my $pl (map {chomp; "regen/$_"} <DATA>) {
-  my @command =  ($^X, $pl, @ARGV);
+  my @command =  ($^X, '-I.', $pl, @ARGV);
   print "$tap@command\n";
   system @command
     and die "@command failed: $?" 
diff --git a/regen/ebcdic.pl b/regen/ebcdic.pl
index fa8a051..a3e049d 100644
--- a/regen/ebcdic.pl
+++ b/regen/ebcdic.pl
@@ -1,8 +1,11 @@
 use v5.16.0;
 use strict;
 use warnings;
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+
+BEGIN { unshift @INC, '.' }
+
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 
 # Generates the EBCDIC translation tables that were formerly hard-coded into
 # utfebcdic.h
diff --git a/regen/embed.pl b/regen/embed.pl
index 6007d92..3234cc0 100755
--- a/regen/embed.pl
+++ b/regen/embed.pl
@@ -26,8 +26,8 @@ use strict;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
-    require 'regen/embed_lib.pl';
+    require './regen/regen_lib.pl';
+    require './regen/embed_lib.pl';
 }
 
 my $SPLINT = 0; # Turn true for experimental splint support http://www.splint.org
diff --git a/regen/feature.pl b/regen/feature.pl
index 97d0359..f8cf4a8 100755
--- a/regen/feature.pl
+++ b/regen/feature.pl
@@ -11,7 +11,7 @@
 # This script is normally invoked from regen.pl.
 
 BEGIN {
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
     push @INC, './lib';
 }
 use strict ;
diff --git a/regen/genpacksizetables.pl b/regen/genpacksizetables.pl
index 7a03dcd..d886822 100644
--- a/regen/genpacksizetables.pl
+++ b/regen/genpacksizetables.pl
@@ -3,7 +3,7 @@
 # it will generate EBCDIC too. (TODO)
 use strict;
 use Encode;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 sub make_text {
     my ($chrmap, $letter, $unpredictable, $nocsum, $size, $condition) = @_;
diff --git a/regen/keywords.pl b/regen/keywords.pl
index eafe58c..9619d86 100755
--- a/regen/keywords.pl
+++ b/regen/keywords.pl
@@ -11,7 +11,7 @@
 use strict;
 use Devel::Tokenizer::C 0.05;
 
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my $h = open_new('keywords.h', '>',
 		 { by => 'regen/keywords.pl', from => 'its data',
diff --git a/regen/lib_cleanup.pl b/regen/lib_cleanup.pl
index c9d6e43..5e40b40 100644
--- a/regen/lib_cleanup.pl
+++ b/regen/lib_cleanup.pl
@@ -1,7 +1,7 @@
 #!perl -w
 use strict;
-require 'regen/regen_lib.pl';
-require 'Porting/pod_lib.pl';
+require './regen/regen_lib.pl';
+require './Porting/pod_lib.pl';
 use vars qw($TAP $Verbose);
 
 # For processing later
diff --git a/regen/mg_vtable.pl b/regen/mg_vtable.pl
index a05a7d4..342f5e0 100644
--- a/regen/mg_vtable.pl
+++ b/regen/mg_vtable.pl
@@ -20,7 +20,7 @@ require 5.004;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 my %mg =
diff --git a/regen/miniperlmain.pl b/regen/miniperlmain.pl
index 9123b3f..37a3fff 100644
--- a/regen/miniperlmain.pl
+++ b/regen/miniperlmain.pl
@@ -4,7 +4,7 @@ use strict;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
     unshift @INC, 'ext/ExtUtils-Miniperl/lib';
 }
 
diff --git a/regen/mk_PL_charclass.pl b/regen/mk_PL_charclass.pl
index 5b609e5..8b217b3 100644
--- a/regen/mk_PL_charclass.pl
+++ b/regen/mk_PL_charclass.pl
@@ -2,8 +2,8 @@
 use v5.15.8;
 use strict;
 use warnings;
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 
 # This program outputs l1_charclass_tab.h, which defines the guts of the
 # PL_charclass table.  Each line is a bit map of properties that the Unicode
diff --git a/regen/mk_invlists.pl b/regen/mk_invlists.pl
index 460a72c..d6ff165 100644
--- a/regen/mk_invlists.pl
+++ b/regen/mk_invlists.pl
@@ -8,8 +8,8 @@ use Unicode::UCD qw(prop_aliases
                     prop_invlist
                     prop_invmap search_invlist
                    );
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 
 # This program outputs charclass_invlists.h, which contains various inversion
 # lists in the form of C arrays that are to be used as-is for inversion lists.
diff --git a/regen/opcode.pl b/regen/opcode.pl
index edb9f4d..0bd62ce 100755
--- a/regen/opcode.pl
+++ b/regen/opcode.pl
@@ -20,7 +20,7 @@ use strict;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 my $oc = open_new('opcode.h', '>',
@@ -924,7 +924,7 @@ package main;
 # which define what bits in op_private have what meanings for each op.
 # It populates %LABELS, %DEFINES, %FLAGS, %BITFIELDS.
 
-require 'regen/op_private';
+require './regen/op_private';
 
 #use Data::Dumper;
 #print Dumper \%LABELS, \%DEFINES, \%FLAGS, \%BITFIELDS;
diff --git a/regen/overload.pl b/regen/overload.pl
index c95ab2d..38dac32 100644
--- a/regen/overload.pl
+++ b/regen/overload.pl
@@ -16,7 +16,7 @@
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 use strict;
diff --git a/regen/reentr.pl b/regen/reentr.pl
index 3a0afaf..564a68f 100644
--- a/regen/reentr.pl
+++ b/regen/reentr.pl
@@ -18,7 +18,7 @@
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 use strict;
diff --git a/regen/regcharclass.pl b/regen/regcharclass.pl
index 9115eaf..d40c143 100755
--- a/regen/regcharclass.pl
+++ b/regen/regcharclass.pl
@@ -11,8 +11,8 @@ our $hex_fmt= "0x%02X";
 sub DEBUG () { 0 }
 $|=1 if DEBUG;
 
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 require "regen/regcharclass_multi_char_folds.pl";
 
 =head1 NAME
diff --git a/regen/regcomp.pl b/regen/regcomp.pl
index 850eeb9..94aa572 100644
--- a/regen/regcomp.pl
+++ b/regen/regcomp.pl
@@ -20,7 +20,7 @@
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 use strict;
 
diff --git a/regen/uconfig_h.pl b/regen/uconfig_h.pl
index 99a74f1..1c3d1b2 100755
--- a/regen/uconfig_h.pl
+++ b/regen/uconfig_h.pl
@@ -10,7 +10,7 @@
 
 use strict;
 use Config;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my ($uconfig_h, $uconfig_h_new, $config_h_sh)
     = ('uconfig.h', 'uconfig.h-new', 'config_h.SH');
diff --git a/regen/unicode_constants.pl b/regen/unicode_constants.pl
index baf25f1..9689731 100644
--- a/regen/unicode_constants.pl
+++ b/regen/unicode_constants.pl
@@ -1,8 +1,8 @@
 use v5.16.0;
 use strict;
 use warnings;
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 use Unicode::UCD;
 use charnames qw(:loose);
 
diff --git a/regen/warnings.pl b/regen/warnings.pl
index 40e7265..739a7b4 100644
--- a/regen/warnings.pl
+++ b/regen/warnings.pl
@@ -19,7 +19,7 @@
 $VERSION = '1.37';
 
 BEGIN {
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
     push @INC, './lib';
 }
 use strict ;
diff --git a/regen_perly.pl b/regen_perly.pl
index f9ef04b..b8fb5d7 100644
--- a/regen_perly.pl
+++ b/regen_perly.pl
@@ -35,7 +35,7 @@ sub usage { die "usage: $0 [ -b bison_executable ] [ file.y ]\n" }
 use warnings;
 use strict;
 
-BEGIN { require 'regen/regen_lib.pl'; }
+BEGIN { require './regen/regen_lib.pl'; }
 
 my $bison = 'bison';
 
diff --git a/t/comp/line_debug.t b/t/comp/line_debug.t
index 8361194..71626bb 100644
--- a/t/comp/line_debug.t
+++ b/t/comp/line_debug.t
@@ -1,5 +1,7 @@
 #!./perl
 
+BEGIN { unshift @INC, '.' }
+
 chdir 't' if -d 't';
 
 sub ok {
diff --git a/t/lib/warnings/op b/t/lib/warnings/op
index cc0cf46..b0b9c0a 100644
--- a/t/lib/warnings/op
+++ b/t/lib/warnings/op
@@ -1453,6 +1453,7 @@ END { print "in end\n"; }
 print "in mainline\n";
 1;
 --FILE--
+BEGIN { unshift @INC, '.' }
 require abc;
 do "abc.pm";
 EXPECT
diff --git a/t/op/goto.t b/t/op/goto.t
index 351f86a..66438a3 100644
--- a/t/op/goto.t
+++ b/t/op/goto.t
@@ -280,7 +280,7 @@ YYY: print "OK\n";
 EOT
 close $f;
 
-$r = runperl(prog => 'use Op_goto01; print qq[DONE\n]');
+$r = runperl(prog => 'BEGIN { unshift @INC, q[.] } use Op_goto01; print qq[DONE\n]');
 is($r, "OK\nDONE\n", "goto within use-d file"); 
 unlink_all "Op_goto01.pm";
 
diff --git a/t/porting/authors.t b/t/porting/authors.t
index bc69e3a..563b92a 100644
--- a/t/porting/authors.t
+++ b/t/porting/authors.t
@@ -7,7 +7,7 @@ BEGIN {
 use TestInit qw(T); # T is chdir to the top level
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 find_git_or_skip('all');
 
 # This is the subset of "pretty=fuller" that checkAUTHORS.pl actually needs:
diff --git a/t/porting/bench.t b/t/porting/bench.t
index 527995a..bbebd37 100644
--- a/t/porting/bench.t
+++ b/t/porting/bench.t
@@ -8,7 +8,7 @@ BEGIN {
 use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 my $source = find_git_or_skip('all');
 chdir $source or die "Can't chdir to $source: $!";
 
diff --git a/t/porting/cmp_version.t b/t/porting/cmp_version.t
index 55b4003..bbbc852 100644
--- a/t/porting/cmp_version.t
+++ b/t/porting/cmp_version.t
@@ -16,7 +16,7 @@ BEGIN {
 use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 my $source = find_git_or_skip('all');
 chdir $source or die "Can't chdir to $source: $!";
 
diff --git a/t/porting/corelist.t b/t/porting/corelist.t
index 251a260..820ff3e 100644
--- a/t/porting/corelist.t
+++ b/t/porting/corelist.t
@@ -6,7 +6,7 @@ use TestInit qw(T);
 use strict;
 use Config;
 
-require 't/test.pl';
+require './t/test.pl';
 
 plan(tests => 6);
 
diff --git a/t/porting/diag.t b/t/porting/diag.t
index ccde8cb..cdd9d64 100644
--- a/t/porting/diag.t
+++ b/t/porting/diag.t
@@ -9,7 +9,7 @@ use warnings;
 use strict;
 use Config;
 
-require 't/test.pl';
+require './t/test.pl';
 
 if ( $Config{usecrosscompile} ) {
   skip_all( "Not all files are available during cross-compilation" );
@@ -26,7 +26,7 @@ plan('no_plan');
 my $make_exceptions_list = ($ARGV[0]||'') eq '--make-exceptions-list'
   and shift;
 
-require 'regen/embed_lib.pl';
+require './regen/embed_lib.pl';
 
 # Look for functions that look like they could be diagnostic ones.
 my @functions;
diff --git a/t/porting/globvar.t b/t/porting/globvar.t
index bc0203a..3052b38 100644
--- a/t/porting/globvar.t
+++ b/t/porting/globvar.t
@@ -4,7 +4,7 @@ use TestInit qw(T);
 use strict;
 use Config;
 
-require 't/test.pl';
+require './t/test.pl';
 
 skip_all("Code to read symbols not ported to $^O")
     if $^O eq 'VMS' or $^O eq 'MSWin32';
diff --git a/t/porting/manifest.t b/t/porting/manifest.t
index 580b487..6e97402 100644
--- a/t/porting/manifest.t
+++ b/t/porting/manifest.t
@@ -30,7 +30,7 @@ BEGIN {
 }
 use TestInit qw(T); # T is chdir to the top level
 
-require 't/test.pl';
+require './t/test.pl';
 
 skip_all("Cross-compiling, the entire source might not be available")
     if $Config{usecrosscompile};
diff --git a/t/porting/pending-author.t b/t/porting/pending-author.t
index 4dceaf6..0aaa546 100644
--- a/t/porting/pending-author.t
+++ b/t/porting/pending-author.t
@@ -27,7 +27,7 @@ use TestInit qw(T); # T is chdir to the top level
 use strict;
 use File::Spec;
 
-require 't/test.pl';
+require './t/test.pl';
 find_git_or_skip('all');
 
 my $devnull = File::Spec->devnull;
diff --git a/t/porting/pod_rules.t b/t/porting/pod_rules.t
index 46a0114..894b153 100644
--- a/t/porting/pod_rules.t
+++ b/t/porting/pod_rules.t
@@ -25,7 +25,7 @@ BEGIN {
       chdir '..';
     }
     @INC = qw(lib .); # Special @INC.
-    require 't/test.pl';
+    require './t/test.pl';
 }
 
 use strict;
diff --git a/t/porting/readme.t b/t/porting/readme.t
index e127920..232a45f 100644
--- a/t/porting/readme.t
+++ b/t/porting/readme.t
@@ -10,7 +10,7 @@ BEGIN {
 use TestInit qw(T); # T is chdir to the top level
 use strict;
 use warnings;
-require 't/test.pl';
+require './t/test.pl';
 
 my @porting_files;
 open my $man, "MANIFEST" or die "Can't open MANIFEST: $!";
diff --git a/t/porting/regen.t b/t/porting/regen.t
index 5d08518..3aa1fd5 100644
--- a/t/porting/regen.t
+++ b/t/porting/regen.t
@@ -8,8 +8,8 @@ BEGIN {
 use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
 use strict;
 
-require 'regen/regen_lib.pl';
-require 't/test.pl';
+require './regen/regen_lib.pl';
+require './t/test.pl';
 $::NO_ENDING = $::NO_ENDING = 1;
 
 if ( $^O eq "VMS" ) {
@@ -86,7 +86,7 @@ OUTER: foreach my $file (@files) {
 }
 
 foreach (@progs) {
-    my $command = "$^X $_ --tap";
+    my $command = "$^X -I. $_ --tap";
     system $command
         and die "Failed to run $command: $?";
 }
diff --git a/t/porting/utils.t b/t/porting/utils.t
index 475380d..92eafbd 100644
--- a/t/porting/utils.t
+++ b/t/porting/utils.t
@@ -22,7 +22,7 @@ BEGIN {
 use TestInit qw(T); # T is chdir to the top level
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 
 # It turns out that, since the default @INC will include your old 5.x libs, if
 # you have them, the Porting utils might load a library that no longer compiles
diff --git a/t/re/pat.t b/t/re/pat.t
index 0f5a3e4..bda7d0b 100644
--- a/t/re/pat.t
+++ b/t/re/pat.t
@@ -1676,7 +1676,7 @@ EOP
             # NOTE - Do not put quotes in the code!
             # NOTE - We have to triple escape the backref in the pattern below.
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 watchdog(3);
                 for my $len (1 .. 20) {
                     my $eights= q(8) x $len;
@@ -1692,7 +1692,7 @@ EOP
             # #123562]
 
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 use Encode qw(_utf8_on);
                 # \x80 and \x41 are continuation bytes in their respective
                 # character sets
@@ -1760,7 +1760,7 @@ EOP
                 my ($expr, $expect, $test_name, $cap1)= @$tuple;
                 # avoid quotes in this code!
                 my $code='
-                    BEGIN{require q(test.pl);}
+                    BEGIN{require q(./test.pl);}
                     watchdog(3);
                     my $status= eval(q{ !(' . $expr . ') ? q(failed) : ' .
                         ($cap1 ? '($1 ne q['.$cap1.']) ? qq(badmatch:$1) : ' : '') .
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 82846a4..8861a3d 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,7 +285,8 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-is ($default_inc[-1], '.', '. is last in @INC');
+ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
+#is ($default_inc[-1], '.', '. is last in @INC');
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/t/run/switches.t b/t/run/switches.t
index 0018a74..b61be56 100644
--- a/t/run/switches.t
+++ b/t/run/switches.t
@@ -194,12 +194,12 @@ sub import { print map "<\$_>", \@_ }
 SWTESTPM
     close $f or die "Could not close: $!";
     $r = runperl(
-	switches    => [ "-M$package" ],
+	switches    => [ "-I.", "-M$package" ],
 	prog	    => '1',
     );
     is( $r, "<$package>", '-M' );
     $r = runperl(
-	switches    => [ "-M$package=foo" ],
+	switches    => [ "-I.", "-M$package=foo" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo>", '-M with import parameter' );
@@ -213,7 +213,7 @@ SWTESTPM
         is( $r, '', '-m' );
     }
     $r = runperl(
-	switches    => [ "-m$package=foo,bar" ],
+	switches    => [ "-I.", "-m$package=foo,bar" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo><bar>", '-m with import parameters' );
diff --git a/t/test.pl b/t/test.pl
index 349bcc9..de2ada0 100644
--- a/t/test.pl
+++ b/t/test.pl
@@ -652,7 +652,7 @@ sub _create_runperl { # Create the string to qx in runperl().
 	$runperl = "$ENV{PERL_RUNPERL_DEBUG} $runperl";
     }
     unless ($args{nolib}) {
-	$runperl = $runperl . ' "-I../lib"'; # doublequotes because of VMS
+	$runperl = $runperl . ' "-I../lib" "-I." '; # doublequotes because of VMS
     }
     if ($args{switches}) {
 	local $Level = 2;
@@ -1261,6 +1261,7 @@ sub run_multiple_progs {
 	open my $fh, '>', $tmpfile or die "Cannot open >$tmpfile: $!";
 	print $fh q{
         BEGIN {
+            push @INC, '.';
             open STDERR, '>&', STDOUT
               or die "Can't dup STDOUT->STDERR: $!;";
         }
diff --git a/utils/Makefile.PL b/utils/Makefile.PL
index 27c371f..85b0833 100644
--- a/utils/Makefile.PL
+++ b/utils/Makefile.PL
@@ -13,7 +13,7 @@ if (@ARGV) {
 # attempting to move the work from them to the extension directories and
 # ExtUtils::MakeMaker.
 
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my $target = 'utils/Makefile';
 print "Extracting $target (with variable substitutions)\n";
diff --git a/utils/c2ph.PL b/utils/c2ph.PL
index ea87a6f..c5b5a3f 100644
--- a/utils/c2ph.PL
+++ b/utils/c2ph.PL
@@ -198,8 +198,8 @@ them in terms of packages and functions.  Consider the following program:
     #!/usr/local/bin/perl
 
     require 'syscall.ph';
-    require 'sys/time.ph';
-    require 'sys/resource.ph';
+    require './sys/time.ph';
+    require './sys/resource.ph';
 
     $ru = "\0" x &rusage'sizeof();
 
diff --git a/utils/perlivp.PL b/utils/perlivp.PL
index e522913..81f8ae4 100644
--- a/utils/perlivp.PL
+++ b/utils/perlivp.PL
@@ -231,7 +231,7 @@ if (defined($Config{'extensions'})) {
         next if $_ eq 'XS/APItest';
         next if $_ eq 'XS/Typemap';
            # VMS$ perl  -e "eval ""require \""Devel/DProf.pm\"";"" print $@"
-           # \NT> perl  -e "eval \"require 'Devel/DProf.pm'\"; print $@"
+           # \NT> perl  -e "eval \"require './Devel/DProf.pm'\"; print $@"
            # DProf: run perl with -d to use DProf.
            # Compilation failed in require at (eval 1) line 1.
         eval " require \"$_.pm\"; ";
-- 
2.9.2

@p5pRT
Copy link
Author

p5pRT commented Aug 14, 2016

From @toddr

0002-Remove-.-from-default-INC-when-default_inc_excludes_.patch
From 7c72dc9a95a45c867ea610cf433f46e3428b9e88 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:53 -0500
Subject: [PATCH 2/3] Remove "." from default @INC when
 default_inc_excludes_dot is set (not default).

Perl now provides a way to build perl without . in @INC by default. If you want
this feature, you can build with -Ddefault_inc_excludes_dot

Because the testing / make process for perl modules do not function well
with . missing from @INC, Perl now supports the environment variable
PERL_USE_UNSAFE_INC=1 which makes Perl behave as it previously did,
returning . to @INC in all child processes.

WARNING: PERL_USE_UNSAFE_INC has been provided during the perl 5.25 development
cycle and is not guaranteed to function in perl 5.26.

Update unit tests and default value files to work with the new %Config
variable "default_inc_excludes_dot"
---
 Configure                 | 25 +++++++++++++++++++++++++
 Cross/config.sh-arm-linux |  1 +
 NetWare/config.wc         |  1 +
 Porting/config.sh         |  1 +
 config_h.SH               |  6 ++++++
 configure.com             |  1 +
 perl.c                    |  9 +++++++--
 plan9/config_sh.sample    |  1 +
 symbian/config.sh         |  1 +
 t/run/runenv.t            |  9 +++++++--
 uconfig.h                 |  7 +++++++
 uconfig.sh                |  1 +
 uconfig64.sh              |  1 +
 win32/config.ce           |  1 +
 win32/config.gc           |  1 +
 win32/config.vc           |  1 +
 16 files changed, 63 insertions(+), 4 deletions(-)

diff --git a/Configure b/Configure
index 818ab8e..69e5cc1 100755
--- a/Configure
+++ b/Configure
@@ -1389,6 +1389,8 @@ vendorscriptexp=''
 versiononly=''
 yacc=''
 yaccflags=''
+default_inc_excludes_dot=''
+
 CONFIG=''
 
 : Detect odd OSs
@@ -5106,6 +5108,28 @@ rp='What is the file extension used for shared libraries?'
 . ./myread
 so="$ans"
 
+: Include . in @INC
+$cat << EOM
+
+Historically Perl has provided a final fallback of the current working
+directory '.' when searching for a library. This, however, can lead to
+problems when a Perl program which loads optional modules is called from
+a shared directory. This can lead to executing unexpected code.
+
+EOM
+
+case "$default_inc_excludes_dot" in
+    $define|true|[yY]*)     dflt="n";;
+    *)  dflt='y';;
+esac
+
+rp='Provide '.' in @INC by default? '
+. ./myread
+case "$ans" in
+    n*|define) default_inc_excludes_dot="$define" ;;
+    *)   default_inc_excludes_dot="$undef"  ;;
+esac
+
 : Does target system insist that shared library basenames are unique
 $cat << EOM
 
@@ -25364,6 +25388,7 @@ vi='$vi'
 xlibpth='$xlibpth'
 yacc='$yacc'
 yaccflags='$yaccflags'
+default_inc_excludes_dot='$default_inc_excludes_dot'
 zcat='$zcat'
 zip='$zip'
 EOT
diff --git a/Cross/config.sh-arm-linux b/Cross/config.sh-arm-linux
index 8b3f5c0..9e58088 100644
--- a/Cross/config.sh-arm-linux
+++ b/Cross/config.sh-arm-linux
@@ -624,6 +624,7 @@ db_prefixtype='size_t'
 db_version_major=''
 db_version_minor=''
 db_version_patch=''
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='so'
 dlsrc='dl_dlopen.xs'
diff --git a/NetWare/config.wc b/NetWare/config.wc
index d61924e..f13474e 100644
--- a/NetWare/config.wc
+++ b/NetWare/config.wc
@@ -615,6 +615,7 @@ db_version_minor='0'
 db_version_patch='0'
 def_perlroot='sys:\perl\scripts'
 def_temp='sys:\perl\temp'
+default_inc_excludes_dot=''
 direntrytype='DIR'
 dlext='nlm'
 dlsrc='dl_netware.xs'
diff --git a/Porting/config.sh b/Porting/config.sh
index 4f6e643..cebac42 100644
--- a/Porting/config.sh
+++ b/Porting/config.sh
@@ -637,6 +637,7 @@ db_prefixtype='int'
 db_version_major='1'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='bundle'
 dlsrc='dl_dlopen.xs'
diff --git a/config_h.SH b/config_h.SH
index 099f92a..91ff58d 100755
--- a/config_h.SH
+++ b/config_h.SH
@@ -1452,6 +1452,12 @@ sed <<!GROK!THIS! >$CONFIG_H -e 's!^#undef\(.*/\)\*!/\*#define\1 \*!' -e 's!^#un
 #define BIN_EXP "$binexp"	/**/
 #define PERL_RELOCATABLE_INC "$userelocatableinc" 		/**/
 
+/* DEFAULT_INC_EXCLUDES_DOT:
+ *     This symbol, when defined, removes the legacy default behavior of including
+  *    . at the end of @INC.
+ */
+#$default_inc_excludes_dot DEFAULT_INC_EXCLUDES_DOT                /**/
+
 /* PERL_INC_VERSION_LIST:
  *	This variable specifies the list of subdirectories in over
  *	which perl.c:incpush() and lib/lib.pm will automatically
diff --git a/configure.com b/configure.com
index 1d11fe1..b45adc4 100644
--- a/configure.com
+++ b/configure.com
@@ -6778,6 +6778,7 @@ $ WC "u64size='" + u64size + "'"
 $ WC "u64type='" + u64type + "'"
 $ WC "u8size='" + u8size + "'"
 $ WC "u8type='" + u8type + "'"
+$ WC "default_inc_excludes_dot=''"
 $ WC "uidformat='lu'"
 $ WC "uidsign='1'"
 $ WC "uidsize='4'"
diff --git a/perl.c b/perl.c
index 21a8b30..b2711fe 100644
--- a/perl.c
+++ b/perl.c
@@ -4648,8 +4648,13 @@ S_init_perllib(pTHX)
 #endif
 #endif /* !PERL_IS_MINIPERL */
 
-    if (!TAINTING_get)
-	S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    if (!TAINTING_get) {
+#if !defined(PERL_IS_MINIPERL) && defined(DEFAULT_INC_EXCLUDES_DOT)
+        const char * const unsafe = PerlEnv_getenv("PERL_USE_UNSAFE_INC");
+        if (unsafe && strEQ(unsafe, "1"))
+#endif
+          S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    }
 }
 
 #if defined(DOSISH) || defined(__SYMBIAN32__)
diff --git a/plan9/config_sh.sample b/plan9/config_sh.sample
index a89c918..1b9d5da 100644
--- a/plan9/config_sh.sample
+++ b/plan9/config_sh.sample
@@ -623,6 +623,7 @@ db_prefixtype='size_t'
 db_version_major=''
 db_version_minor=''
 db_version_patch=''
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='none'
 dlsrc='dl_none.xs'
diff --git a/symbian/config.sh b/symbian/config.sh
index b311521..999447a 100644
--- a/symbian/config.sh
+++ b/symbian/config.sh
@@ -570,6 +570,7 @@ db_prefixtype='size_t'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='dll'
 dlsrc='dl_symbian.xs'
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 8861a3d..2a1fcbf 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,8 +285,13 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
-#is ($default_inc[-1], '.', '. is last in @INC');
+# Based on the default_inc_excludes_dot Configuration variable, we either do or don't expect . to be in the default @INC.
+if ( $Config{default_inc_excludes_dot} && $Config{default_inc_excludes_dot} eq 'define' ) {
+    ok( ( !grep { $_ eq '.' } @default_inc ), '. is not in @INC' );
+}
+else {
+    ok( ( grep { $_ eq '.' } @default_inc ), '. is in @INC' );
+}
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/uconfig.h b/uconfig.h
index a02560f..1c60bbd 100644
--- a/uconfig.h
+++ b/uconfig.h
@@ -1177,6 +1177,13 @@
  *	C99-style static inline.  That is, the function can't be called
  *	from another translation unit.
  */
+
+
+/* DEFAULT_INC_EXCLUDES_DOT:
+ *     This symbol, when defined, causes @INC to include . as a final fallback.
+ */
+#define DEFAULT_INC_EXCLUDES_DOT                /**/
+
 /* PERL_STATIC_INLINE:
  *	This symbol gives the best-guess incantation to use for static
  *	inline functions.  If HAS_STATIC_INLINE is defined, this will
diff --git a/uconfig.sh b/uconfig.sh
index edc36db..df77b08 100644
--- a/uconfig.sh
+++ b/uconfig.sh
@@ -561,6 +561,7 @@ db_prefixtype='size_t'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 doubleinfbytes='0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x7f'
 doublekind='3'
diff --git a/uconfig64.sh b/uconfig64.sh
index df18372..39e8751 100644
--- a/uconfig64.sh
+++ b/uconfig64.sh
@@ -562,6 +562,7 @@ db_prefixtype='size_t'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 doubleinfbytes='0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x7f'
 doublekind='3'
diff --git a/win32/config.ce b/win32/config.ce
index 8f68ddd..70b4b4a 100644
--- a/win32/config.ce
+++ b/win32/config.ce
@@ -611,6 +611,7 @@ db_prefixtype='int'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct direct'
 dlext='dll'
 dlsrc='dl_win32.xs'
diff --git a/win32/config.gc b/win32/config.gc
index 69a21a2..79b2f5d 100644
--- a/win32/config.gc
+++ b/win32/config.gc
@@ -612,6 +612,7 @@ db_prefixtype='int'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct direct'
 dlext='dll'
 dlltool='~ARCHPREFIX~dlltool'
diff --git a/win32/config.vc b/win32/config.vc
index 50d2a92..3a8aaec 100644
--- a/win32/config.vc
+++ b/win32/config.vc
@@ -612,6 +612,7 @@ db_prefixtype='int'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct direct'
 dlext='dll'
 dlsrc='dl_win32.xs'
-- 
2.9.2

@p5pRT
Copy link
Author

p5pRT commented Aug 14, 2016

From @toddr

0003-Update-digest-entries-in-files-that-point-to-recentl.patch
From 9ce64c9af403feff538a53f8c5346c52fee1bb76 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Sun, 14 Aug 2016 00:55:25 -0500
Subject: [PATCH 3/3] Update digest entries in files that point to recently
 updated perl scripts

These files were were updated ONLY with a relative require. As a result there
shouldn't be a need for re-generating these files, just updating the digest.
Additionally, porting/regent.t was tidied and updated with a more clear error
message when it fails.
---
 charclass_invlists.h |  2 +-
 keywords.c           |  2 +-
 keywords.h           |  2 +-
 perly.act            |  2 +-
 perly.h              |  2 +-
 perly.tab            |  2 +-
 regcharclass.h       |  2 +-
 t/porting/regen.t    | 92 ++++++++++++++++++++++++++++------------------------
 uconfig.h            |  4 +--
 9 files changed, 59 insertions(+), 51 deletions(-)

diff --git a/charclass_invlists.h b/charclass_invlists.h
index 390e8a0..1dbbaf6 100644
--- a/charclass_invlists.h
+++ b/charclass_invlists.h
@@ -91561,5 +91561,5 @@ static const U8 WB_table[24][24] = {
  * 5c7eb94310e2aaa15702fd6bed24ff0e7ab5448f9a8231d8c49ca96c9e941089 lib/unicore/mktables
  * cdecb300baad839a6f62791229f551a4fa33f3cbdca08e378dc976466354e778 lib/unicore/version
  * 913d2f93f3cb6cdf1664db888bf840bc4eb074eef824e082fceda24a9445e60c regen/charset_translations.pl
- * 11011bc761487f5a63c8135e67248394d4cdff6f8f204a41cdfbdc8131e79406 regen/mk_invlists.pl
+ * 6697977221bf632720408ca9a1a934e43d5d8e51c870532cec3ebdb3e3ba80c6 regen/mk_invlists.pl
  * ex: set ro: */
diff --git a/keywords.c b/keywords.c
index 74af832..9fa30e6 100644
--- a/keywords.c
+++ b/keywords.c
@@ -3437,5 +3437,5 @@ unknown:
 }
 
 /* Generated from:
- * 7e3d76a333c5f9b77d47dd7d423450356b63853a1c2313d3e805042caaa4bc2c regen/keywords.pl
+ * db0472e0ad4f44bd0816cad799d63b60d1bbd7e11cef40ea15bf0d00f69669f6 regen/keywords.pl
  * ex: set ro: */
diff --git a/keywords.h b/keywords.h
index eaa4120..2b1d598 100644
--- a/keywords.h
+++ b/keywords.h
@@ -270,5 +270,5 @@
 #define KEY_y			254
 
 /* Generated from:
- * 7e3d76a333c5f9b77d47dd7d423450356b63853a1c2313d3e805042caaa4bc2c regen/keywords.pl
+ * db0472e0ad4f44bd0816cad799d63b60d1bbd7e11cef40ea15bf0d00f69669f6 regen/keywords.pl
  * ex: set ro: */
diff --git a/perly.act b/perly.act
index 3626904..5f471f7 100644
--- a/perly.act
+++ b/perly.act
@@ -1732,5 +1732,5 @@ case 2:
 
 /* Generated from:
  * a9693ac90aafd6114d4c5413f46dba1d4488b62feb193e6d1cf11e77e9b25088 perly.y
- * 3e1dff60f26df8933d7aed0c0e87177a0f022c14800c0707eb62a7db4196ac98 regen_perly.pl
+ * 153cba5d215c1a083a0459c43f4d55c45fd0a7093c197d7247a456dcde21ea53 regen_perly.pl
  * ex: set ro: */
diff --git a/perly.h b/perly.h
index 9e08cb5..c51fc67 100644
--- a/perly.h
+++ b/perly.h
@@ -259,5 +259,5 @@ typedef union YYSTYPE
 
 /* Generated from:
  * a9693ac90aafd6114d4c5413f46dba1d4488b62feb193e6d1cf11e77e9b25088 perly.y
- * 3e1dff60f26df8933d7aed0c0e87177a0f022c14800c0707eb62a7db4196ac98 regen_perly.pl
+ * 153cba5d215c1a083a0459c43f4d55c45fd0a7093c197d7247a456dcde21ea53 regen_perly.pl
  * ex: set ro: */
diff --git a/perly.tab b/perly.tab
index f025c02..2f5da94 100644
--- a/perly.tab
+++ b/perly.tab
@@ -1236,5 +1236,5 @@ static const toketypes yy_type_tab[] =
 
 /* Generated from:
  * a9693ac90aafd6114d4c5413f46dba1d4488b62feb193e6d1cf11e77e9b25088 perly.y
- * 3e1dff60f26df8933d7aed0c0e87177a0f022c14800c0707eb62a7db4196ac98 regen_perly.pl
+ * 153cba5d215c1a083a0459c43f4d55c45fd0a7093c197d7247a456dcde21ea53 regen_perly.pl
  * ex: set ro: */
diff --git a/regcharclass.h b/regcharclass.h
index 845df79..663ab8b 100644
--- a/regcharclass.h
+++ b/regcharclass.h
@@ -1898,6 +1898,6 @@
  * 5c7eb94310e2aaa15702fd6bed24ff0e7ab5448f9a8231d8c49ca96c9e941089 lib/unicore/mktables
  * cdecb300baad839a6f62791229f551a4fa33f3cbdca08e378dc976466354e778 lib/unicore/version
  * 913d2f93f3cb6cdf1664db888bf840bc4eb074eef824e082fceda24a9445e60c regen/charset_translations.pl
- * d9c04ac46bdd81bb3e26519f2b8eb6242cb12337205add3f7cf092b0c58dccc4 regen/regcharclass.pl
+ * 9678a938e3499b354c5454e5e739c67c4b3b8ee56b138c0640d61da05aa18549 regen/regcharclass.pl
  * 393f8d882713a3ba227351ad0f00ea4839fda74fcf77dcd1cdf31519925adba5 regen/regcharclass_multi_char_folds.pl
  * ex: set ro: */
diff --git a/t/porting/regen.t b/t/porting/regen.t
index 3aa1fd5..6616051 100644
--- a/t/porting/regen.t
+++ b/t/porting/regen.t
@@ -3,9 +3,10 @@
 # Verify that all files generated by perl scripts are up to date.
 
 BEGIN {
+    chdir 't' if -d 't';
     @INC = '..' if -f '../TestInit.pm';
 }
-use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
+use TestInit qw(T A);    # T is chdir to the top level, A makes paths absolute
 use strict;
 
 require './regen/regen_lib.pl';
@@ -13,80 +14,87 @@ require './t/test.pl';
 $::NO_ENDING = $::NO_ENDING = 1;
 
 if ( $^O eq "VMS" ) {
-  skip_all( "- regen.pl needs porting." );
+    skip_all("- regen.pl needs porting.");
 }
-if ($^O eq 'dec_osf') {
+if ( $^O eq 'dec_osf' ) {
     skip_all("$^O cannot handle this test");
 }
-if ( $::IS_EBCDIC || $::IS_EBCDIC) {
-  skip_all( "- We don't regen on EBCDIC." );
+if ( $::IS_EBCDIC || $::IS_EBCDIC ) {
+    skip_all("- We don't regen on EBCDIC.");
 }
 use Config;
 if ( $Config{usecrosscompile} ) {
-  skip_all( "Not all files are available during cross-compilation" );
+    skip_all("Not all files are available during cross-compilation");
 }
 
-my $tests = 26; # I can't see a clean way to calculate this automatically.
+my $tests = 26;    # I can't see a clean way to calculate this automatically.
 
-my %skip = ("regen_perly.pl"    => [qw(perly.act perly.h perly.tab)],
-            "regen/keywords.pl" => [qw(keywords.c keywords.h)],
-            "regen/uconfig_h.h" => [qw(uconfig.h)],
-            "regen/mk_invlists.pl" => [qw(charclass_invlists.h)],
-            "regen/regcharclass.pl" => [qw(regcharclass.h)],
-           );
+my %skip = (
+    "regen_perly.pl"        => [qw(perly.act perly.h perly.tab)],
+    "regen/keywords.pl"     => [qw(keywords.c keywords.h)],
+    "regen/uconfig_h.h"     => [qw(uconfig.h)],
+    "regen/mk_invlists.pl"  => [qw(charclass_invlists.h)],
+    "regen/regcharclass.pl" => [qw(regcharclass.h)],
+);
 
-my @files = map {@$_} sort values %skip;
+my @files = map { @$_ } sort values %skip;
 
 open my $fh, '<', 'regen.pl'
-    or die "Can't open regen.pl: $!";
+  or die "Can't open regen.pl: $!";
 
 while (<$fh>) {
     last if /^__END__/;
 }
 die "Can't find __END__ in regen.pl"
-    if eof $fh;
-
-foreach (qw(embed_lib.pl regen_lib.pl uconfig_h.pl
-            regcharclass_multi_char_folds.pl
-            charset_translations.pl
-            ),
-         map {chomp $_; $_} <$fh>) {
+  if eof $fh;
+
+foreach (
+    qw(embed_lib.pl regen_lib.pl uconfig_h.pl
+    regcharclass_multi_char_folds.pl
+    charset_translations.pl
+    ),
+    map { chomp $_; $_ } <$fh>
+  ) {
     ++$skip{"regen/$_"};
 }
 
 close $fh
-    or die "Can't close regen.pl: $!";
+  or die "Can't close regen.pl: $!";
 
-my @progs = grep {!$skip{$_}} <regen/*.pl>;
-push @progs, 'regen.pl', map {"Porting/makemeta $_"} qw(-j -y);
+my @progs = grep { !$skip{$_} } <regen/*.pl>;
+push @progs, 'regen.pl', map { "Porting/makemeta $_" } qw(-j -y);
 
-plan (tests => $tests + @files + @progs);
+plan( tests => $tests + @files + @progs );
 
 OUTER: foreach my $file (@files) {
     open my $fh, '<', $file or die "Can't open $file: $!";
-    1 while defined($_ = <$fh>) and !/Generated from:/;
-    if (eof $fh) {
-	fail("Can't find 'Generated from' line in $file");
-	next;
+    1 while defined( $_ = <$fh> ) and !/Generated from:/;
+    if ( eof $fh ) {
+        fail("Can't find 'Generated from' line in $file");
+        next;
     }
     my @bad;
     while (<$fh>) {
-	last if /ex: set ro:/;
-	unless (/^(?: \* | #)([0-9a-f]+) (\S+)$/) {
-	    chomp $_;
-	    fail("Bad line in $file: '$_'");
-	    next OUTER;
-	}
-
-	my $digest = digest($2);
-	note("$digest $2");
-	push @bad, $2 unless $digest eq $1;
+        last if /ex: set ro:/;
+        unless (/^(?: \* | #)([0-9a-f]+) (\S+)$/) {
+            chomp $_;
+            fail("Bad line in $file: '$_'");
+            next OUTER;
+        }
+        my $digest_got  = $1;
+        my $digest_file = $2;
+
+        my $digest = digest($digest_file);
+        if ( $digest ne $digest_got ) {
+            note("$file appears to have not been updated after $digest_file was altered. It should be $digest but is $digest_got instead");
+            push @bad, $digest_file unless $digest eq $digest_got;
+        }
     }
-    is("@bad", '', "generated $file is up to date");
+    is( "@bad", '', "generated $file is up to date" );
 }
 
 foreach (@progs) {
     my $command = "$^X -I. $_ --tap";
     system $command
-        and die "Failed to run $command: $?";
+      and die "Failed to run $command: $?";
 }
diff --git a/uconfig.h b/uconfig.h
index 1c60bbd..01d4231 100644
--- a/uconfig.h
+++ b/uconfig.h
@@ -5280,6 +5280,6 @@
 #endif
 
 /* Generated from:
- * 42be1deadbcceadd92a1463d6c11c441bad7c83fe2a4cd1c2ebec7742bb5e8a3 config_h.SH
- * 0fca2bf99ac976bba919b593a18bacd059c581dbe6c8638dc0861b1e613b8406 uconfig.sh
+ * 2d63f61369e01ee32c614e6e498102ec38ff626b90167a48880c56e55a8028e6 config_h.SH
+ * a89b9ab1553ab382d5c4e428ff548c63ab9430facadcaad8e250ed4736f7dce4 uconfig.sh
  * ex: set ro: */
-- 
2.9.2

@p5pRT
Copy link
Author

p5pRT commented Aug 14, 2016

From @cpansprout

On Sat Aug 13 23​:15​:23 2016, TODDR wrote​:

Attaching 3 updated patches.

Thank you. I am testing them as we speak.

Patch 3 modifies digest entries directly for some of the files I
modified. Given the nature of the files that were modified, I don't
really see a reason for me to re-gen these files. When I played with
doing so, I found far more changes than just the digest variable,
which probably means my bison parser does not match the normal ones
used to generated these files?

What you have done is fine. But it is also fine to regenerate perly.* completely; after all, that is what normally happens. See my comment in 8823cb8. :-)

Additionally, porting/regent.t was tidied

Please don’t make unnecessary whitespace changes. It makes it harder to see what the patch actually does, and makes git blame harder to use. (Also, in at least one spot, it stops the items inside qw from lining up vertically, so it’s no more tidy than before.)

and updated with a more clear error
message when it fails.

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Aug 14, 2016

From @Tux

On Sat, 13 Aug 2016 23​:15​:23 -0700, "Todd Rinaldo via RT"
<perlbug-followup@​perl.org> wrote​:

diff --git a/Porting/config.sh b/Porting/config.sh
index 4f6e643..cebac42 100644
--- a/Porting/config.sh
+++ b/Porting/config.sh
@​@​ -637,6 +637,7 @​@​ db_prefixtype='int'
db_version_major='1'
db_version_minor='0'
db_version_patch='0'
+default_inc_excludes_dot=''
direntrytype='struct dirent'
dlext='bundle'
dlsrc='dl_dlopen.xs'
diff --git a/config_h.SH b/config_h.SH
index 099f92a..91ff58d 100755
--- a/config_h.SH
+++ b/config_h.SH
@​@​ -1452,6 +1452,12 @​@​ sed <<!GROK!THIS! >$CONFIG_H -e 's!^#undef\(.*/\)\*!/\*#define\1 \*!' -e 's!^#un
#define BIN_EXP "$binexp" /**/
#define PERL_RELOCATABLE_INC "$userelocatableinc" /**/

+/* DEFAULT_INC_EXCLUDES_DOT​:
+ * This symbol, when defined, removes the legacy default behavior of including
+ * . at the end of @​INC.
+ */
+#$default_inc_excludes_dot DEFAULT_INC_EXCLUDES_DOT /**/
+

just took a snippet, but it should never be set to ''

The default should be 'undef' or 'define', not ''

If this line gets translated​:
#$default_inc_excludes_dot DEFAULT_INC_EXCLUDES_DOT /**/

Valid​:
#define DEFAULT_INC_EXCLUDES_DOT /**/
#undef DEFAULT_INC_EXCLUDES_DOT /**/

Invalid​:
# DEFAULT_INC_EXCLUDES_DOT /**/

--
H.Merijn Brand http​://tux.nl Perl Monger http​://amsterdam.pm.org/
using perl5.00307 .. 5.25 porting perl5 on HP-UX, AIX, and openSUSE
http​://mirrors.develooper.com/hpux/ http​://www.test-smoke.org/
http​://qa.perl.org http​://www.goldmark.org/jeff/stupid-disclaimers/

@p5pRT
Copy link
Author

p5pRT commented Oct 20, 2016

From @toddr

On Sun Aug 14 01​:35​:18 2016, hmbrand wrote​:

just took a snippet, but it should never be set to ''

The default should be 'undef' or 'define', not ''
... *snip*

Bump.

As I understand things per our discussion at YAPC​::EU, this patch should be ready for merge but requires a wave of the metaconfig wand once merged.

I've also rebased on blead and removed some of the things Father Chrysostomos was worried about in the final commit.

@p5pRT
Copy link
Author

p5pRT commented Oct 20, 2016

From @toddr

0001-Patch-unit-tests-to-explicitly-insert-.-into-INC-whe.patch
From 806dc6c15c0c6f8fbd277e61ca34d43faf022af9 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:29 -0500
Subject: [PATCH 1/3] Patch unit tests to explicitly insert "." into @INC when
 needed.

require calls now require ./ to be prepended to the file since . is no
longer guaranteed to be in @INC.
---
 Makefile.SH                              | 2 +-
 Porting/checkcfgvar.pl                   | 2 +-
 Porting/makemeta                         | 2 +-
 Porting/new-perldelta.pl                 | 2 +-
 Porting/pod_rules.pl                     | 2 +-
 TestInit.pm                              | 2 +-
 autodoc.pl                               | 4 ++--
 cpan/Devel-PPPort/devel/mktodo           | 2 +-
 cpan/Devel-PPPort/devel/mktodo.pl        | 2 +-
 cpan/Devel-PPPort/devel/regenerate       | 2 +-
 cpan/Devel-PPPort/devel/scanprov         | 2 +-
 cpan/Devel-PPPort/parts/apicheck.pl      | 2 +-
 cpan/Math-BigInt/t/bare_mbf.t            | 2 +-
 cpan/Math-BigInt/t/bare_mbi.t            | 2 +-
 cpan/Math-BigInt/t/bare_mif.t            | 2 +-
 cpan/Math-BigInt/t/bigfltpm.t            | 2 +-
 cpan/Math-BigInt/t/bigintpm.t            | 2 +-
 cpan/Math-BigInt/t/mbf_ali.t             | 2 +-
 cpan/Math-BigInt/t/mbi_ali.t             | 2 +-
 cpan/Math-BigInt/t/mbimbf.t              | 2 +-
 cpan/Math-BigInt/t/sub_ali.t             | 2 +-
 cpan/Math-BigInt/t/sub_mbf.t             | 2 +-
 cpan/Math-BigInt/t/sub_mbi.t             | 2 +-
 cpan/Math-BigInt/t/sub_mif.t             | 2 +-
 cpan/Math-BigInt/t/upgrade.t             | 2 +-
 cpan/Math-BigInt/t/upgradef.t            | 2 +-
 cpan/Math-BigInt/t/with_sub.t            | 2 +-
 cpan/Math-BigRat/t/bigfltrt.t            | 2 +-
 cpan/Math-BigRat/t/bigratpm.t            | 2 +-
 cpan/perlfaq/lib/perlfaq5.pod            | 4 ++--
 cpan/perlfaq/lib/perlfaq8.pod            | 2 +-
 dist/Thread-Queue/t/01_basic.t           | 2 +-
 dist/Thread-Queue/t/02_refs.t            | 2 +-
 dist/Thread-Queue/t/03_peek.t            | 2 +-
 dist/Thread-Queue/t/05_extract.t         | 2 +-
 dist/Thread-Queue/t/06_insert.t          | 2 +-
 dist/Thread-Queue/t/07_lock.t            | 2 +-
 dist/Thread-Queue/t/10_timed.t           | 2 +-
 dist/Thread-Semaphore/t/01_basic.t       | 2 +-
 dist/Thread-Semaphore/t/04_nonblocking.t | 2 +-
 dist/Thread-Semaphore/t/05_force.t       | 2 +-
 ext/DynaLoader/t/DynaLoader.t            | 2 +-
 h2pl/cbreak.pl                           | 2 +-
 h2pl/cbreak2.pl                          | 2 +-
 lib/h2ph.t                               | 1 -
 lib/strict.t                             | 2 +-
 lib/warnings.t                           | 2 +-
 makedef.pl                               | 2 +-
 pod/buildtoc                             | 2 +-
 pod/perlmodlib.PL                        | 2 +-
 regen.pl                                 | 2 +-
 regen/ebcdic.pl                          | 7 +++++--
 regen/embed.pl                           | 4 ++--
 regen/feature.pl                         | 2 +-
 regen/genpacksizetables.pl               | 2 +-
 regen/keywords.pl                        | 2 +-
 regen/lib_cleanup.pl                     | 4 ++--
 regen/mg_vtable.pl                       | 2 +-
 regen/miniperlmain.pl                    | 2 +-
 regen/mk_PL_charclass.pl                 | 4 ++--
 regen/mk_invlists.pl                     | 4 ++--
 regen/opcode.pl                          | 4 ++--
 regen/overload.pl                        | 2 +-
 regen/reentr.pl                          | 2 +-
 regen/regcharclass.pl                    | 4 ++--
 regen/regcomp.pl                         | 2 +-
 regen/uconfig_h.pl                       | 2 +-
 regen/unicode_constants.pl               | 4 ++--
 regen/warnings.pl                        | 2 +-
 regen_perly.pl                           | 2 +-
 t/comp/line_debug.t                      | 2 ++
 t/lib/warnings/op                        | 1 +
 t/op/goto.t                              | 2 +-
 t/porting/authors.t                      | 2 +-
 t/porting/bench.t                        | 2 +-
 t/porting/cmp_version.t                  | 2 +-
 t/porting/corelist.t                     | 2 +-
 t/porting/diag.t                         | 4 ++--
 t/porting/globvar.t                      | 2 +-
 t/porting/manifest.t                     | 2 +-
 t/porting/pending-author.t               | 2 +-
 t/porting/pod_rules.t                    | 2 +-
 t/porting/readme.t                       | 2 +-
 t/porting/regen.t                        | 6 +++---
 t/porting/utils.t                        | 2 +-
 t/re/pat.t                               | 6 +++---
 t/run/runenv.t                           | 3 ++-
 t/run/switches.t                         | 6 +++---
 t/test.pl                                | 3 ++-
 utils/Makefile.PL                        | 2 +-
 utils/c2ph.PL                            | 4 ++--
 utils/perlivp.PL                         | 2 +-
 92 files changed, 115 insertions(+), 108 deletions(-)

diff --git a/Makefile.SH b/Makefile.SH
index 561d5e1..c61046a 100755
--- a/Makefile.SH
+++ b/Makefile.SH
@@ -345,7 +345,7 @@ RUN_PERL = \$(LDLIBPTH) \$(RUN) $perl\$(EXE_EXT)
 	$spitshell >>$Makefile <<!GROK!THIS!
 # Macros to invoke a copy of our fully operational perl during the build.
 PERL_EXE = perl\$(EXE_EXT)
-RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib
+RUN_PERL = \$(LDLIBPTH) \$(RUN) ./perl\$(EXE_EXT) -Ilib -I.
 !GROK!THIS!
 	;;
 esac
diff --git a/Porting/checkcfgvar.pl b/Porting/checkcfgvar.pl
index 4dc93df..601be18 100755
--- a/Porting/checkcfgvar.pl
+++ b/Porting/checkcfgvar.pl
@@ -36,7 +36,7 @@ GetOptions (
 
 $default and $default =~ s/^'(.*)'$/$1/; # Will be quoted on generation
 
-require 'regen/regen_lib.pl' if $opt_r;
+require './regen/regen_lib.pl' if $opt_r;
 
 my $MASTER_CFG = "config_h.SH";
 # Inclusive bounds on the main part of the file, $section == 1 below:
diff --git a/Porting/makemeta b/Porting/makemeta
index cb6944e..249f2d4 100644
--- a/Porting/makemeta
+++ b/Porting/makemeta
@@ -61,7 +61,7 @@ use CPAN::Meta;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 use Maintainers qw(%Modules get_module_files get_module_pat);
diff --git a/Porting/new-perldelta.pl b/Porting/new-perldelta.pl
index 09b7783..47376cb 100644
--- a/Porting/new-perldelta.pl
+++ b/Porting/new-perldelta.pl
@@ -4,7 +4,7 @@ use strict;
 # This needs to be able to run from a clean checkout, hence assume only system
 # perl, which may be too old to have autodie
 
-require 'Porting/pod_lib.pl';
+require './Porting/pod_lib.pl';
 
 my $state = get_pod_metadata(1);
 my (undef, $old_major, $old_minor) = @{$state->{delta_version}};
diff --git a/Porting/pod_rules.pl b/Porting/pod_rules.pl
index af5550e..582d658 100644
--- a/Porting/pod_rules.pl
+++ b/Porting/pod_rules.pl
@@ -32,7 +32,7 @@ if (ord("A") == 193) {
             # plan9 =>  'plan9/mkfile',
            );
 
-require 'Porting/pod_lib.pl';
+require './Porting/pod_lib.pl';
 sub my_die;
 
 # process command-line switches
diff --git a/TestInit.pm b/TestInit.pm
index f4ed6fd..f9a5e91 100644
--- a/TestInit.pm
+++ b/TestInit.pm
@@ -47,7 +47,7 @@ sub import {
 	} elsif ($_ eq 'T') {
 	    $chdir = '..'
 		unless -f 't/TEST' && -f 'MANIFEST' && -d 'lib' && -d 'ext';
-	    @INC = 'lib';
+	    @INC = qw/ lib . /;
 	    $setopt = 1;
 	} else {
 	    die "Unknown option '$_'";
diff --git a/autodoc.pl b/autodoc.pl
index 161310d..220ac28 100644
--- a/autodoc.pl
+++ b/autodoc.pl
@@ -29,8 +29,8 @@ if (@ARGV) {
     chdir $workdir
         or die "Couldn't chdir to '$workdir': $!";
 }
-require 'regen/regen_lib.pl';
-require 'regen/embed_lib.pl';
+require './regen/regen_lib.pl';
+require './regen/embed_lib.pl';
 
 #
 # See database of global and static function prototypes in embed.fnc
diff --git a/cpan/Devel-PPPort/devel/mktodo b/cpan/Devel-PPPort/devel/mktodo
index c5c2a9b..2eb9ea3 100644
--- a/cpan/Devel-PPPort/devel/mktodo
+++ b/cpan/Devel-PPPort/devel/mktodo
@@ -17,7 +17,7 @@
 use strict;
 use Getopt::Long;
 
-require 'devel/devtools.pl';
+require './devel/devtools.pl';
 
 our %opt = (
   base    => 0,
diff --git a/cpan/Devel-PPPort/devel/mktodo.pl b/cpan/Devel-PPPort/devel/mktodo.pl
index 9345a23..c479eab 100644
--- a/cpan/Devel-PPPort/devel/mktodo.pl
+++ b/cpan/Devel-PPPort/devel/mktodo.pl
@@ -22,7 +22,7 @@ use IO::Select;
 use Config;
 use Time::HiRes qw( gettimeofday tv_interval );
 
-require 'devel/devtools.pl';
+require './devel/devtools.pl';
 
 our %opt = (
   debug   => 0,
diff --git a/cpan/Devel-PPPort/devel/regenerate b/cpan/Devel-PPPort/devel/regenerate
index dad5338..bc1742d 100644
--- a/cpan/Devel-PPPort/devel/regenerate
+++ b/cpan/Devel-PPPort/devel/regenerate
@@ -20,7 +20,7 @@ use File::Copy;
 use Getopt::Long;
 use Pod::Usage;
 
-require 'devel/devtools.pl';
+require './devel/devtools.pl';
 
 our %opt = (
   check   => 1,
diff --git a/cpan/Devel-PPPort/devel/scanprov b/cpan/Devel-PPPort/devel/scanprov
index 86910e4..804524c 100644
--- a/cpan/Devel-PPPort/devel/scanprov
+++ b/cpan/Devel-PPPort/devel/scanprov
@@ -17,7 +17,7 @@
 use strict;
 use Getopt::Long;
 
-require 'parts/ppptools.pl';
+require './parts/ppptools.pl';
 
 our %opt = (
   mode    => 'check',
diff --git a/cpan/Devel-PPPort/parts/apicheck.pl b/cpan/Devel-PPPort/parts/apicheck.pl
index ac119a6..69d8502 100644
--- a/cpan/Devel-PPPort/parts/apicheck.pl
+++ b/cpan/Devel-PPPort/parts/apicheck.pl
@@ -15,7 +15,7 @@
 ################################################################################
 
 use strict;
-require 'parts/ppptools.pl';
+require './parts/ppptools.pl';
 
 if (@ARGV) {
   my $file = pop @ARGV;
diff --git a/cpan/Math-BigInt/t/bare_mbf.t b/cpan/Math-BigInt/t/bare_mbf.t
index 6b9af66..2167dca 100644
--- a/cpan/Math-BigInt/t/bare_mbf.t
+++ b/cpan/Math-BigInt/t/bare_mbf.t
@@ -13,4 +13,4 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigFloat";
 $CALC  = "Math::BigInt::BareCalc";      # backend
 
-require 't/bigfltpm.inc';	        # all tests here for sharing
+require './t/bigfltpm.inc';	        # all tests here for sharing
diff --git a/cpan/Math-BigInt/t/bare_mbi.t b/cpan/Math-BigInt/t/bare_mbi.t
index 93dbc7a..f2b768d 100644
--- a/cpan/Math-BigInt/t/bare_mbi.t
+++ b/cpan/Math-BigInt/t/bare_mbi.t
@@ -15,4 +15,4 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigInt";
 $CALC  = "Math::BigInt::BareCalc";      # backend
 
-require 't/bigintpm.inc';               # perform same tests as bigintpm.t
+require './t/bigintpm.inc';               # perform same tests as bigintpm.t
diff --git a/cpan/Math-BigInt/t/bare_mif.t b/cpan/Math-BigInt/t/bare_mif.t
index d63e3da..e7b9774 100644
--- a/cpan/Math-BigInt/t/bare_mif.t
+++ b/cpan/Math-BigInt/t/bare_mif.t
@@ -21,4 +21,4 @@ $mbf = 'Math::BigFloat';
 is(Math::BigInt->config()->{lib}, 'Math::BigInt::BareCalc',
    'Math::BigInt->config()->{lib}');
 
-require 't/mbimbf.inc';
+require './t/mbimbf.inc';
diff --git a/cpan/Math-BigInt/t/bigfltpm.t b/cpan/Math-BigInt/t/bigfltpm.t
index 629cb56..a256b9f 100644
--- a/cpan/Math-BigInt/t/bigfltpm.t
+++ b/cpan/Math-BigInt/t/bigfltpm.t
@@ -33,4 +33,4 @@ SKIP: {
     is(ref($e->{_e}->[0]), '', '$e->{_e}->[0] is a scalar');
 }
 
-require 't/bigfltpm.inc';	# all tests here for sharing
+require './t/bigfltpm.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigInt/t/bigintpm.t b/cpan/Math-BigInt/t/bigintpm.t
index e87e05a..cd552ca 100644
--- a/cpan/Math-BigInt/t/bigintpm.t
+++ b/cpan/Math-BigInt/t/bigintpm.t
@@ -44,4 +44,4 @@ is($x, "9903520314281112085086151826",
 #############################################################################
 # all the other tests
 
-require 't/bigintpm.inc';       # all tests here for sharing
+require './t/bigintpm.inc';       # all tests here for sharing
diff --git a/cpan/Math-BigInt/t/mbf_ali.t b/cpan/Math-BigInt/t/mbf_ali.t
index b44b64c..3999aa7 100644
--- a/cpan/Math-BigInt/t/mbf_ali.t
+++ b/cpan/Math-BigInt/t/mbf_ali.t
@@ -12,4 +12,4 @@ use Math::BigFloat;
 our $CLASS;
 $CLASS = 'Math::BigFloat';
 
-require 't/alias.inc';
+require './t/alias.inc';
diff --git a/cpan/Math-BigInt/t/mbi_ali.t b/cpan/Math-BigInt/t/mbi_ali.t
index e65aa3c..45ed6c4 100644
--- a/cpan/Math-BigInt/t/mbi_ali.t
+++ b/cpan/Math-BigInt/t/mbi_ali.t
@@ -12,4 +12,4 @@ use Math::BigInt;
 our $CLASS;
 $CLASS = 'Math::BigInt';
 
-require 't/alias.inc';
+require './t/alias.inc';
diff --git a/cpan/Math-BigInt/t/mbimbf.t b/cpan/Math-BigInt/t/mbimbf.t
index dd65da4..107da31 100644
--- a/cpan/Math-BigInt/t/mbimbf.t
+++ b/cpan/Math-BigInt/t/mbimbf.t
@@ -15,7 +15,7 @@ use Math::BigFloat;
 our $mbi = 'Math::BigInt';
 our $mbf = 'Math::BigFloat';
 
-require 't/mbimbf.inc';
+require './t/mbimbf.inc';
 
 # some tests that won't work with subclasses, since the things are only
 # guaranteed in the Math::Big(Int|Float) (unless subclass chooses to support
diff --git a/cpan/Math-BigInt/t/sub_ali.t b/cpan/Math-BigInt/t/sub_ali.t
index 6023be3..2f145b4 100644
--- a/cpan/Math-BigInt/t/sub_ali.t
+++ b/cpan/Math-BigInt/t/sub_ali.t
@@ -14,4 +14,4 @@ use Math::BigInt::Subclass;
 our $CLASS;
 $CLASS = 'Math::BigInt::Subclass';
 
-require 't/alias.inc';
+require './t/alias.inc';
diff --git a/cpan/Math-BigInt/t/sub_mbf.t b/cpan/Math-BigInt/t/sub_mbf.t
index 69311d4..e438581 100644
--- a/cpan/Math-BigInt/t/sub_mbf.t
+++ b/cpan/Math-BigInt/t/sub_mbf.t
@@ -14,7 +14,7 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigFloat::Subclass";
 $CALC  = Math::BigFloat->config()->{lib};       # backend
 
-require 't/bigfltpm.inc';	# perform same tests as bigfltpm
+require './t/bigfltpm.inc';	# perform same tests as bigfltpm
 
 ###############################################################################
 # Now do custom tests for Subclass itself
diff --git a/cpan/Math-BigInt/t/sub_mbi.t b/cpan/Math-BigInt/t/sub_mbi.t
index e991ad9..500f2a4 100644
--- a/cpan/Math-BigInt/t/sub_mbi.t
+++ b/cpan/Math-BigInt/t/sub_mbi.t
@@ -14,7 +14,7 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigInt::Subclass";
 $CALC  = "Math::BigInt::Calc";          # backend
 
-require 't/bigintpm.inc';	        # perform same tests as bigintpm
+require './t/bigintpm.inc';	        # perform same tests as bigintpm
 
 ###############################################################################
 # Now do custom tests for Subclass itself
diff --git a/cpan/Math-BigInt/t/sub_mif.t b/cpan/Math-BigInt/t/sub_mif.t
index 96bf82f..250db3f 100644
--- a/cpan/Math-BigInt/t/sub_mif.t
+++ b/cpan/Math-BigInt/t/sub_mif.t
@@ -17,4 +17,4 @@ our ($mbi, $mbf);
 $mbi = 'Math::BigInt::Subclass';
 $mbf = 'Math::BigFloat::Subclass';
 
-require 't/mbimbf.inc';
+require './t/mbimbf.inc';
diff --git a/cpan/Math-BigInt/t/upgrade.t b/cpan/Math-BigInt/t/upgrade.t
index 2307a48..7ed4378 100644
--- a/cpan/Math-BigInt/t/upgrade.t
+++ b/cpan/Math-BigInt/t/upgrade.t
@@ -19,4 +19,4 @@ is(Math::BigInt->upgrade(), "Math::BigFloat",
 is(Math::BigInt->downgrade() || "", "",
    qq/Math::BigInt->downgrade() || ""/);
 
-require 't/upgrade.inc';	# all tests here for sharing
+require './t/upgrade.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigInt/t/upgradef.t b/cpan/Math-BigInt/t/upgradef.t
index d208890..dbe373f 100644
--- a/cpan/Math-BigInt/t/upgradef.t
+++ b/cpan/Math-BigInt/t/upgradef.t
@@ -67,4 +67,4 @@ is($z, 321,
    . q| $z = $x->badd($y); $z|);
 
 # not yet:
-#require 't/upgrade.inc';	# all tests here for sharing
+#require './t/upgrade.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigInt/t/with_sub.t b/cpan/Math-BigInt/t/with_sub.t
index 2c54107..299eea5 100644
--- a/cpan/Math-BigInt/t/with_sub.t
+++ b/cpan/Math-BigInt/t/with_sub.t
@@ -19,4 +19,4 @@ $CALC  = "Math::BigInt::Calc";          # backend
 is(Math::BigFloat->config()->{with}, 'Math::BigInt::Calc',
    'Math::BigFloat->config()->{with}');
 
-require 't/bigfltpm.inc';	# all tests here for sharing
+require './t/bigfltpm.inc';	# all tests here for sharing
diff --git a/cpan/Math-BigRat/t/bigfltrt.t b/cpan/Math-BigRat/t/bigfltrt.t
index 4f36bde..97f8032 100644
--- a/cpan/Math-BigRat/t/bigfltrt.t
+++ b/cpan/Math-BigRat/t/bigfltrt.t
@@ -16,4 +16,4 @@ $CALC  = "Math::BigInt::Calc";
 pass();
 
 # fails still too many tests
-#require 't/bigfltpm.inc';		# all tests here for sharing
+#require './t/bigfltpm.inc';		# all tests here for sharing
diff --git a/cpan/Math-BigRat/t/bigratpm.t b/cpan/Math-BigRat/t/bigratpm.t
index a5bb947..675d1e9 100644
--- a/cpan/Math-BigRat/t/bigratpm.t
+++ b/cpan/Math-BigRat/t/bigratpm.t
@@ -11,4 +11,4 @@ our ($CLASS, $CALC);
 $CLASS = "Math::BigRat";
 $CALC  = "Math::BigInt::Calc";  # backend
 
-require 't/bigratpm.inc';	# all tests here for sharing
+require './t/bigratpm.inc';	# all tests here for sharing
diff --git a/cpan/perlfaq/lib/perlfaq5.pod b/cpan/perlfaq/lib/perlfaq5.pod
index 22e88b8..239f92a 100644
--- a/cpan/perlfaq/lib/perlfaq5.pod
+++ b/cpan/perlfaq/lib/perlfaq5.pod
@@ -1278,7 +1278,7 @@ comes with Perl tries to convert C include files to Perl code, which
 can be C<require>d. FIONREAD ends up defined as a function in the
 I<sys/ioctl.ph> file:
 
-    require 'sys/ioctl.ph';
+    require './sys/ioctl.ph';
 
     $size = pack("L", 0);
     ioctl(FH, FIONREAD(), $size)    or die "Couldn't call ioctl: $!\n";
@@ -1378,7 +1378,7 @@ used for things that Perl opened itself, even if it was a dup of a
 numeric descriptor as with C<MHCONTEXT> above. But if you really have
 to, you may be able to do this:
 
-    require 'sys/syscall.ph';
+    require './sys/syscall.ph';
     my $rc = syscall(SYS_close(), $fd + 0);  # must force numeric
     die "can't sysclose $fd: $!" unless $rc == -1;
 
diff --git a/cpan/perlfaq/lib/perlfaq8.pod b/cpan/perlfaq/lib/perlfaq8.pod
index 3431417..42b27ab 100644
--- a/cpan/perlfaq/lib/perlfaq8.pod
+++ b/cpan/perlfaq/lib/perlfaq8.pod
@@ -239,7 +239,7 @@ and in pixels:
 This is more portable than the raw C<ioctl>, but not as
 illustrative:
 
-    require 'sys/ioctl.ph';
+    require './sys/ioctl.ph';
     die "no TIOCGWINSZ " unless defined &TIOCGWINSZ;
     open(my $tty_fh, "+</dev/tty")                     or die "No tty: $!";
     unless (ioctl($tty_fh, &TIOCGWINSZ, $winsize='')) {
diff --git a/dist/Thread-Queue/t/01_basic.t b/dist/Thread-Queue/t/01_basic.t
index 2983f0b..4ec5195 100644
--- a/dist/Thread-Queue/t/01_basic.t
+++ b/dist/Thread-Queue/t/01_basic.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/02_refs.t b/dist/Thread-Queue/t/02_refs.t
index 0cebdc1..fdf8f6b 100644
--- a/dist/Thread-Queue/t/02_refs.t
+++ b/dist/Thread-Queue/t/02_refs.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/03_peek.t b/dist/Thread-Queue/t/03_peek.t
index d543b59..29ef75e 100644
--- a/dist/Thread-Queue/t/03_peek.t
+++ b/dist/Thread-Queue/t/03_peek.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/05_extract.t b/dist/Thread-Queue/t/05_extract.t
index de0e78b..d8cb417 100644
--- a/dist/Thread-Queue/t/05_extract.t
+++ b/dist/Thread-Queue/t/05_extract.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/06_insert.t b/dist/Thread-Queue/t/06_insert.t
index 4f9d1df..93617e1 100644
--- a/dist/Thread-Queue/t/06_insert.t
+++ b/dist/Thread-Queue/t/06_insert.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/07_lock.t b/dist/Thread-Queue/t/07_lock.t
index b20e060..6337221 100644
--- a/dist/Thread-Queue/t/07_lock.t
+++ b/dist/Thread-Queue/t/07_lock.t
@@ -14,7 +14,7 @@ use Thread::Queue;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Queue/t/10_timed.t b/dist/Thread-Queue/t/10_timed.t
index 8404720..da8b03a 100644
--- a/dist/Thread-Queue/t/10_timed.t
+++ b/dist/Thread-Queue/t/10_timed.t
@@ -13,7 +13,7 @@ use threads;
 use Thread::Queue;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Semaphore/t/01_basic.t b/dist/Thread-Semaphore/t/01_basic.t
index b10f725..be3a223 100644
--- a/dist/Thread-Semaphore/t/01_basic.t
+++ b/dist/Thread-Semaphore/t/01_basic.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Semaphore/t/04_nonblocking.t b/dist/Thread-Semaphore/t/04_nonblocking.t
index d1538e8..bef964e 100644
--- a/dist/Thread-Semaphore/t/04_nonblocking.t
+++ b/dist/Thread-Semaphore/t/04_nonblocking.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/dist/Thread-Semaphore/t/05_force.t b/dist/Thread-Semaphore/t/05_force.t
index 8803cfa..667efba 100644
--- a/dist/Thread-Semaphore/t/05_force.t
+++ b/dist/Thread-Semaphore/t/05_force.t
@@ -14,7 +14,7 @@ use threads::shared;
 use Thread::Semaphore;
 
 if ($] == 5.008) {
-    require 't/test.pl';   # Test::More work-alike for Perl 5.8.0
+    require './t/test.pl';   # Test::More work-alike for Perl 5.8.0
 } else {
     require Test::More;
 }
diff --git a/ext/DynaLoader/t/DynaLoader.t b/ext/DynaLoader/t/DynaLoader.t
index 77fb65d..7fe30b3 100644
--- a/ext/DynaLoader/t/DynaLoader.t
+++ b/ext/DynaLoader/t/DynaLoader.t
@@ -4,7 +4,7 @@ use strict;
 use Config;
 push @INC, '.';
 if (-f 't/test.pl') {
-  require 't/test.pl';
+  require './t/test.pl';
 } else {
   require '../../t/test.pl';
 }
diff --git a/h2pl/cbreak.pl b/h2pl/cbreak.pl
index 422185e..ad4c187 100644
--- a/h2pl/cbreak.pl
+++ b/h2pl/cbreak.pl
@@ -12,7 +12,7 @@ sub set_cbreak {
     local($on) = @_;
 
     require 'sizeof.ph';
-    require 'sys/ioctl.ph';
+    require './sys/ioctl.ph';
 
     ioctl(STDIN,&TIOCGETP,$sgttyb)
         || die "Can't ioctl TIOCGETP: $!";
diff --git a/h2pl/cbreak2.pl b/h2pl/cbreak2.pl
index 8ac55a3..db71d26 100644
--- a/h2pl/cbreak2.pl
+++ b/h2pl/cbreak2.pl
@@ -11,7 +11,7 @@ sub cooked {
 sub set_cbreak {
     local($on) = @_;
 
-    require 'sys/ioctl.pl';
+    require './sys/ioctl.pl';
 
     ioctl(STDIN,$TIOCGETP,$sgttyb)
         || die "Can't ioctl TIOCGETP: $!";
diff --git a/lib/h2ph.t b/lib/h2ph.t
index 64d9dc0..bdcc389 100644
--- a/lib/h2ph.t
+++ b/lib/h2ph.t
@@ -1,5 +1,4 @@
 #!./perl
-use strict;
 
 # quickie tests to see if h2ph actually runs and does more or less what is
 # expected
diff --git a/lib/strict.t b/lib/strict.t
index d6c6ed0..bfee762 100644
--- a/lib/strict.t
+++ b/lib/strict.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $local_tests = 6;
 require "../t/lib/common.pl";
diff --git a/lib/warnings.t b/lib/warnings.t
index ee696fe..7c24f3a 100644
--- a/lib/warnings.t
+++ b/lib/warnings.t
@@ -1,7 +1,7 @@
 #!./perl
 
 chdir 't' if -d 't';
-@INC = '../lib';
+@INC = ( '.', '../lib' );
 
 our $UTF8 = (${^OPEN} || "") =~ /:utf8/;
 require "../t/lib/common.pl";
diff --git a/makedef.pl b/makedef.pl
index 80723ca..767e428 100644
--- a/makedef.pl
+++ b/makedef.pl
@@ -70,7 +70,7 @@ BEGIN {
 }
 use constant PLATFORM => $ARGS{PLATFORM};
 
-require "$ARGS{TARG_DIR}regen/embed_lib.pl";
+require "./$ARGS{TARG_DIR}regen/embed_lib.pl";
 
 # Is the following guard strictly necessary? Added during refactoring
 # to keep the same behaviour when merging other code into here.
diff --git a/pod/buildtoc b/pod/buildtoc
index acb8cf6..75bdcf2 100644
--- a/pod/buildtoc
+++ b/pod/buildtoc
@@ -14,7 +14,7 @@ no locale;
 BEGIN {
   my $Top = File::Spec->catdir($FindBin::Bin, File::Spec->updir);
   chdir $Top or die "Can't chdir to $Top: $!";
-  require 'Porting/pod_lib.pl';
+  require './Porting/pod_lib.pl';
 }
 
 die "$0: Usage: $0 [--quiet]\n"
diff --git a/pod/perlmodlib.PL b/pod/perlmodlib.PL
index 484d906..6ebe844 100644
--- a/pod/perlmodlib.PL
+++ b/pod/perlmodlib.PL
@@ -13,7 +13,7 @@ if (@ARGV) {
     chdir $workdir
         or die "Couldn't chdir to '$workdir': $!";
 }
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 # MANIFEST itself is Unix style filenames, so we have to assume that Unix style
 # filenames will work.
diff --git a/regen.pl b/regen.pl
index 8788668..71a6eda 100644
--- a/regen.pl
+++ b/regen.pl
@@ -15,7 +15,7 @@ use strict;
 
 my $tap = $ARGV[0] && $ARGV[0] eq '--tap' ? '# ' : '';
 foreach my $pl (map {chomp; "regen/$_"} <DATA>) {
-  my @command =  ($^X, $pl, @ARGV);
+  my @command =  ($^X, '-I.', $pl, @ARGV);
   print "$tap@command\n";
   system @command
     and die "@command failed: $?" 
diff --git a/regen/ebcdic.pl b/regen/ebcdic.pl
index fa8a051..a3e049d 100644
--- a/regen/ebcdic.pl
+++ b/regen/ebcdic.pl
@@ -1,8 +1,11 @@
 use v5.16.0;
 use strict;
 use warnings;
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+
+BEGIN { unshift @INC, '.' }
+
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 
 # Generates the EBCDIC translation tables that were formerly hard-coded into
 # utfebcdic.h
diff --git a/regen/embed.pl b/regen/embed.pl
index 6007d92..3234cc0 100755
--- a/regen/embed.pl
+++ b/regen/embed.pl
@@ -26,8 +26,8 @@ use strict;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
-    require 'regen/embed_lib.pl';
+    require './regen/regen_lib.pl';
+    require './regen/embed_lib.pl';
 }
 
 my $SPLINT = 0; # Turn true for experimental splint support http://www.splint.org
diff --git a/regen/feature.pl b/regen/feature.pl
index 97d0359..f8cf4a8 100755
--- a/regen/feature.pl
+++ b/regen/feature.pl
@@ -11,7 +11,7 @@
 # This script is normally invoked from regen.pl.
 
 BEGIN {
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
     push @INC, './lib';
 }
 use strict ;
diff --git a/regen/genpacksizetables.pl b/regen/genpacksizetables.pl
index 7a03dcd..d886822 100644
--- a/regen/genpacksizetables.pl
+++ b/regen/genpacksizetables.pl
@@ -3,7 +3,7 @@
 # it will generate EBCDIC too. (TODO)
 use strict;
 use Encode;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 sub make_text {
     my ($chrmap, $letter, $unpredictable, $nocsum, $size, $condition) = @_;
diff --git a/regen/keywords.pl b/regen/keywords.pl
index eafe58c..9619d86 100755
--- a/regen/keywords.pl
+++ b/regen/keywords.pl
@@ -11,7 +11,7 @@
 use strict;
 use Devel::Tokenizer::C 0.05;
 
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my $h = open_new('keywords.h', '>',
 		 { by => 'regen/keywords.pl', from => 'its data',
diff --git a/regen/lib_cleanup.pl b/regen/lib_cleanup.pl
index c9d6e43..5e40b40 100644
--- a/regen/lib_cleanup.pl
+++ b/regen/lib_cleanup.pl
@@ -1,7 +1,7 @@
 #!perl -w
 use strict;
-require 'regen/regen_lib.pl';
-require 'Porting/pod_lib.pl';
+require './regen/regen_lib.pl';
+require './Porting/pod_lib.pl';
 use vars qw($TAP $Verbose);
 
 # For processing later
diff --git a/regen/mg_vtable.pl b/regen/mg_vtable.pl
index a05a7d4..342f5e0 100644
--- a/regen/mg_vtable.pl
+++ b/regen/mg_vtable.pl
@@ -20,7 +20,7 @@ require 5.004;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 my %mg =
diff --git a/regen/miniperlmain.pl b/regen/miniperlmain.pl
index 9123b3f..37a3fff 100644
--- a/regen/miniperlmain.pl
+++ b/regen/miniperlmain.pl
@@ -4,7 +4,7 @@ use strict;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
     unshift @INC, 'ext/ExtUtils-Miniperl/lib';
 }
 
diff --git a/regen/mk_PL_charclass.pl b/regen/mk_PL_charclass.pl
index 5b609e5..8b217b3 100644
--- a/regen/mk_PL_charclass.pl
+++ b/regen/mk_PL_charclass.pl
@@ -2,8 +2,8 @@
 use v5.15.8;
 use strict;
 use warnings;
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 
 # This program outputs l1_charclass_tab.h, which defines the guts of the
 # PL_charclass table.  Each line is a bit map of properties that the Unicode
diff --git a/regen/mk_invlists.pl b/regen/mk_invlists.pl
index 460a72c..d6ff165 100644
--- a/regen/mk_invlists.pl
+++ b/regen/mk_invlists.pl
@@ -8,8 +8,8 @@ use Unicode::UCD qw(prop_aliases
                     prop_invlist
                     prop_invmap search_invlist
                    );
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 
 # This program outputs charclass_invlists.h, which contains various inversion
 # lists in the form of C arrays that are to be used as-is for inversion lists.
diff --git a/regen/opcode.pl b/regen/opcode.pl
index edb9f4d..0bd62ce 100755
--- a/regen/opcode.pl
+++ b/regen/opcode.pl
@@ -20,7 +20,7 @@ use strict;
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 my $oc = open_new('opcode.h', '>',
@@ -924,7 +924,7 @@ package main;
 # which define what bits in op_private have what meanings for each op.
 # It populates %LABELS, %DEFINES, %FLAGS, %BITFIELDS.
 
-require 'regen/op_private';
+require './regen/op_private';
 
 #use Data::Dumper;
 #print Dumper \%LABELS, \%DEFINES, \%FLAGS, \%BITFIELDS;
diff --git a/regen/overload.pl b/regen/overload.pl
index c95ab2d..38dac32 100644
--- a/regen/overload.pl
+++ b/regen/overload.pl
@@ -16,7 +16,7 @@
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 use strict;
diff --git a/regen/reentr.pl b/regen/reentr.pl
index 3a0afaf..564a68f 100644
--- a/regen/reentr.pl
+++ b/regen/reentr.pl
@@ -18,7 +18,7 @@
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 
 use strict;
diff --git a/regen/regcharclass.pl b/regen/regcharclass.pl
index 9115eaf..d40c143 100755
--- a/regen/regcharclass.pl
+++ b/regen/regcharclass.pl
@@ -11,8 +11,8 @@ our $hex_fmt= "0x%02X";
 sub DEBUG () { 0 }
 $|=1 if DEBUG;
 
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 require "regen/regcharclass_multi_char_folds.pl";
 
 =head1 NAME
diff --git a/regen/regcomp.pl b/regen/regcomp.pl
index 850eeb9..94aa572 100644
--- a/regen/regcomp.pl
+++ b/regen/regcomp.pl
@@ -20,7 +20,7 @@
 
 BEGIN {
     # Get function prototypes
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
 }
 use strict;
 
diff --git a/regen/uconfig_h.pl b/regen/uconfig_h.pl
index 99a74f1..1c3d1b2 100755
--- a/regen/uconfig_h.pl
+++ b/regen/uconfig_h.pl
@@ -10,7 +10,7 @@
 
 use strict;
 use Config;
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my ($uconfig_h, $uconfig_h_new, $config_h_sh)
     = ('uconfig.h', 'uconfig.h-new', 'config_h.SH');
diff --git a/regen/unicode_constants.pl b/regen/unicode_constants.pl
index baf25f1..9689731 100644
--- a/regen/unicode_constants.pl
+++ b/regen/unicode_constants.pl
@@ -1,8 +1,8 @@
 use v5.16.0;
 use strict;
 use warnings;
-require 'regen/regen_lib.pl';
-require 'regen/charset_translations.pl';
+require './regen/regen_lib.pl';
+require './regen/charset_translations.pl';
 use Unicode::UCD;
 use charnames qw(:loose);
 
diff --git a/regen/warnings.pl b/regen/warnings.pl
index 40e7265..739a7b4 100644
--- a/regen/warnings.pl
+++ b/regen/warnings.pl
@@ -19,7 +19,7 @@
 $VERSION = '1.37';
 
 BEGIN {
-    require 'regen/regen_lib.pl';
+    require './regen/regen_lib.pl';
     push @INC, './lib';
 }
 use strict ;
diff --git a/regen_perly.pl b/regen_perly.pl
index f9ef04b..b8fb5d7 100644
--- a/regen_perly.pl
+++ b/regen_perly.pl
@@ -35,7 +35,7 @@ sub usage { die "usage: $0 [ -b bison_executable ] [ file.y ]\n" }
 use warnings;
 use strict;
 
-BEGIN { require 'regen/regen_lib.pl'; }
+BEGIN { require './regen/regen_lib.pl'; }
 
 my $bison = 'bison';
 
diff --git a/t/comp/line_debug.t b/t/comp/line_debug.t
index 8361194..71626bb 100644
--- a/t/comp/line_debug.t
+++ b/t/comp/line_debug.t
@@ -1,5 +1,7 @@
 #!./perl
 
+BEGIN { unshift @INC, '.' }
+
 chdir 't' if -d 't';
 
 sub ok {
diff --git a/t/lib/warnings/op b/t/lib/warnings/op
index cc0cf46..b0b9c0a 100644
--- a/t/lib/warnings/op
+++ b/t/lib/warnings/op
@@ -1453,6 +1453,7 @@ END { print "in end\n"; }
 print "in mainline\n";
 1;
 --FILE--
+BEGIN { unshift @INC, '.' }
 require abc;
 do "abc.pm";
 EXPECT
diff --git a/t/op/goto.t b/t/op/goto.t
index 351f86a..66438a3 100644
--- a/t/op/goto.t
+++ b/t/op/goto.t
@@ -280,7 +280,7 @@ YYY: print "OK\n";
 EOT
 close $f;
 
-$r = runperl(prog => 'use Op_goto01; print qq[DONE\n]');
+$r = runperl(prog => 'BEGIN { unshift @INC, q[.] } use Op_goto01; print qq[DONE\n]');
 is($r, "OK\nDONE\n", "goto within use-d file"); 
 unlink_all "Op_goto01.pm";
 
diff --git a/t/porting/authors.t b/t/porting/authors.t
index bc69e3a..563b92a 100644
--- a/t/porting/authors.t
+++ b/t/porting/authors.t
@@ -7,7 +7,7 @@ BEGIN {
 use TestInit qw(T); # T is chdir to the top level
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 find_git_or_skip('all');
 
 # This is the subset of "pretty=fuller" that checkAUTHORS.pl actually needs:
diff --git a/t/porting/bench.t b/t/porting/bench.t
index 527995a..bbebd37 100644
--- a/t/porting/bench.t
+++ b/t/porting/bench.t
@@ -8,7 +8,7 @@ BEGIN {
 use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 my $source = find_git_or_skip('all');
 chdir $source or die "Can't chdir to $source: $!";
 
diff --git a/t/porting/cmp_version.t b/t/porting/cmp_version.t
index 55b4003..bbbc852 100644
--- a/t/porting/cmp_version.t
+++ b/t/porting/cmp_version.t
@@ -16,7 +16,7 @@ BEGIN {
 use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 my $source = find_git_or_skip('all');
 chdir $source or die "Can't chdir to $source: $!";
 
diff --git a/t/porting/corelist.t b/t/porting/corelist.t
index 251a260..820ff3e 100644
--- a/t/porting/corelist.t
+++ b/t/porting/corelist.t
@@ -6,7 +6,7 @@ use TestInit qw(T);
 use strict;
 use Config;
 
-require 't/test.pl';
+require './t/test.pl';
 
 plan(tests => 6);
 
diff --git a/t/porting/diag.t b/t/porting/diag.t
index ccde8cb..cdd9d64 100644
--- a/t/porting/diag.t
+++ b/t/porting/diag.t
@@ -9,7 +9,7 @@ use warnings;
 use strict;
 use Config;
 
-require 't/test.pl';
+require './t/test.pl';
 
 if ( $Config{usecrosscompile} ) {
   skip_all( "Not all files are available during cross-compilation" );
@@ -26,7 +26,7 @@ plan('no_plan');
 my $make_exceptions_list = ($ARGV[0]||'') eq '--make-exceptions-list'
   and shift;
 
-require 'regen/embed_lib.pl';
+require './regen/embed_lib.pl';
 
 # Look for functions that look like they could be diagnostic ones.
 my @functions;
diff --git a/t/porting/globvar.t b/t/porting/globvar.t
index bc0203a..3052b38 100644
--- a/t/porting/globvar.t
+++ b/t/porting/globvar.t
@@ -4,7 +4,7 @@ use TestInit qw(T);
 use strict;
 use Config;
 
-require 't/test.pl';
+require './t/test.pl';
 
 skip_all("Code to read symbols not ported to $^O")
     if $^O eq 'VMS' or $^O eq 'MSWin32';
diff --git a/t/porting/manifest.t b/t/porting/manifest.t
index 580b487..6e97402 100644
--- a/t/porting/manifest.t
+++ b/t/porting/manifest.t
@@ -30,7 +30,7 @@ BEGIN {
 }
 use TestInit qw(T); # T is chdir to the top level
 
-require 't/test.pl';
+require './t/test.pl';
 
 skip_all("Cross-compiling, the entire source might not be available")
     if $Config{usecrosscompile};
diff --git a/t/porting/pending-author.t b/t/porting/pending-author.t
index 4dceaf6..0aaa546 100644
--- a/t/porting/pending-author.t
+++ b/t/porting/pending-author.t
@@ -27,7 +27,7 @@ use TestInit qw(T); # T is chdir to the top level
 use strict;
 use File::Spec;
 
-require 't/test.pl';
+require './t/test.pl';
 find_git_or_skip('all');
 
 my $devnull = File::Spec->devnull;
diff --git a/t/porting/pod_rules.t b/t/porting/pod_rules.t
index 46a0114..894b153 100644
--- a/t/porting/pod_rules.t
+++ b/t/porting/pod_rules.t
@@ -25,7 +25,7 @@ BEGIN {
       chdir '..';
     }
     @INC = qw(lib .); # Special @INC.
-    require 't/test.pl';
+    require './t/test.pl';
 }
 
 use strict;
diff --git a/t/porting/readme.t b/t/porting/readme.t
index e127920..232a45f 100644
--- a/t/porting/readme.t
+++ b/t/porting/readme.t
@@ -10,7 +10,7 @@ BEGIN {
 use TestInit qw(T); # T is chdir to the top level
 use strict;
 use warnings;
-require 't/test.pl';
+require './t/test.pl';
 
 my @porting_files;
 open my $man, "MANIFEST" or die "Can't open MANIFEST: $!";
diff --git a/t/porting/regen.t b/t/porting/regen.t
index 5d08518..3aa1fd5 100644
--- a/t/porting/regen.t
+++ b/t/porting/regen.t
@@ -8,8 +8,8 @@ BEGIN {
 use TestInit qw(T A); # T is chdir to the top level, A makes paths absolute
 use strict;
 
-require 'regen/regen_lib.pl';
-require 't/test.pl';
+require './regen/regen_lib.pl';
+require './t/test.pl';
 $::NO_ENDING = $::NO_ENDING = 1;
 
 if ( $^O eq "VMS" ) {
@@ -86,7 +86,7 @@ OUTER: foreach my $file (@files) {
 }
 
 foreach (@progs) {
-    my $command = "$^X $_ --tap";
+    my $command = "$^X -I. $_ --tap";
     system $command
         and die "Failed to run $command: $?";
 }
diff --git a/t/porting/utils.t b/t/porting/utils.t
index 475380d..92eafbd 100644
--- a/t/porting/utils.t
+++ b/t/porting/utils.t
@@ -22,7 +22,7 @@ BEGIN {
 use TestInit qw(T); # T is chdir to the top level
 use strict;
 
-require 't/test.pl';
+require './t/test.pl';
 
 # It turns out that, since the default @INC will include your old 5.x libs, if
 # you have them, the Porting utils might load a library that no longer compiles
diff --git a/t/re/pat.t b/t/re/pat.t
index 0f5a3e4..bda7d0b 100644
--- a/t/re/pat.t
+++ b/t/re/pat.t
@@ -1676,7 +1676,7 @@ EOP
             # NOTE - Do not put quotes in the code!
             # NOTE - We have to triple escape the backref in the pattern below.
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 watchdog(3);
                 for my $len (1 .. 20) {
                     my $eights= q(8) x $len;
@@ -1692,7 +1692,7 @@ EOP
             # #123562]
 
             my $code='
-                BEGIN{require q(test.pl);}
+                BEGIN{require q(./test.pl);}
                 use Encode qw(_utf8_on);
                 # \x80 and \x41 are continuation bytes in their respective
                 # character sets
@@ -1760,7 +1760,7 @@ EOP
                 my ($expr, $expect, $test_name, $cap1)= @$tuple;
                 # avoid quotes in this code!
                 my $code='
-                    BEGIN{require q(test.pl);}
+                    BEGIN{require q(./test.pl);}
                     watchdog(3);
                     my $status= eval(q{ !(' . $expr . ') ? q(failed) : ' .
                         ($cap1 ? '($1 ne q['.$cap1.']) ? qq(badmatch:$1) : ' : '') .
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 82846a4..8861a3d 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,7 +285,8 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-is ($default_inc[-1], '.', '. is last in @INC');
+ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
+#is ($default_inc[-1], '.', '. is last in @INC');
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/t/run/switches.t b/t/run/switches.t
index 0018a74..b61be56 100644
--- a/t/run/switches.t
+++ b/t/run/switches.t
@@ -194,12 +194,12 @@ sub import { print map "<\$_>", \@_ }
 SWTESTPM
     close $f or die "Could not close: $!";
     $r = runperl(
-	switches    => [ "-M$package" ],
+	switches    => [ "-I.", "-M$package" ],
 	prog	    => '1',
     );
     is( $r, "<$package>", '-M' );
     $r = runperl(
-	switches    => [ "-M$package=foo" ],
+	switches    => [ "-I.", "-M$package=foo" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo>", '-M with import parameter' );
@@ -213,7 +213,7 @@ SWTESTPM
         is( $r, '', '-m' );
     }
     $r = runperl(
-	switches    => [ "-m$package=foo,bar" ],
+	switches    => [ "-I.", "-m$package=foo,bar" ],
 	prog	    => '1',
     );
     is( $r, "<$package><foo><bar>", '-m with import parameters' );
diff --git a/t/test.pl b/t/test.pl
index 349bcc9..de2ada0 100644
--- a/t/test.pl
+++ b/t/test.pl
@@ -652,7 +652,7 @@ sub _create_runperl { # Create the string to qx in runperl().
 	$runperl = "$ENV{PERL_RUNPERL_DEBUG} $runperl";
     }
     unless ($args{nolib}) {
-	$runperl = $runperl . ' "-I../lib"'; # doublequotes because of VMS
+	$runperl = $runperl . ' "-I../lib" "-I." '; # doublequotes because of VMS
     }
     if ($args{switches}) {
 	local $Level = 2;
@@ -1261,6 +1261,7 @@ sub run_multiple_progs {
 	open my $fh, '>', $tmpfile or die "Cannot open >$tmpfile: $!";
 	print $fh q{
         BEGIN {
+            push @INC, '.';
             open STDERR, '>&', STDOUT
               or die "Can't dup STDOUT->STDERR: $!;";
         }
diff --git a/utils/Makefile.PL b/utils/Makefile.PL
index 27c371f..85b0833 100644
--- a/utils/Makefile.PL
+++ b/utils/Makefile.PL
@@ -13,7 +13,7 @@ if (@ARGV) {
 # attempting to move the work from them to the extension directories and
 # ExtUtils::MakeMaker.
 
-require 'regen/regen_lib.pl';
+require './regen/regen_lib.pl';
 
 my $target = 'utils/Makefile';
 print "Extracting $target (with variable substitutions)\n";
diff --git a/utils/c2ph.PL b/utils/c2ph.PL
index ea87a6f..c5b5a3f 100644
--- a/utils/c2ph.PL
+++ b/utils/c2ph.PL
@@ -198,8 +198,8 @@ them in terms of packages and functions.  Consider the following program:
     #!/usr/local/bin/perl
 
     require 'syscall.ph';
-    require 'sys/time.ph';
-    require 'sys/resource.ph';
+    require './sys/time.ph';
+    require './sys/resource.ph';
 
     $ru = "\0" x &rusage'sizeof();
 
diff --git a/utils/perlivp.PL b/utils/perlivp.PL
index e522913..81f8ae4 100644
--- a/utils/perlivp.PL
+++ b/utils/perlivp.PL
@@ -231,7 +231,7 @@ if (defined($Config{'extensions'})) {
         next if $_ eq 'XS/APItest';
         next if $_ eq 'XS/Typemap';
            # VMS$ perl  -e "eval ""require \""Devel/DProf.pm\"";"" print $@"
-           # \NT> perl  -e "eval \"require 'Devel/DProf.pm'\"; print $@"
+           # \NT> perl  -e "eval \"require './Devel/DProf.pm'\"; print $@"
            # DProf: run perl with -d to use DProf.
            # Compilation failed in require at (eval 1) line 1.
         eval " require \"$_.pm\"; ";
-- 
2.10.1

@p5pRT
Copy link
Author

p5pRT commented Oct 20, 2016

From @toddr

0002-Remove-.-from-default-INC-when-default_inc_excludes_.patch
From d3f94da671f14731927d20f672a39e9ffffe41ee Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 31 Mar 2016 17:04:53 -0500
Subject: [PATCH 2/3] Remove "." from default @INC when
 default_inc_excludes_dot is set (not default).

Perl now provides a way to build perl without . in @INC by default. If you want
this feature, you can build with -Ddefault_inc_excludes_dot

Because the testing / make process for perl modules do not function well
with . missing from @INC, Perl now supports the environment variable
PERL_USE_UNSAFE_INC=1 which makes Perl behave as it previously did,
returning . to @INC in all child processes.

WARNING: PERL_USE_UNSAFE_INC has been provided during the perl 5.25 development
cycle and is not guaranteed to function in perl 5.26.

Update unit tests and default value files to work with the new %Config
variable "default_inc_excludes_dot"
---
 Configure                 | 25 +++++++++++++++++++++++++
 Cross/config.sh-arm-linux |  1 +
 NetWare/config.wc         |  1 +
 Porting/config.sh         |  1 +
 config_h.SH               |  6 ++++++
 configure.com             |  1 +
 perl.c                    |  9 +++++++--
 plan9/config_sh.sample    |  1 +
 symbian/config.sh         |  1 +
 t/run/runenv.t            |  9 +++++++--
 uconfig.h                 |  7 +++++++
 uconfig.sh                |  1 +
 uconfig64.sh              |  1 +
 win32/config.ce           |  1 +
 win32/config.gc           |  1 +
 win32/config.vc           |  1 +
 16 files changed, 63 insertions(+), 4 deletions(-)

diff --git a/Configure b/Configure
index 818ab8e..14aa692 100755
--- a/Configure
+++ b/Configure
@@ -1389,6 +1389,8 @@ vendorscriptexp=''
 versiononly=''
 yacc=''
 yaccflags=''
+default_inc_excludes_dot=''
+
 CONFIG=''
 
 : Detect odd OSs
@@ -5106,6 +5108,28 @@ rp='What is the file extension used for shared libraries?'
 . ./myread
 so="$ans"
 
+: Include . in @INC
+$cat << EOM
+
+Historically Perl has provided a final fallback of the current working
+directory '.' when searching for a library. This, however, can lead to
+problems when a Perl program which loads optional modules is called from
+a shared directory. This can lead to executing unexpected code.
+
+EOM
+
+case "$default_inc_excludes_dot" in
+    $define|true|[yY]*)     dflt="n";;
+    *)  dflt='y';;
+esac
+
+rp='Provide '.' in @INC by default? '
+. ./myread
+case "$ans" in
+    [nN]*|define) default_inc_excludes_dot="$define" ;;
+    *)   default_inc_excludes_dot="$undef"  ;;
+esac
+
 : Does target system insist that shared library basenames are unique
 $cat << EOM
 
@@ -25364,6 +25388,7 @@ vi='$vi'
 xlibpth='$xlibpth'
 yacc='$yacc'
 yaccflags='$yaccflags'
+default_inc_excludes_dot='$default_inc_excludes_dot'
 zcat='$zcat'
 zip='$zip'
 EOT
diff --git a/Cross/config.sh-arm-linux b/Cross/config.sh-arm-linux
index 8b3f5c0..9e58088 100644
--- a/Cross/config.sh-arm-linux
+++ b/Cross/config.sh-arm-linux
@@ -624,6 +624,7 @@ db_prefixtype='size_t'
 db_version_major=''
 db_version_minor=''
 db_version_patch=''
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='so'
 dlsrc='dl_dlopen.xs'
diff --git a/NetWare/config.wc b/NetWare/config.wc
index d61924e..f13474e 100644
--- a/NetWare/config.wc
+++ b/NetWare/config.wc
@@ -615,6 +615,7 @@ db_version_minor='0'
 db_version_patch='0'
 def_perlroot='sys:\perl\scripts'
 def_temp='sys:\perl\temp'
+default_inc_excludes_dot=''
 direntrytype='DIR'
 dlext='nlm'
 dlsrc='dl_netware.xs'
diff --git a/Porting/config.sh b/Porting/config.sh
index 4f6e643..cebac42 100644
--- a/Porting/config.sh
+++ b/Porting/config.sh
@@ -637,6 +637,7 @@ db_prefixtype='int'
 db_version_major='1'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='bundle'
 dlsrc='dl_dlopen.xs'
diff --git a/config_h.SH b/config_h.SH
index 099f92a..91ff58d 100755
--- a/config_h.SH
+++ b/config_h.SH
@@ -1452,6 +1452,12 @@ sed <<!GROK!THIS! >$CONFIG_H -e 's!^#undef\(.*/\)\*!/\*#define\1 \*!' -e 's!^#un
 #define BIN_EXP "$binexp"	/**/
 #define PERL_RELOCATABLE_INC "$userelocatableinc" 		/**/
 
+/* DEFAULT_INC_EXCLUDES_DOT:
+ *     This symbol, when defined, removes the legacy default behavior of including
+  *    . at the end of @INC.
+ */
+#$default_inc_excludes_dot DEFAULT_INC_EXCLUDES_DOT                /**/
+
 /* PERL_INC_VERSION_LIST:
  *	This variable specifies the list of subdirectories in over
  *	which perl.c:incpush() and lib/lib.pm will automatically
diff --git a/configure.com b/configure.com
index 1d11fe1..b45adc4 100644
--- a/configure.com
+++ b/configure.com
@@ -6778,6 +6778,7 @@ $ WC "u64size='" + u64size + "'"
 $ WC "u64type='" + u64type + "'"
 $ WC "u8size='" + u8size + "'"
 $ WC "u8type='" + u8type + "'"
+$ WC "default_inc_excludes_dot=''"
 $ WC "uidformat='lu'"
 $ WC "uidsign='1'"
 $ WC "uidsize='4'"
diff --git a/perl.c b/perl.c
index 21a8b30..b2711fe 100644
--- a/perl.c
+++ b/perl.c
@@ -4648,8 +4648,13 @@ S_init_perllib(pTHX)
 #endif
 #endif /* !PERL_IS_MINIPERL */
 
-    if (!TAINTING_get)
-	S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    if (!TAINTING_get) {
+#if !defined(PERL_IS_MINIPERL) && defined(DEFAULT_INC_EXCLUDES_DOT)
+        const char * const unsafe = PerlEnv_getenv("PERL_USE_UNSAFE_INC");
+        if (unsafe && strEQ(unsafe, "1"))
+#endif
+          S_incpush(aTHX_ STR_WITH_LEN("."), 0);
+    }
 }
 
 #if defined(DOSISH) || defined(__SYMBIAN32__)
diff --git a/plan9/config_sh.sample b/plan9/config_sh.sample
index a89c918..1b9d5da 100644
--- a/plan9/config_sh.sample
+++ b/plan9/config_sh.sample
@@ -623,6 +623,7 @@ db_prefixtype='size_t'
 db_version_major=''
 db_version_minor=''
 db_version_patch=''
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='none'
 dlsrc='dl_none.xs'
diff --git a/symbian/config.sh b/symbian/config.sh
index b311521..999447a 100644
--- a/symbian/config.sh
+++ b/symbian/config.sh
@@ -570,6 +570,7 @@ db_prefixtype='size_t'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 dlext='dll'
 dlsrc='dl_symbian.xs'
diff --git a/t/run/runenv.t b/t/run/runenv.t
index 8861a3d..2a1fcbf 100644
--- a/t/run/runenv.t
+++ b/t/run/runenv.t
@@ -285,8 +285,13 @@ is ($err, '', 'No errors when determining @INC');
 
 my @default_inc = split /\n/, $out;
 
-ok ! grep { $_ eq '.' } @default_inc, '. is not in @INC';
-#is ($default_inc[-1], '.', '. is last in @INC');
+# Based on the default_inc_excludes_dot Configuration variable, we either do or don't expect . to be in the default @INC.
+if ( $Config{default_inc_excludes_dot} && $Config{default_inc_excludes_dot} eq 'define' ) {
+    ok( ( !grep { $_ eq '.' } @default_inc ), '. is not in @INC' );
+}
+else {
+    ok( ( grep { $_ eq '.' } @default_inc ), '. is in @INC' );
+}
 
 my $sep = $Config{path_sep};
 foreach (['nothing', ''],
diff --git a/uconfig.h b/uconfig.h
index a02560f..1c60bbd 100644
--- a/uconfig.h
+++ b/uconfig.h
@@ -1177,6 +1177,13 @@
  *	C99-style static inline.  That is, the function can't be called
  *	from another translation unit.
  */
+
+
+/* DEFAULT_INC_EXCLUDES_DOT:
+ *     This symbol, when defined, causes @INC to include . as a final fallback.
+ */
+#define DEFAULT_INC_EXCLUDES_DOT                /**/
+
 /* PERL_STATIC_INLINE:
  *	This symbol gives the best-guess incantation to use for static
  *	inline functions.  If HAS_STATIC_INLINE is defined, this will
diff --git a/uconfig.sh b/uconfig.sh
index edc36db..df77b08 100644
--- a/uconfig.sh
+++ b/uconfig.sh
@@ -561,6 +561,7 @@ db_prefixtype='size_t'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 doubleinfbytes='0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x7f'
 doublekind='3'
diff --git a/uconfig64.sh b/uconfig64.sh
index df18372..39e8751 100644
--- a/uconfig64.sh
+++ b/uconfig64.sh
@@ -562,6 +562,7 @@ db_prefixtype='size_t'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct dirent'
 doubleinfbytes='0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x7f'
 doublekind='3'
diff --git a/win32/config.ce b/win32/config.ce
index 8f68ddd..70b4b4a 100644
--- a/win32/config.ce
+++ b/win32/config.ce
@@ -611,6 +611,7 @@ db_prefixtype='int'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct direct'
 dlext='dll'
 dlsrc='dl_win32.xs'
diff --git a/win32/config.gc b/win32/config.gc
index 69a21a2..79b2f5d 100644
--- a/win32/config.gc
+++ b/win32/config.gc
@@ -612,6 +612,7 @@ db_prefixtype='int'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct direct'
 dlext='dll'
 dlltool='~ARCHPREFIX~dlltool'
diff --git a/win32/config.vc b/win32/config.vc
index 50d2a92..3a8aaec 100644
--- a/win32/config.vc
+++ b/win32/config.vc
@@ -612,6 +612,7 @@ db_prefixtype='int'
 db_version_major='0'
 db_version_minor='0'
 db_version_patch='0'
+default_inc_excludes_dot=''
 direntrytype='struct direct'
 dlext='dll'
 dlsrc='dl_win32.xs'
-- 
2.10.1

@p5pRT
Copy link
Author

p5pRT commented Oct 20, 2016

From @toddr

0003-Update-t-porting-regen.t-with-a-more-clear-error-mes.patch
From e69cb721a686c4c68732fcac27b89f5e9f75a2a6 Mon Sep 17 00:00:00 2001
From: Todd Rinaldo <toddr@cpan.org>
Date: Thu, 20 Oct 2016 13:20:57 -0500
Subject: [PATCH 3/3] Update t/porting/regen.t with a more clear error message
 when it fails.

---
 t/porting/regen.t | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/t/porting/regen.t b/t/porting/regen.t
index 3aa1fd5..2a89bef 100644
--- a/t/porting/regen.t
+++ b/t/porting/regen.t
@@ -78,10 +78,15 @@ OUTER: foreach my $file (@files) {
 	    next OUTER;
 	}
 
-	my $digest = digest($2);
-	note("$digest $2");
-	push @bad, $2 unless $digest eq $1;
+    my $digest_got  = $1;
+    my $digest_file = $2;
+
+    my $digest = digest($digest_file);
+    if ( $digest ne $digest_got ) {
+        note("$file appears to have not been updated after $digest_file was altered. It should be $digest but is $digest_got instead");
+        push @bad, $digest_file unless $digest eq $digest_got;
     }
+
     is("@bad", '', "generated $file is up to date");
 }
 
-- 
2.10.1

@p5pRT
Copy link
Author

p5pRT commented Oct 20, 2016

From @xsawyerx

On 10/20/2016 08​:43 PM, Todd Rinaldo via RT wrote​:

On Sun Aug 14 01​:35​:18 2016, hmbrand wrote​:

just took a snippet, but it should never be set to ''

The default should be 'undef' or 'define', not ''
... *snip*
Bump.

As I understand things per our discussion at YAPC​::EU, this patch should be ready for merge but requires a wave of the metaconfig wand once merged.

I've also rebased on blead and removed some of the things Father Chrysostomos was worried about in the final commit.

While we're at it, mst also noticed another issue​: "do" doesn't work on
current directory, as one might expect, but relative to @​INC.

$ echo "print 'hello'" > eg.pl ; perl -le 'do "eg.pl";'
hello

$ echo "print 'hello'" > eg.pl ; perl -le 'pop @​INC if $INC[-1] eq ".";
do "eg.pl";'
(no output)

However, you can still do​:

$ echo "print 'hello'" > eg.pl ; perl -le 'pop @​INC if $INC[-1] eq ".";
do "./eg.pl";'
hello

@p5pRT
Copy link
Author

p5pRT commented Oct 20, 2016

From @toddr

On Thu Oct 20 13​:37​:26 2016, xsawyerx@​gmail.com wrote​:

While we're at it, mst also noticed another issue​: "do" doesn't work
on
current directory, as one might expect, but relative to @​INC.

$ echo "print 'hello'" > eg.pl ; perl -le 'do "eg.pl";'
hello

$ echo "print 'hello'" > eg.pl ; perl -le 'pop @​INC if $INC[-1] eq
".";
do "eg.pl";'
(no output)

However, you can still do​:

$ echo "print 'hello'" > eg.pl ; perl -le 'pop @​INC if $INC[-1] eq
".";
do "./eg.pl";'
hello

Yes. The same goes for require since as best I can tell it's the same underlying code. Is this a problem?

Todd

@p5pRT
Copy link
Author

p5pRT commented Oct 22, 2016

From @Tux

On Thu, 20 Oct 2016 11​:43​:03 -0700, "Todd Rinaldo via RT"
<perlbug-followup@​perl.org> wrote​:

On Sun Aug 14 01​:35​:18 2016, hmbrand wrote​:

just took a snippet, but it should never be set to ''

The default should be 'undef' or 'define', not ''
... *snip*

Bump.

As I understand things per our discussion at YAPC​::EU, this patch
should be ready for merge but requires a wave of the metaconfig wand
once merged.

I've also rebased on blead and removed some of the things Father
Chrysostomos was worried about in the final commit.

I now pushed where I stopped​: I cannot get regen to work as expected :(

branch no-dot-in-inc

--
H.Merijn Brand http​://tux.nl Perl Monger http​://amsterdam.pm.org/
using perl5.00307 .. 5.25 porting perl5 on HP-UX, AIX, and openSUSE
http​://mirrors.develooper.com/hpux/ http​://www.test-smoke.org/
http​://qa.perl.org http​://www.goldmark.org/jeff/stupid-disclaimers/

@p5pRT
Copy link
Author

p5pRT commented Oct 22, 2016

From @shadowcat-mst

Yes. The same goes for require since as best I can tell it's the same underlying code. Is this a problem?

I think it is.

'require' is meant to load modules, so the normal use case is walking @​INC,
so its behaviour is (relatively) expected here.

'do' is documented as "largely like​: eval `cat stat.pl`" and generally used
as such - the fact that its support for files in the current working
directory comes via .-in-@​INC is, I think, an implementation detail.

So having do() suddenly fail to DWIM for its most common and documented
purpose is going to be intensely confusing, especially given its common
use for e.g. relative loading of config files in Olde CGI Scripts.

I'm not sure what, if anything, can be done to rescue that, but it seems
like a much bigger POLS violation than the rest of the effects, and at
least we should explicitly consider the impact and whether there's some way
to ameliorate it.

--
Matt S Trout - Shadowcat Systems - Perl consulting with a commit bit and a clue

http​://shadowcat.co.uk/blog/matt-s-trout/ http​://twitter.com/shadowcat_mst/

Email me now on mst (at) shadowcat.co.uk and let's chat about how our CPAN
commercial support, training and consultancy packages could help your team.

@p5pRT
Copy link
Author

p5pRT commented Oct 22, 2016

From @mauke

Am 22.10.2016 um 14​:58 schrieb H.Merijn Brand​:

On Thu, 20 Oct 2016 11​:43​:03 -0700, "Todd Rinaldo via RT"
<perlbug-followup@​perl.org> wrote​:

On Sun Aug 14 01​:35​:18 2016, hmbrand wrote​:

just took a snippet, but it should never be set to ''

The default should be 'undef' or 'define', not ''
... *snip*

Bump.

As I understand things per our discussion at YAPC​::EU, this patch
should be ready for merge but requires a wave of the metaconfig wand
once merged.

I've also rebased on blead and removed some of the things Father
Chrysostomos was worried about in the final commit.

I now pushed where I stopped​: I cannot get regen to work as expected :(

branch no-dot-in-inc

I don't know what the expected behavior is but I ran​:

  make regen_perly
  perl regen/keywords.pl
  perl regen/mk_invlists.pl
  perl regen/regcharclass.pl

and now 'make test_porting' passes.

--
Lukas Mai <plokinom@​gmail.com>

@p5pRT
Copy link
Author

p5pRT commented Oct 22, 2016

From @toddr

On Sat Oct 22 08​:24​:33 2016, mst@​shadowcat.co.uk wrote​:

Yes. The same goes for require since as best I can tell it's the same
underlying code. Is this a problem?

I think it is.

'require' is meant to load modules, so the normal use case is walking
@​INC,
so its behaviour is (relatively) expected here.

'do' is documented as "largely like​: eval `cat stat.pl`" and generally
used
as such - the fact that its support for files in the current working
directory comes via .-in-@​INC is, I think, an implementation detail.

You pulled cat stat.pl from the docs the next line explicitly says that
it does this based on searching @​INC. In point of fact if stat.pl was
also in a library path, it would have the same surprising result of not
loading the local file.

So having do() suddenly fail to DWIM for its most common and
documented
purpose is going to be intensely confusing, especially given its
common
use for e.g. relative loading of config files in Olde CGI Scripts.

I would argue the Olde CGI scripts using a shiny new perl they
explicitly built to not have . in @​INC should also be surprised if
that works. Note​: all they have to do is change the code to
'do "./stat.pl "' to get that intended result

I'm not sure what, if anything, can be done to rescue that, but it
seems
like a much bigger POLS violation than the rest of the effects, and at
least we should explicitly consider the impact and whether there's
some way
to ameliorate it.

The whole point of this change is that cwd should not be relevant
to a running program's loading logic. It is my belief that do honoring
@​INC is consistent and correct.

Now, if all you are arguing for is that we update the docs I am for that,
but please let's do that in an alternate patch. This ticket is getting a
little long in the tooth.

@p5pRT
Copy link
Author

p5pRT commented Oct 23, 2016

From @Tux

On Sat, 22 Oct 2016 17​:38​:08 +0200, Lukas Mai <plokinom@​gmail.com>
wrote​:

Am 22.10.2016 um 14​:58 schrieb H.Merijn Brand​:

On Thu, 20 Oct 2016 11​:43​:03 -0700, "Todd Rinaldo via RT"
<perlbug-followup@​perl.org> wrote​:

On Sun Aug 14 01​:35​:18 2016, hmbrand wrote​:
[...]

Bump.

As I understand things per our discussion at YAPC​::EU, this patch
should be ready for merge but requires a wave of the metaconfig wand
once merged.

I've also rebased on blead and removed some of the things Father
Chrysostomos was worried about in the final commit.

I now pushed where I stopped​: I cannot get regen to work as expected :(

branch no-dot-in-inc

I don't know what the expected behavior is but I ran​:

 make regen\_perly
 perl regen/keywords\.pl
 perl regen/mk\_invlists\.pl
 perl regen/regcharclass\.pl

and now 'make test_porting' passes.

I took a different computer and ended up with the same two failing
tests​:

Test Summary Report


run/runenv.t (Wstat​: 0 Tests​: 104 Failed​: 1)
  Failed test​: 62
porting/regen.t (Wstat​: 0 Tests​: 43 Failed​: 2)
  Failed tests​: 4-5
Files=2512, Tests=967572, 151 wallclock secs (99.32 usr 10.27 sys + 660.60 cusr 38.64 csys = 808.83 CPU)
Result​: FAIL

--
H.Merijn Brand http​://tux.nl Perl Monger http​://amsterdam.pm.org/
using perl5.00307 .. 5.25 porting perl5 on HP-UX, AIX, and openSUSE
http​://mirrors.develooper.com/hpux/ http​://www.test-smoke.org/
http​://qa.perl.org http​://www.goldmark.org/jeff/stupid-disclaimers/

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

From @xsawyerx

I'm pinging this topic.

We're coming up on 5.25.9 and I would like to move forward on this soon.

What's left to resolve?

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

From @jkeenan

On Sat, 31 Dec 2016 15​:39​:13 GMT, xsawyerx@​cpan.org wrote​:

I'm pinging this topic.

We're coming up on 5.25.9 and I would like to move forward on this soon.

What's left to resolve?

Among other things, we'd need a new branch to test on.

The only branch mentioned in this RT was 'no-dot-in-inc'. The only branch we have in the repository with a name like that is 'arc/no-dot-in-inc'. (I suspect that there may have been other branches that have since been removed.) But that branch does not rebase cleanly on blead.

--
James E Keenan (jkeenan@​cpan.org)

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

From @ilmari

"James E Keenan via RT" <perlbug-followup@​perl.org> writes​:

On Sat, 31 Dec 2016 15​:39​:13 GMT, xsawyerx@​cpan.org wrote​:

I'm pinging this topic.

We're coming up on 5.25.9 and I would like to move forward on this soon.

What's left to resolve?

Among other things, we'd need a new branch to test on.

The only branch mentioned in this RT was 'no-dot-in-inc'. The only
branch we have in the repository with a name like that is
'arc/no-dot-in-inc'. (I suspect that there may have been other
branches that have since been removed.) But that branch does not
rebase cleanly on blead.

That branch was rebased and merged to blead in commit d9961b0. I guess
the remaining question is what the default value of the
default_inc_excludes_dot option should be, and whether we backport it to
any maint branches.

--
"A disappointingly low fraction of the human race is,
at any given time, on fire." - Stig Sandbeck Mathisen

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

From @toddr

On Sat, 31 Dec 2016 09​:14​:59 -0800, ilmari wrote​:

"James E Keenan via RT" <perlbug-followup@​perl.org> writes​:

That branch was rebased and merged to blead in commit d9961b0. I guess
the remaining question is what the default value of the
default_inc_excludes_dot option should be, and whether we backport it to
any maint branches.

As far as I'm concerned, this ticket should be closed. The original goal of this ticket was to get a compile option (default off) to be able to build perl without . in @​INC. As Jim says, this has been done.

In its place, we might want a new ticket titled​: " Default perl builds to not include . in @​INC (default_inc_excludes_dot)"

This might be a place we could collect information from #toolchain and friends on what the impact of this change would be. I apologize but I misunderstood that changing the default would be a contentious change so we have little time left to sort this out, don't we?

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

From @xsawyerx

On Sat, 31 Dec 2016 09​:21​:43 -0800, TODDR wrote​:

On Sat, 31 Dec 2016 09​:14​:59 -0800, ilmari wrote​:

"James E Keenan via RT" <perlbug-followup@​perl.org> writes​:

That branch was rebased and merged to blead in commit d9961b0. I
guess
the remaining question is what the default value of the
default_inc_excludes_dot option should be, and whether we backport it
to
any maint branches.

As far as I'm concerned, this ticket should be closed. The original
goal of this ticket was to get a compile option (default off) to be
able to build perl without . in @​INC. As Jim says, this has been done.

In its place, we might want a new ticket titled​: " Default perl builds
to not include . in @​INC (default_inc_excludes_dot)"

I agree. Closing this ticket since it was merged.

Let's follow-up on toolchain efforts in another ticket to decide when we can flip the switch. (My hopes is to flip it by 5.25.9.)

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

@xsawyerx - Status changed from 'open' to 'pending release'

@p5pRT
Copy link
Author

p5pRT commented Dec 31, 2016

@xsawyerx - Status changed from 'pending release' to 'resolved'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant