perl5280cdelta - what is new for cperl v5.28.0


This document describes differences between the cperl 5.26.2 and the cperl 5.28.0 release.

If you are upgrading from an earlier release such as v5.26.1c, first read perl5262cdelta, which describes differences between v5.26.1c and v5.26.2c.


The new cperl classes/roles have still some "LIMITATIONS" in perlclass.

cperl did not change the subroutine attribute and signature order. This is the most damaging significant syntax change to date, even worse than the unnecessary for (qw()) change, rendering all existing attribute based frameworks useless. This change would have required a major version bump to perl7. Any minor problem with the wrong order of evaluation should have been fixed internally and transparent to the established syntax.

For all perl5 changes which were rejected in cperl 5.28 see and

Core Enhancements


study does not stringify hashes anymore, it rather calls the new hv_study function on hashes, which optimizes the internal structure of a hash. Currently clears all placeholders, and optionally shrinks its size if the new size falls below a power of two. On code, regex and arrays it does nothing yet, but might add type optimizations on the current dynamic status. cperl-only.

New strict hashpairs

Added use strict 'hashpairs' to allow only pairs for hash assignments, within a map even only an empty or single pair. See [cperl #281. cperl-only.

Honor the BOM

With any of three supported BOMs set use utf8 and use feature 'unicode_strings' at compile-time as documented until perl 5.26.

With 5.26 perl5 decided to change the documentation to match the broken implementation. With cperl 5.27.0c the implementation was fixed instead. See [cperl #269] and [perl #121292]. cperl-only.

Safer perl -c:s cmdline flag

Avoid undoable and unsafe sideeffects (io, ...) in the CHECK mode, esp. for editor syntax checks. See [cperl #263]

Essentially prepend -Mops=:browse,:load,print with -c:s. cperl-only.

class, role, method, has, fields

cperl has now the class, role, method and has keywords as in perl6, fields was extended. has fields are lexically scoped variables, available in all methods and internally represented via oelem OPs and fields. multi methods are not yet supported. There are no perl6-like public, private sigils, use the _ prefix as convention for private. See perlclass.

Old user-subroutines or parser-hacks with these names are still supported, but not recommended. B does not export class anymore.

Check and normalize stringified names

Before symbols and identifiers created from strings at run-time were added asis. Now those names are treated almost as in the parser at compile-time, i.e. unicode is normalized, mixed Unicode scripts are checked at run-time also. cperl-only.

Behaviour of "valid_ident" in perlapi:

    ${"\xc3\x28"}       => FALSE.  Illegal unicode, but no warning or error,
                           unless under strict names.
    ${"E\x{45}\x{301}"} => TRUE.   Normalized to $E\x{c9}
    ${"एxṰர::ʦፖㄡsȨ"}   => FALSE. Error: Invalid script Tamil in identifier
                            ர::ʦፖㄡsȨ for U+0BB0. Have Devanagari

See below "strict names". use strict fatalizes now any run-time identifier parsing problem. cperl-only.

strict names

strict names is the default when using use strict. Reject illegal identifiers at run-time when created dynamically from strings, which would be rejected at compile-time. cperl-only.

    use strict "names";
    ${"\$var"}    => Invalid identifier "$var" while "strict names"
    ${"\xff"}     => Invalid identifier "\377" while "strict names"
    ${"\xc3\x28"} => Invalid identifier "\303(" while "strict names"

See "Identifier parsing" in perldata and cperl-only.

Optimize static methods to subs

When a method call can be proven at compile-time to use a specific subroutine, optimize away the run-time method dispatch on a non-threaded perl. When it is for a XS subroutine, such as with e.g. use strict; which does BEGIN {require strict;} strict->import; the strict->import part is optimized from the slow entersub op to the enterxssub op, as if via strict::import("strict",...). The slow GV lookup in entersub cannot be converted to a faster CVref lookup, as this would break dynamic method redefinitions. See This is ~4% faster for each such method call. cperl-only.

Named anonymous CV - usenamedanoncv

Support named anonymous CV names, i.e. orphaned or interim subroutine names are not changed to __ANON__ anymore, but a @ character is appended. The @ character is also used to identify numbered special blocks like BEGIN@1 in Devel::NYTProf and later to name and identify multi methods (polymorphism).

Dump more COP fields

Dump the values of a COP $^H, %^H and the lexical warnings via op_dump() and it's XS module Devel::Peek. Improve the display of cop SEQ values and ranges, and padnames. Added a DEBUGGING cop_dump() helper, esp. useful for deleted PL_curcop's. cperl-only.

More unicode ops

Added the strong unicode fraction op / U+2044, which binds stronger than all other arithmetic ops, and the two unicode multiplication ops U+022C5 (dot operator) and U+2219 (multiplication dot), which binds the same as *. cperl-only.

' is a valid part of a subroutine name

Accept ' as valid subroutine name character in declarations, if in the middle, just don't expand it to ::. This allows: sub don't { ... } but not sub do' {} nor sub 'do {}.

Unfortunately using this name is not yet as easy as before, when the ' was expanded to ::. print don't; is illegal, as the quote looks for the 2nd string delimiter pair, and doesn't yet check for the existing subroutine name.

In XS you can check for the define PERL_NO_QUOTE_PKGSEPERATOR how the quote is handled.

delete on key/value slices

delete can now be used on key/value slices, returning the keys along with the deleted values. [perl #131328]

Unicode 10.0 is supported

A list of changes is at

Experimentally, there are now alphabetic synonyms for some regular expression assertions

If you find it difficult to remember how to write certain of the pattern assertions, there are now alphabetic synonyms.

 CURRENT                NEW SYNONYMS
 ------                 ------------
 (?=...)        (*pla:...) or (*positive_lookahead:...)
 (?!...)        (*nla:...) or (*negative_lookahead:...)
 (?<=...)       (*plb:...) or (*positive_lookbehind:...)
 (?<!...)       (*nlb:...) or (*negative_lookbehind:...)
 (?>...)        (*atomic:...)

These are considered experimental, so using any of these will raise (unless turned off) a warning in the experimental::alpha_assertions category.

Re-enable warnings illegalproto

Parse prototypes for errors again. Either with :prototype() or as signature. Illegal prototypes are not stored. Most illegal protos are subsequently parsed as signature, but some are just wrong protos, such as '[$' missing the ']', or :prototype($_$).

In-place editing is now safer

Previously in-place editing would delete or rename the input file as soon as you started working on a new file.

Without backups this would result in loss of data if there was an error, such as a full disk, when writing to the output file.

This has changed so that the input file isn't replaced until the output file has been completely written and successfully closed.

This works by creating a work file in the same directory, which is renamed over the input file once the output file is complete.


[perl #127663]

Initialisation of aggregate state variables

A persistent lexical array or hash variable can now be initialized, by an expression such as state @a = qw(x y z). Initialization of a list of persistent lexical variables is still not possible.

Full-size inode numbers

On platforms where inode numbers are of a type larger than perl's native integer numerical types, stat will preserve the full content of large inode numbers by returning them in the form of strings of decimal digits. Exact comparison of inode numbers can thus be achieved by comparing with eq rather than ==. Comparison with ==, and other numerical operations (which are usually meaningless on inode numbers), work as well as they did before, which is to say they fall back to floating point, and ultimately operate on a fairly useless rounded inode number if the real inode number is too big for the floating point format.

Changed warnings::register handling of all

If a scope used "use warnings 'all'" to turn on all warnings and then turned off some specific warnings, then that scope wouldn't get warnings for subsequently-registered warning categories, because its bitset doesn't extend to the bit controlling the new category.

Unlike all other warning categories, the bits for "all" used to be set only when there were no warning categories disabled; disabling any would also clear the "all" bits. That was supporting the dynamic nature of warnings::register extending the all-warnings bitset for new categories. This exception is now removed, so the meaning of the "all" bits is now the more obvious meaning, of indicating the default treatment that the scope wants for warnings not falling into any category known to the bitset. In warnings::warnif() et al, if the caller's bitset is found to be too short to have a bit for the relevant category, then the setting for the "all" category is used instead.

Because the length of a bitset is an integral number of bytes, but only two bits are used per category, the length of a bitset doesn't precisely indicate which categories had been registered by the time it was constructed. So the standard bitsets for the "all" category are now always filled to their byte length, with bits set preemptively for categories not yet registered that fall within the current bitset length.

When a warnings pragma operates on a bitset, it first expands it to the preferred length, by duplicating the "all" bits for the categories covered by the new length. It is careful to maintain the length when combining the bitset with the standard bitsets for categories. When a bitset is read from ${^WARNING_BITS} or from caller(), the standard pWARN_ALL setting is no longer expanded by the core to $warnings::Bits{all}, because the core's short WARN_ALLstring will now be expanded correctly just like any other bitset.

Fixes [perl #108778]

Computed shaped array sizes

This is now a valid shaped array delaration, with the lhs array size computed from the number of constant elements in the rhs list expressions. The array must only consist of compile-time scalars.

    my @a[] = (0,1,2);

my @a[]; without assignment is still a syntax error.

See [cperl #210] cperl-only.

New read-only predefined variable ${^SAFE_LOCALES}

This variable is 1 if the Perl interpreter is operating in an environment where it is safe to use and change locales (see perllocale.) This variable is true when the perl is unthreaded, or compiled in a platform that supports thread-safe locale operation (see next item).

Locales are now thread-safe on systems that support them

These systems include Windows starting with Visual Studio 2005 and POSIX 2008 systems.

The implication is that you are now free to use locales and changes them in a threaded environment. Your changes affect only your thread. See "Multi-threaded operation" in perllocale

Mixed Unicode scripts in strings

perl5 added a string check via regex for mixed unicode scripts, which might be marginally useful. Note that this feature doesn't prevent from security attacks as cperl identifier protections. Only cperl detects mixed unicode scripts in identifiers.

A mixture of scripts, such as Cyrillic and Latin, in a string is often the sign of a spoofing attack. A new regular expression construct now allows for easy detection of these. For example, you can say

 qr/(*script_run: \d+ \b )/x

And the digits matched will all be from the same set of 10. You won't get a look-alike digit from a different script that has a different value than what it appears to be.


 qr/(*sr: \b \w+ \b )/x

makes sure that all the characters come from the same script.

You can also combine script runs with (?>...) (or *atomic:...)).

Instead of writing:


you can now run:

    # or

This is considered experimental, so using it will raise (unless turned off) a warning in the experimental::script_run category.

See "Script Runs" in perlre.

String- and number-specific bitwise ops are no longer experimental

The new string-specific (&. |. ^. ~.) and number-specific (& | ^ ~) bitwise operators introduced in Perl 5.22 that are available within the scope of use feature 'bitwise' are no longer experimental. Because the number-specific ops are spelled the same way as the existing operators that choose their behaviour based on their operands, these operators must still be enabled via the "bitwise" feature, in either of these two ways:

    use feature "bitwise";

    use v5.28; # "bitwise" now included

They are also now enabled by the -E command-line switch.

The "bitwise" feature no longer emits a warning. Existing code that disables the "experimental::bitwise" warning category that the feature previously used will continue to work.

One caveat that module authors ought to be aware of is that the numeric operators now pass a fifth TRUE argument to overload methods. Any methods that check the number of operands may croak if they do not expect so many. XS authors in particular should be aware that this:

    SV *
    bitop_handler (lobj, robj, swap)

may need to be changed to this:

    SV *
    bitop_handler (lobj, robj, swap, ...)


[CVE-2017-12837] Heap buffer overflow in regular expression compiler

Compiling certain regular expression patterns with the case-insensitive modifier could cause a heap buffer overflow and crash perl. This has now been fixed. [perl #131582]

[CVE-2017-12883] Buffer over-read in regular expression parser

For certain types of syntax error in a regular expression pattern, the error message could either contain the contents of a random, possibly large, chunk of memory, or could crash perl. This has now been fixed. [perl #131598]

[CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows

A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. [perl #131665]

Unsigned long stack access of printf format arguments

perl 5.27.5 started allowing unsigned long/4 stack indices for its sv arguments, and width and precision with the API even allowing unsigned long. Previously those numbers were safely typed to int. Revert that security problem in cperl. The maximal width and precision is also back to INT_MAX. See [cperl #344]

Disallow illegal glob with embedded NUL

E.g. <$fh\000> throws now the safe syscalls warning, and errors with Glob not terminated, and does not pass the illegal glob path to the internal or external glob.

This problem was added with v5.27.5 by replacing strchr with memchr, allowing such illegal strings. See [cperl #342] cperl-only.

Follow chroot with chdir("/")

Fixed two security issues with the chroot op:

1. fail on embedded NUL in the chroot argument. Set errno to EINVAL.

2. If a call to chroot is not followed by a call to chdir("/") the chroot jail confinement can be violated. In Perl_pp_chroot: A call to chroot followed by an operation that may escape from the chroot jail. Coverity CID #165302 Insecure chroot.

Set umask(0600) before calling mkstemp

POSIX 2008 demands such an umask, but it is still problematic on Solaris, HP-UX and AIX and older libcs, e.g. glibc <= 2.06. Temporarily set the umask such that the temp. file has 0600 permissions.

Note on the perl5 Hash Function Change

perl5 still claims to have improved hash table security by switching to mostly "secure" hash functions: Siphash (2-4 and 1-3 variants), Zaphod32, and StadtX hash. In addition they support SBOX32 (a form of tabular hashing) for hashing short strings, in conjunction with any of the other hash functions provided.

This is a false claim and pure security theatre. Hash tables cannot be made secure by switching to slower but still insecure hash functions. Only hash function with more than 256 bits can be considered secure All 32bit hash functions can be trivially brute-forced (in up to max 4min for the slowest) once you know the secret seed, which is easily exposed in perl5. Hash table security can only be done via a secure collision strategy. Hash table hash functions must be small and fast.

See also cperl hash tables and The dangerous SipHash myth

Incompatible Changes

use strict hashpairs

use strict now includes a hashpair enforcement; this will now fail:

  my %xsc = map { /(.*)\.xs$/ ? ("$1.c" => 1, "$" => 1) : () } @files;

Two pairs being added in a map block violates strict hashpairs. Add the second pair in a second loop or assign to an array and then to an hash or add no strict 'hashpairs'.

  my %xsc = map { /(.*)\.xs$/ && ("$1.c" => 1) } @files;
  /^(.*)\.xs$/) && $xsc{"$"} = 1 for @files;


  my @xsc = map { /(.*)\.xs$/ ? ("$1.c" => 1, "$" => 1) : () } @files;
  my %xsc = @xsc;


  my %xsc;
    no strict 'hashpairs';
    %xsc = map { /(.*)\.xs$/ && ("$1.c" => 1) } @files;
    /^(.*)\.xs$/) && $xsc{"$"} = 1 for @files;


Comma-less variable lists in formats are no longer allowed

Omitting the commas between variables passed to formats is no longer allowed. This has been deprecated since perl 5.000.

The :locked and :unique attributes have been removed

These have been no-ops and deprecated since perl 5.12 and 5.10, respectively.

\N{} with nothing between the braces is now illegal.

This has been deprecated since Perl 5.24.

Opening the same symbol as both a file and directory handle is no longer allowed

Using open() and opendir() to associate both a filehandle and a dirhandle to the same symbol (glob or scalar) has been deprecated since Perl 5.10.

Use of bare << to mean <<"" is no longer allowed

Use of a bare terminator has been deprecated since Perl 5.000.

Setting $/ to a reference to a non-positive integer no longer allowed

This used to work like setting it to undef, but has been deprecated since Perl 5.20.

Unicode code points with values exceeding IV_MAX are now fatal.

This was deprecated since Perl 5.24.

B::OP::terse no longer exists.

Use B::Concise::b_terse instead.

Use of inherited AUTOLOAD for non-methods is no longer allowed.

This was deprecated in Perl 5.004.

Use of strings with code points over 0xFF is not allowed for bitwise string operators

Code points over 0xFF do not make sense for bitwise operators.

Backslash no longer escapes colon in PATH for the -S switch

Previously the -S switch incorrectly treated backslash ("\") as an escape for colon when traversing the PATH environment variable. [perl #129183]

Subroutines no longer need typeglobs

Perl 5.22.0 introduced an optimization allowing subroutines to be stored in packages as simple sub refs, not requiring a full typeglob (thus potentially saving large amounts of memeory). However, the optimization was flawed: it only applied to the main package.

This optimization has now been extended to all packages. This may break compatibility with introspection code that looks inside stashes and expects everything in them to be a typeglob.

When this optimization happens, the typeglob still notionally exists, so accessing it will cause the stash entry to be upgraded to a typeglob. The optimization does not apply to XSUBs or exported subroutines, and calling a method will undo it, since method calls cache things in typeglobs.

... is a term in cperl, not a statement

perl5.27.6 restricted ..., the yada-yada operator, to be a statement only. cperl reserved ... for the ellipsis, i.e. unassigned varargs in signatures to be passed through. Which is not a statement, but a term. In cperl ... is a TERM. Before ... was parsed as an operator, also used for ranges.

This affects illegal code like:

    ... . "foo";
    ... if $a < $b;


Illegal NUL, syntax error

Embedded NUL bytes read from files, not used in filters, are not whitespace anymore, they are syntax errors.

See [cperl #345] vs [perl #105920].

Parsing NUL bytes is now consistent from files with eval string. \0 delimited q quote is still valid though.

Only B::class is valid

The B module does not export the class method anymore. You need to use the full B::class name to avoid confusion with the new class keyword. cperl-only.

Sort algorithm can no longer be specified

Since Perl 5.8, the sort pragma has had subpragmata _mergesort, _quicksort, and _qsort that can be used to specify which algorithm perl should use to implement the sort builtin. This was always considered a dubious feature that might not last, hence the underscore spellings, and they were documented as not being portable beyond Perl 5.8. These subpragmata have now been deleted, and any attempt to use them is an error. The sort pragma otherwise remains, and the algorithm-neutral stable subpragma can be used to control sorting behaviour. [perl #119635]

Over-radix digits in floating point literals

Octal and binary floating point literals used to permit any hexadecimal digit to appear after the radix point. The digits are now restricted to those appropriate for the radix, as digits before the radix point always were.

Return type of unpackstring()

The return types of the C API functions unpackstring() and unpack_str() have changed from I32 to SSize_t, in order to accommodate datasets of more than two billion items.


Use of vec on strings with code points above 0xFF is deprecated.

Use of these is nonsensical, as vec is a bit-oriented operation, which operates on the underlying UTF-8 representation these strings must be in, and will likely give unexpected results.

Some uses of unescaped "{" are no longer fatal

Perl 5.26.0 fatalized some uses of an unescaped left brace, but an exception was made at the last minute, specifically crafted to be a minimal change to allow GNU Autoconf to work. This code is heavily depended upon, and continues to use the deprecated usage. Its use of an unescaped left brace is one where we have no intention of repurposing "{" to be something other than itself.

That exception is now generalized to include various other such cases where the "{" will not be repurposed. This is to get real experience with this more complicated change now, in case we need to issue a dot release if we find other things like Autoconf that are important to work around.

Note that these uses continue to raise a deprecation message.

Use of unescaped "{" immediately after a "(" in regular expression patterns is deprecated

Using unescaped left braces is officially deprecated everywhere, but it is not enforced in contexts where their use does not interfere with expected extensions to the language. A deprecation is added in this release when the brace appears immediately after an opening parenthesis. Before this, even if the brace was part of a legal quantifier, it was not interpreted as such, but as the literal characters, unlike other quantifiers that follow a "(" which are considered errors. Now, their use will raise a deprecation message, unless turned off.

Assignment to $[ will be fatal in Perl 5.30

Assigning a non-zero value to $[ has been deprecated since Perl 5.12, but was never given a deadline for removal. This has now been scheduled for Perl 5.30.

hostname() won't accept arguments in Perl 5.32

Passing arguments to Sys::Hostname::hostname() was already deprecated, but didn't have a removal date. This has now been scheduled for Perl 5.32. [perl #124349]

No autovivification of hash slice anymore

This is a new syntax warning, which is deprecated, and will disappear with v5.30c. Hash slices and key/value hash slices autovivified in subroutine arguments. This was a bug, but to check all your code for correctness and portability we keep this warning for 2 releases. See [cperl #347] and "No autovivification of hash slice anymore" in perldiag. cperl-only.

Module removals

The following modules will be removed from the core distribution in a future release, and will at that time need to be installed from CPAN. Distributions on CPAN which require these modules will need to list them as prerequisites.

The core versions of these modules will now issue "deprecated"-category warnings to alert you to this fact. To silence these deprecation warnings, install the modules in question from CPAN.

Note that these are (with rare exceptions) fine modules that you are encouraged to continue to use. Their disinclusion from core primarily hinges on their necessity to bootstrapping a fully functional, CPAN-capable Perl installation, not usually on concerns over their design.


was removed with 5.28 in perl and cperl.


will be removed from core with 5.30, and needs to be installed from CPAN then. Best together with B::Flags.


is marked as deprecated and obsolete.

Performance Enhancements

Modules and Pragmata

Key highlights in this release across several modules:

Removal of use vars

The usage of use vars has been discouraged since the introduction of our in Perl 5.6.0. Where possible the usage of this pragma has now been removed from the Perl source code.

This had a slight effect (for the better) on the output of WARNING_BITS in B::Deparse.

Several core modules released on CPAN will not work anymore with perl versions prior to 5.6.

Use of DynaLoader changed to XSLoader in many modules

XSLoader is more modern, and most modules already require perl 5.6 or greater, so no functionality is lost by switching. In some cases, we have also made changes to the local implementation that may not be reflected in the version on CPAN due to a desire to maintain more backwards compatibility.

Note that XSLoader is just an convenience extension over DynaLoader, for pure speed or less codesize DynaLoader is still the best solution.

New Modules and Pragmata

Mu 0.01

For now only the new, CREATE and fields methods, implemented as XS builtins.


Just the documentation for the perl6 MOP.

Updated Modules and Pragmata

Archive::Tar 2.30

'0' is a valid name for an archive, change 'iter' to check definedness. See

Fix creating file with trailing whitespace on filename - fixes 103279

Allow archiving with absolute pathnames - fixes 97748

Small POD fix

Speed up extract when archive contains lots of files

CVE-2018-12015 directory traversal vulnerability [cpan #125523]

arybase 0.15

Remove #ifdef USE_ITHREADS around MUTEX_* calls

attributes 1.14c

Remove deprecated no-op attributes :unique, :locked. Added another param to validate_proto.

Fixed :const parsing with SVs (cperl-only). Previously :const would set the containing sub to :const, now it sets the lexical to readonly, with deferring the attributes::import call after an assignment.

    my %h :const = (a => 1);
    assign %h = (...);
    attributes->import(PACKAGE, \%h, const);

See [cperl #294].

Attribute::Handlers 1.01_01

Remove deprecated no-op attributes :unique, :locked

Fix autovivification bug with hash slice args to a function.

B 1.71_08

Support PL_sv_zero

Add non-destructive $cv->PUREGV method, which does not create a GV from a CvNAMED $cv. Warning: $cv->GV does create a GV from a CvNAMED $cv.

Internal Refactor: thread API

Add many missing methods and docs. Some from B::C.

Don't export class anymore.

B::C 1.55_08

Support pgcc, seperate it from gcc

One global dJMPENV target, not multiple. Esp. for B::CC.

ByteLoader 0.12 fix bytecode types, xgv_flags, xcv_flag were too small. type bs_sv to also include PADNAME, PADLIST, PADNAMELIST as union.

Add t/

Fix compile-time REGEXP

Protect from destructive $cv->GV, renamed is_lexsub to is_named, allow @0, &0, ... types.

Support POK/PVLV REGEXP for v5.27.3/v5.27.2c

VOL => volatile for v5.27.6/v5.27.2c

Warning: The new multiconcat op is not yet supported.

B::Concise 1.003c

Support the new strict hints flags and abbrevate all strict flags as strict.

Support PL_sv_zero

B::Deparse 1.48_04c

Support boolean optims.

Better constant-dumping heuristics.

Many other bug fixes, and in particular, it now deparses variable attributes correctly:

    my $x :foo;  # used to deparse as
                 # 'attributes'->import('main', \$x, 'foo'), my $x;
B::Terse 1.09_01

Remove internal links to B::Debug

B::Xref 1.07_02

Support sub refs, and named anon subs.

base 2.27c

Turn off HvCLASS again, just turn on SvREADONLY @ISA. With all the new class features, we cannot and should not compete.

The problem is the new sub as :method warning with classes, which would cause all Test::Simple methods to be declared as :method, as they derive from base.

Limit dotless-INC effect on with guard

bignum 0.50c

merge with upstream

blib 1.07
bytes 1.06
Carp back to 1.45_01c

The perl5.28 Carp 1.49 update broke the B::C compiler by compile-time references to too many packages for no apparent reason: warnings, overloading, overload, UNIVERSAL::isa. Even the simpliest scripts could not be compiled anymore.

We rather suggest fixing the broken code by checking the warnings, as in the changed tests. The infinite recursion bug in t/Carp_overloadless.t is handled by use warnings FATAL => 'recursion' in the test, and your code should also.

The t/rt52610_crash.t with refcounted stack corruption is handled by eval wrapping in the test as your code should also.

The next Carp written in XS will not have these limitations, but a PP Carp should not overdo it. backtraces in critical error cases should be stable and perform no additional unstable dynamic loading.

Fix problems introduced by the partial EBCDIC support from version 1.35, and ISA constants. Not all stash elements are globs.

charnames 1.45

Remove obsolete pod about NBSP

Compress::Raw::Bzip2 2.081

Support pgcc, seperate it from gcc

Compress::Raw::Zlib 2.081

Support pgcc, seperate it from gcc

Updated internal zlib from 1.2.8 to latest, past 1.2.11

Silence gcc compiler warnings when -Wsign-compare is enabled #123688: Compilation warnings with clang

Silence gcc compiler warnings when -Wimplicit-fallthrough is enabled #123358: Compilation warnings with gcc-7.*

Windows uses -lzlib. Linux uses -lz #123699: wrong external zlib name used on Windows

Update zlib-src directory to use zlib 1.2.11 #123245: perl 5.26.1 is vulnerable to CVE-2016-9843, CVE-2016-9841, CVE-2016-9840, CVE-2016-9842

Don't allow offset to be greater than length of buffer in crc32.

Change my_zcalloc to use safecalloc. is the upstream report for the remaining valgrind errors not already dealt with by 1.2.11. Using calloc in Zlib.xs for now as a workaround. #121074: valgrind errors in the test suite

Fixed upstream deflate. See 1.2.11 is not recommended to use.

Config::Extensions 0.02
Config::Perl::V 0.30_01

Add test for 5.26.1-RC1, and some cperl -V's

Fix signature with argument

Ignore ccache and compiler path in signature

Add default_inc_excludes_dot

use vars => our

constant 1.34
coretypes 0.03c

Each coretype is now a class.

CPAN 2.20_01


Cpanel::JSON::XS 4.06

MSVC 14.0 support and higher, changed nan in the runtime.

Stringify true again as "1".

Disallow duplicate keys by default, only allow them in relaxed mode.

De-fragilize t/96_mojo.t false test to "". It mostly is.

Fix and unify utf8 handling with 5.6.2 and improve many utf8 tests.

Add tests for boolean sv_yes and sv_no.

Check for correct module in %INC.

Relax inf/nan detection for newer msvcrt.dll runtime versions (it's now almost ANSI).

Fixed locale-insensitive numeric conversion on older perls. Fixed compilation under windows.

Simplify allow_singlequote check, coverity cid #165321. Remove logical dead code.

Added Cpanel::JSON::XS::Type as 2nd optional encode argument.

Removed calling get magic hooks twice in encode.

Fix setlocale thread race for older perls.

Fix overloaded eq/ne comparisons (GH #116 by demerphq, GH #117 by Graham Knopp): detect strings, protect from endless recursion. false is now ne "True". clarify eq/ne rules in the docs.

Set decoded type (PR #115 by Pali)

Add json_type_weaken (PR #114 by Pali)

Fix tests for 5.6 (rurban, pali)

Add sereal cpanel_json_xs type (#110 James Rouzier)

Improved bencode/bdecode methods in cpanel_json_xs (#111 Fulvio Scapin)

Add encoder indent_length method (#103 rouzier), previously hard-coded to 3.

Fix centos7 locale crash (#101 McA), fix required for all threaded perl's < 5.22 with glibc.

Fix uselocale() code. Probe for uselocale and xlocale.h with <5.22 threaded.

Avoid setlocale race in threads with non-C locales, where the threads differ in the LC_NUMERIC locale. (#99 pali)

Data::Dumper 2.170_03

Attempt to work around XS deparse issues on old perls.

XS improvements

Quoting of glob names now obeys the Useqq option [perl #119831].

Attempts to set an option to undef through a combined getter/setter method are no longer mistaken for getter calls [perl #113090].

Devel::Peek 1.27_03

Add TYPECHECKED, RETTYPE and pad var names and types.

Dump the values of a COP $^H, %^H and lexical warnings. Improved the test a bit.

Use cv_set_call_checker_flags

Devel::NYTProf 6.06
Devel::PPPort 3.42_04

Restore silence under make -s. I broke it in cperl 5.27.0

Add #if { CPERL && VERSION 5.26.0 }> support, support parser enum expectation.

mkppport called PPPort_pm.PL without passing through MAKEFLAGS. Add --quiet support there


Support strict hashpairs, fix for . in @INC.

Merge with upstream, changed croak/mess/warn_nocontext/..., add NEED_ macros ...

deprecate 0.03_01

Add pod synopsis for modules for older perls.

Digest::SHA 6.02

Remove deprecated -p option and PurePerl variant.

Replaced DynaLoader with XSLoader.

Silenced compiler warnings from VS2017 RT #124477

Modified addfile to return error when given a directory name, makes behavior consistent with GNU coreutils shaXsum.

DirHandle 1.05

Document as obsolete

DB_File 1.842

Document the MacOS build failures & how MacPort can work around the issue. #125238, #125585, RT#133280

Write all test db files into a directory created by File::Temp Protects against any possible races if running a parallel build.

#96357: DB_File destructor is not thread-safe Added CLONE_SKIP to and included the test db-threads.t from the patch.

#124944 allow ppport.h-less builds in core

DynaLoader 2.09c

Fix wrong usage of SvREFCNT_inc_simple_NN with a function, fixes a memory leak.

Encode 2.98

no strict hashpairs in encoding. fixed some -Wsign-compare See

Skip the flapping test t/Aliases.t on threaded smokers, with random segfaults. This is a long standing core bug, with PMOP aliases or clone. First observed at (since 5.6)

Stop directory tweaking $Encode::Encoding{utf8}

Fix gcc warnings for older gcc < 4.0

Where possible do not depend on value of $@, instead use return value of eval

Fix more XS problems in Encode.xs file

Load modules Encode::MIME::Name and Storable normally

Remove no warnings 'redefine'; and correctly loaddependences

Remove PP stubs and reformat predefine_encodings()

Run Encode XS BOOT code at compile time

Use Encode::define_encoding and propagate carp/croak message

cperl fixes: encoding undeprecated, no strict hashpairs

Cleanup code for handling fallback/replacement characters

lib/Encode/MIME/ t/mime-name.t Pulled: Add "euc-cn" => "EUC-CN" alias to Encode::MIME::Name

lib/Encode/CN/ lib/Encode/JP/ lib/Encode/MIME/ t/decode.t Pulled: Uninitialized value fixes #122

Makefile.PL Pulled: Fix -Werror=declaration-after-statement for gcc 4.1.2

Fixed deep recursion in Encode::find_encoding when decoding.

experimental 0.020_01

eval use feature, minor test fix. Add the declared_refs feature. Enable lexical_topic for cperl 5.24, added perl5 compat.

Exporter 5.73

More use vars => our

ExtUtils::CBuilder 0.280230

Fix C++ compiler detection (RT #131749)

ExtUtils::Constant 0.25_01

Minor updates from p5p, but they are still distributing a broken module, bumping their version higher than ours. And worse, their version creates broken CPAN modules.

ExtUtils::Embed 1.35
ExtUtils::Install 2.14

Fix tests for when perl path contains a space

Fix win32 check

'make -s' support: set $INSTALL_QUIET automatically


  * use our instead of vars
  * lazy load modules
  * make OS variables into constants
  * move some calculations out of a loop

Removed instructions using Build.PL from README

Load Win32API::File for _move_file_at_boot only when needed

Allow disabling autosplit by omitting autosplit dir

ExtUtils::MakeMaker 8.35_06

Merge our fixes to upstream 7.35_06 (which has e.g. the dlltool mingw and parallel MSVC fixes). Many fixes were already in, but some new upstream bugs crept in.

Support IO::Scalar handle as $parsefile argument to ExtUtils::MM_Unix::parse_version().

fix Invalid Locale symbol name. Invalid identifier "ENCODING_UTF-8" while "strict names"

fix XSMULTI static with strict linkers, avoid duplicate symbol _boot_XS__Test in: Test.o blib/arch/auto/XS/Test/Test.a(Test.o)

xsstatic: fixup MAKE_APERL_FILE, which was Makefile.aperl.aperl, add xs_static_lib_is_xs

MSVC: seperate dbgoutflag

VMS: add static_lib_pure_cmd

Liblist: support libdirs with spaces

ExtUtils::Miniperl 1.08

Support afl-fuzz with afl-clang-fast

ExtUtils::ParseXS 3.39_03


Remove perl5 incompatible __attribute__global__ needed for -flto. XS_EXTERNAL has it already.

Moved xs pods still missing from the CPAN release completely to core.

ExtUtils::Typemaps 3.38
ExtUtils::XSSymSet 1.4
feature 1.52_01
fields 2.26c

A cperl class has now fields with @class::FIELDS targ offsets to the lexical fields, and the old %type::FIELDS hash pointing to the *class GV, allowing again compile-time type checks on typed object hash accesses.

Implemented "fields" in Mu returning fields objects, as in perl6 (there called Attributes).

Revert the conversion of a fields package to class. Only close the ISA as with base.


File::Copy 2.33

It will now use the sub-second precision variant of utime() supplied by Time::HiRes where available. [perl #132401].

File::Fetch 0.56

Switch test URL from to

File::Glob 1.31

Skip a test when File::Glob not used. Avoid undefined behaviour in Copy() [perl #131746]

File::Path 3.15_01c

Remove erroneous documentation.

Correct skip count for Windows.

Comment out two TODO tests.

Make subdirectory names used in tests more random.

File::Spec::Functions 3.36_05

Bumped version from unparsable 3.3.65, which prevented e.g. File::chdir to install.

File::stat 1.08
FileCache 1.10
Filter::Simple 0.95

Various small documentation fixes. Swap out use for Remove use of deprecated \C regex feature. Filter::Simple was erroneously signalling eof if it encountered a ‘no MyFilter’ right after ‘use’: use MyFilter; no MyFilter; In this case it should simply not filter anything.

File::Temp 0.2308

- remove File::Temp::Dir from the PAUSE index (it is not in its own .pm file, so it is not 'use'able on its own)

- change EXLOCK default from true to false; addresses RT#123959. Note that this option was always a no-op on non-BSD platforms; changing the default to false makes behaviour more predictable and consistent across platforms.

- switch from 'use vars' to 'our'

- documentation updates for what versions contain what features (thanks, Brian Mowrey! RT#101518)

- fix bad use of skip() in tests (RT#95922)

- Fall back to CSIDL_LOCAL_APPDATA under taint on Windows (RT#60340)

- update distribution tooling

Filter::Util::Call 1.59

XSLoader, our. defer Carp.

Add filter_read_exact tests.

Improve tests using FindBin for [atoomic #9]

Add int casts, assert on 2GB limitation.

GDBM_File 1.17

Its documentation now explains that each and delete don't mix in hashes tied to this module [perl #117449].

It will now retry opening with an acceptable block size if asking gdbm to default the block size failed [perl #119623].

Getopt::Long 2.50

Fix bug

Fix bug Unfortunately, this withdraws a small part of fix 114999. GNU getopt_long() does not accept the (optional) argument to be passed to the option without = sign. We do, since not doing so breaks existing scripts.

Provide a default value for options (gnu_compat mode). Thanks to Andrew Gregory.

Hash::Util 0.22_01

XS formatting

Hash::Util::FieldHash 1.20
HTTP::Tiny 0.076_01

Fix new autovivified hash slice warning, usenamedanoncv in api test

I18N::Langinfo 0.17

Use the new core function Perl_langinfo().

This module is now available on all platforms, emulating the system nl_langinfo(3) on systems that lack it. Some caveats apply, as detailed in its documentation, the most severe being that, except for MS Windows, the CODESET item is not implemented on those systems, always returning "".

It now sets the UTF-8 flag in its returned scalar if the string contains legal non-ASCII UTF-8, and the locale is UTF-8 [perl #127288].

This update also fixes a bug in which the underlying locale was ignored for the RADIXCHAR (always was returned as a dot) and the THOUSEP (always empty). Now the locale-appropriate values are returned.

I18N::LangTags 0.43_01

Linkify docs.

if 0.0608

Doc how to import when you want to use MODULE ()

IO 1.39_01

replace use vars with our, run-time load Carp, Bump versions of 3 Socket modules. Remove 5.6 support

IO::Compress::Base 2.081

lots of whitespace fixes in zipdetails exclude t/999pod.t also

IO::Socket::IP 0.39_02

Fix new Autovivified hash slice warning

IPC::Cmd 1.02

Added wait_loop_callback for run_forked()

Only search in curdir in can_run() when on Win32 RT #105601

Fixed can't use IPC::Cmd->run_forked in the first process of a container RT #118424

Fixed run_forked("/usr/bin/echo test") captures no output RT #91784

HPUX test fixes.

JSON::PP 2.97001_04

Various, see Merged 2.97001 from cpan with ours. Minor updates, mostly docs. Upstream Boolean still did not work with Cpanel::JSON::XS.

libnet 3.11_01
List::Util 1.49_10

Fixup the new pairmap spill code.

Locale::Codes 3.55

Deprecated from core, moved to cpan.

Locale::Maketext 1.29
Math::BigInt 1.999813

now up-to-date with upstream

Math::BigInt::FastCalc 0.5007
Math::BigRat 0.2614

Fix problem with second operand being changed in multiplication RT #121139

cperl: Keep omitting Carp imports. Keep t/bigroot.t and t/biglog.t

Memoize 1.03

Skip flapping, timer-sensitive t/expmod_t.t tests on Travis CI.

Module::CoreList 5.20180622c
Module::Load::Conditional 0.68_02

Improve CPANPLUS: Fix [cperl #331], checking for cperl builtins. With a slightly adjusted patch from @voegelas.

Suppress new Autovivified hash slice warning

mro 1.22_01

prevent from loading DynaLoader

formatting, cperl enhancements

Mu 0.02c

Implemented "fields" in Mu returning fields objects. cperl-only.

Net::Ping 2.70

Fix ping_udp for a started udp echo server (PR#5 by Stephan Loyd)

Fix t/400_ping_syn.t phases

Try to handle Windows Socket::getnameinfo errors

Improve some tests on missing network connections

Keep v5.002 - v5.6 support

Removed outdated demo/fping from the documentation (RT #123750 by Steve Morris)

Added t/420_ping_syn_port.t (#4 by Julio Fraire) with fixes.

Added indices and crosslinks to the documentation

use NIx_NOSERV flag for windows.

better icmpv6 support.

NEXT 0.67_01

Fix for GLOB stubs [cpan #123002].

O 1.03

Improve error message for bogus -MO=… arguments

ODBM_File 1.15
Opcode 1.43_02c

Added new 'oelem' and 'oelemfast' to :base_core

OS2::Process 1.12_01
overload 1.30
parent 0.237

use vars => our.

PathTools 4.68c

Add security usage note to File::Spec::no_upwards white space change so can compile under C++11 Protect modules also from . in @INC [perl #127384] (CVE-2016-1238)

getcwd, getdcwd and abs_path have now long path support. getdcwd (Windows only) also supports unicode paths, using the wide API.

PerlIO::encoding 0.26
PerlIO::scalar 0.29_01

check invariant at compile time.

return EACCES on writing to a read-only scalar

PerlIO::via 0.17_01

Protect from NULL arg.

perl5db 1.52_01c

Support debugger cmds not requiring spaces

Pod::Checker 1.73_01

no strict hashpairs

Pod::Functions 1.13
Pod::Man 4.11

Various upstream changes, see

Pod::HTML 2.2403c

A title for the HTML document will now be automatically generated by default from a "NAME" section in the POD document, as it used to be before the module was rewritten to use Pod::Simple::XHTML to do the core of its job [perl #110520].

Pod::Perldoc 3.2801

customize to fix formatters and pager misbehaviour

podlators 4.10

Man page references and function names now follow the Linux man page formatting standards, instead of the Solaris standard.

POSIX 1.84_03

getcwd has now long path support.

Added realpath, with long path support, if the libc supports NULL as 2nd argument.

Some more cautions were added about using locale-specific functions in threaded applications.

re 0.36_01

Faster. add DEBUGGING_RE_ONLY define

Scalar::Util 1.50_11

fix find_rundefsvoffset logic

Fix t/subname.t and t/exotic_names.t for unstrict names. perl5.26 started defining $Config{usecperl} as 'UNKNOWN', hence this check is now unreliable.

Merge with 1.50 upstream: Ensure pairmap extends its stack correctly (davem) Fix name of List::Util::unpairs in its error messages

added head/tail honor PERL_NO_QUOTE_PKGSEPERATOR merged %DB::sub tests merge with upstream %DB::sub support (main:: or not, utf8)

Search::Dict 1.07_01

Bump version

SelectSaver 1.02_01

Bump version

SelfLoader 1.25
Socket 2.027_04
sort 2.04

no sort stable; SORTf_UNSTABLE flag

Storable 3.11_01

perl5 merged with us, with some minor internal architectural changes.

mingw fix: use safe defaults, not segfaulting defaults. mingw fails on the stacksize binary search, leaving it empty.

Try to fix readonly stacksize.h with perlbrew. [cperl #335]

Fix t/blessed.t for 5.10/5.12 threaded.

Restore max stacksizes for non-windows systems with proper system(SHELLSTRING) passing signals. Unify stack reserve to 32 across all platforms.

Dont build dynamic with a static perl

strict 1.13c

Added use strict 'hashpairs' to allow only pairs for hash assignments, within a map even only an empty or single pair. See [cperl #281. cperl-only

Added strict 'names' to reject illegal identifiers created via no strict 'refs' also at run-time, not only at compile-time. See [cperl #282]. cperl-only

subs 1.03
Symbol 1.08_01

Improved Symbol::delete_package for readonly and protected symbols and classes. cperl-only

Sys::Hostname 1.22
Term::ReadKey 2.37_03

Protect from fileno returning -1, invalid file arg. Reformatted.

Term::ReadLine 1.17

fix for empty &STDERR files, RT #132008

Test::Harness 3.42_01

Enable rulesfile.t to run in core

Return handle for pipes and sockets #58 (Erik Huelsmann) TAP v13 plan allows trailing whitespace (Steffen Schwigon) prove: add a --statefile=<path> option to customize the .prove file (Ævar Arnfjörð Bjarmason) Avoid non-deterministic source handling, make a SourceHandler tie an error. (Michael Schwern, Leon Timmermans) Fix and simplify MSWin32 colorization (Roy Ivy III) Fix file source handler to accept single extensions option (Tomoki Aonuma) Spelling fixes (Brian Wightman)

Thread::Queue 3.13

[RT #125868] Fix tests for Test::Simple 1.302138

threads 2.22_01

Fix Clang macro backward compatibility per patch by Andy Grundman. Keep the old better doc. Keep our modglobal fix in global destruction from 2.12_01.

Support PL_sv_zero. Don't Copy() null pointer

The documentation now better describes the problems that arise when returning values from threads, and no longer warns about creating threads in BEGIN blocks. [perl #96538]

threads::shared 1.58

Fix Clang macro backward compatibility per patch by Andy Grundman. RT #131124 Memory allocation fix.

Tie::Array 1.07
Tie::Hash::NamedCapture 0.10_01

use croak_no_modify_sv()

Tie::StdHandle 4.5
Time::gmtime 1.04
Time::HiRes 1.9758_01

Updated from upstream since 1.9744:


fix MSVC by adding a fake struct timezone.

add more potential clock constants, like CLOCK_MONOTONIC_FAST (available in FreeBSD), and not all potentially found clock constants were properly exported to be available from Perl, see your system's clock_gettime() documentation for the available ones

correct declared minimum Perl version (should be 5.6, was declared as 5.8 since 1.9727_03): blead af94b3ac

merged with our cperl test fixes. See

Drop 5.005 support. Replace DynaLoader with XSLoader.

Time::Local 1.28

Some tests which required support for epoch values larger than 2**32 were not being skipped when the underlying Perl did not support that.

Fixed the tests so they will not break in the year 2020. The tests were passing in 2-digit years on the assumption that a year like "70" would be treated as 1970, but starting in 2020 this would be treated as 2070 instead. Reported by Bernhard M. Wiedemann. RT #124787.

Added timelocal_modern and timegm_modern variants as optional exports. These versions do not munge years at all. They treat the year value that they are given exactly as-is.

Time::localtime 1.03
Time::Piece 1.33

Switch to XSLoader.

Fix AIX compile

Fix compile errors on MS

Use macro for buf sizes

Remove some compile warnings

SP off by 1 in _crt_localtime

Unicode::Collate 1.25_01

Drop 5.005 support. Replace DynaLoader with XSLoader.

Skip redefinition warnings on cperl since 5.27.2

Unicode::Normalize 1.26

Switch to XSLoader from Dynaloader.

Unicode::UCD 0.70_01

The function num now accepts an optional parameter to help in diagnosing error returns.

New core invlists/maps not yet used.

User::grent 1.02
User::pwent 1.01
utf8 2.02c

Improved function documentation

vars 1.04
version 0.9923_02

Add updates from 0.9918: Add LAX_DECIMAL_VERSION, LAX_DOTTED_DECIMAL_VERSION, STRICT_DECIMAL_VERSION, STRICT_DOTTED_DECIMAL_VERSION regexes. Add updates from 0.9921: pod, safer C locale switching. add vpp support for cperl: scmp, c suffix. use vars => our.

Add t/11_taint.t

VMS::DCLsym 1.09
VMS::Studio 2.44_01

Drop VMS::stdio compatibility shim

warnings 1.42

It now includes new functions with names ending in _at_level, allowing callers to specify the exact call frame. [perl #132468]

Win32 0.52_01
Win32API::File 0.1204

Fix xsubpp warnings

XS::Typemap 0.16
XSLoader 1.04c

Fix wrong usage of SvREFCNT_inc_simple_NN with a function, fixes a memory leak.

Its documentation now shows the use of __PACKAGE__, and direct object syntax for example DynaLoader usage [perl #132247].

Removed Modules and Pragmata

B::Debug 1.25

Moved to CPAN with cperl only. perl5 will remove it with 5.30.

Locale::Codes 3.55

Deprecated with v5.27.2c


The VMS::stdio compatibility shim has been removed.


New Documentation


Modern cperl classes and roles. The new syntax and features.


Notes and best practice for packaging perl5, not yet updated for cperl.

Changes to Existing Documentation

We have attempted to update the documentation to reflect the changes listed in this document. now parses pod/perlapio.pod for cross-checking against pod/perlapi.pod

Additionally, the following selected changes have been made:


Added API docs for most hash macros, and many more functions.





















perlxs, perlxstut, perlxstypemap

perlfunc, perlop, perlsyn



The following additions or changes have been made to diagnostic output, including warnings and fatal error messages. For the complete list of diagnostic messages, see perldiag.

New Diagnostics

New Errors

New Warnings

Changes to Existing Diagnostics

Utility Changes



Configuration and Compilation

C89 requirement

Perl has been documented as requiring a C89 compiler to build since October 1998. A variety of simplifications have now been made to Perl's internals to rely on the features specified by the C89 standard. We believe that this internal change hasn't altered the set of platforms that Perl builds on, but please report a bug if Perl now has new problems building on your platform.


On GCC, -Werror=pointer-arith is now enabled by default, disallowing arithmetic on void and function pointers.

Where an HTML version of the documentation is installed, the HTML documents now use relative links to refer to each other. Links from the index page of perlipc to the individual section documents are now correct. [perl #110056]

t/porting/regen.t improvements

lib/unicore/mktables now correctly canonicalizes the names of the dependencies stored in the files it generates.

regen/, unlike the other regen/*.pl scripts, used $0 to name itself in the dependencies stored in the files it generates. It now uses a literal so that the path stored in the generated files doesn't depend on how regen/ is invoked.

This lack of canonical names could cause test failures in t/porting/regen.t. [perl #132925]


Added support for the pgcc pgi compiler pgcc is very slow though. pgcc -O2 is 40% slower than gcc-6 -O3, pgcc -fast 30% slower. #279.

smoker deployments

Travis and appveyor deploy now automatically master builds, besides tags.


inc_version_list skips now older development versions. It only includes older non-devel versions with even numbers. See [cperl #284]

-Dusedevel not mandatory

-Dusedevel is needed to be added to all development versions anymore, it is now the default on such. A big warning is still being displayed, even in the usual silent auto mode -des. See [cperl #283]


Fixed d_builtin_arith_overflow detection and usage for 32bit systems with use64bitint. They do use the ll suffix, same as with WIN64. Now we can use this optimization. cperl-only.

New probes:

Note that cperl ignores the new HAS_BUILTIN_{ADD,MUL,SUB}_OVERFLOW config keys as we use the better HAS_BUILTIN_ARITH_OVERFLOW for years already.


d_getcwd probe and key added. Sets HAS_GETCWD


d_get_current_dir_name probe and key added. Sets HAS_GET_CURRENT_DIR_NAME


getcwdnull probe and key added. Sets HAS_GETCWDNULL


d_realpath probe and key added. Sets HAS_REALPATH


d_builtin_clz probe and key added. Sets HAS_BUILTIN_CLZ. ("Count leading zeros"). Needed later for fast hopscotch hashing.





















Removed probes and keys

Beware: HAS_MEMSET is undefined since v5.28, but always considered to be defined. Because of C89. cperl kept the HAS_MEMSET preprocessor definition for backcompat with extensions which do use it. It is used in all ppport.h files to use memzero().


Ditto: Keep HAS_MEMCHR


Ditto: Keep HAS_MEMCMP


Ditto: Keep HAS_MEMCPY




Ditto: Keep HAS_STRCHR








Ditto: Keep I_ASSERT in perl.h


Ditto: Keep I_FLOAT in perl.h


Ditto: Keep I_LIMITS in perl.h


Ditto: Keep I_MATH in perl.h


Ditto: Keep I_STDARG in perl.h


Ditto: Keep I_STDLIB in perl.h


Ditto: Keep I_STRING in perl.h


Ditto: Keep CAN_PROTOTYPE in perl.h


Ditto: Keep CAN_VAPROTO, _V

New generated shell config with the same content as git_version.h, for myconfig.


Added git_branch and git_describe.

make_patchnum: touch the targets

avoiding needless miniperl recompilation on, git_version.{sh,h}.



For the past few years we have released perl using three different archive formats: bzip (.bz2), LZMA2 (.xz) and gzip (.gz). Since xz compresses better and decompresses faster, and gzip is more compatible and uses less memory, we have dropped the .bz2 archive format with this release. (If this poses a problem, do let us know; see "Reporting Bugs", below.)

Platform Support

New Platforms


Preliminary support for the Portland pgcc compiler (Linux, Darwin, Win32 only) has been added.

Discontinued Platforms

PowerUX / Power MAX OS

Compiler hints and other support for these apparently long-defunct platforms has been removed.

Platform-Specific Notes

Support for long paths have been added to all platforms, for cwd longer than 4096. Many kernels have limited support for it, but filesystems do. See [cperl #270].


Fixed hints for pgcc.

Use for getcwd(NULL) or get_current_dir_name(), which can return paths longer than 4096.

Compilation on CentOS 5 is now fixed.


threads became unstable with some upstream merges. default now to -Uuseithreads.

Fixed Storable stacksize probing.

Fixed a lot of admin-specific file-permission tests.


Fixed hints for pgcc

Perl now correctly uses reentrant functions, like asctime_r, on versions of Darwin that have support for them.

locale specific error messages are now thread-safe. cperl-only, [cperl #341]


cperl on mingw was previously unsupported and didn't compile nor work. We switched the windows packages to use mingw 32bit and 64bit instead of MSVC compiled packages, which do require a special MS runtime DLL.


Several fix-ups for, marking function VMS has (or doesn't have).

CRTL features can now be set by embedders before invoking Perl by using the decc$feature_set and decc$feature_set_value functions. Previously any attempt to set features after image initialization were ignored.


File test operators for Unix permission bits that don't exist on a particular platform, such as -k (sticky bit) on Windows, now check that the file being tested exists before returning the blanket false result, and yield the appropriate errors if the argument doesn't refer to a file.

Visual C++ compiler version detection has been improved to work on non-English language systems.

mingw, cygwin and the MSVC versions 10,12,14 smoke now ok with 32-bit and 64-bit.

Fixed upstream mkstemp API changes.

getcwd is deprecated on Windows. use _getcwd() instead.

PathTools: Support overlong paths for getdcwd(), using the wide API for overlong paths.


CAN_PROTOTYPE is now always defined, which might cause problems with the system cc compiler. ccom: Error: ./mg.h, line 12: redeclaration of formal parameter, sv


CAN_PROTOTYPE is now always defined, which might cause problems with the gcc-4.2 compiler.

Internal Changes

Selected Bug Fixes

Known Problems


cperl 5.28.0c represents approximately 15 months of development since cperl 5.26.0c and contains approximately 860,000 lines of changes across 2,100 files from 73 authors.

Excluding auto-generated files, documentation and release tools, there were approximately 680,000 lines of changes to 1,100 .pm, .t, .c and .h files.

The following people are known to have contributed the improvements that became cperl 5.28.0:

Karl Williamson, Reini Urban, David Mitchell, Zefram, Tony Cook, Aaron Crane, Father Chrysostomos, Dagfinn Ilmari Mannsåker, Yves Orton, James E Keenan, Steve Hay, Lukas Mai, Craig A. Berry, Nicolas Rochelemagne, Sawyer X, Daniel Dragan, H.Merijn Brand, Chris 'BinGOs' Williams, Todd Rinaldo, Pali, Jarkko Hietaniemi, Karen Etheridge, Abigail, Dominic Hargreaves, Sergey Aleynikov, Matthew Horsfall, Marco Fontani, Smylers, Nicholas Clark, John Peacock, Tomasz Konojacki, Steffen Müller, Aristotle Pagaltzis, Ævar Arnfjörð Bjarmason, Eric Herman, Tom Hukins, vendethiel, Slaven Rezic, Renee Baecker, Marc-Philip Werner, Harald Jörg, George Hartzell, Graham Knop, Ricardo Signes, Andrew Fresh, J. Nick Koston, Neil Bowers, Dmitry Ulanov, sten22, Andy Lester, David H. Gutteridge, William N. Braswell, Jr, John SJ Anderson, Scott Lanning, Andy Dougherty, Vitali Peil, Peter John Acklam, Dan Collins, Niko Tyni, E. Choroba, Tom Wyant, John Lightsey, Jacques Germishuys, Gene Sullivan, Leon Timmermans, Eugen Konkov, François Perrad, John P. Linderman, Alexandr Savca, Ken Cotterill, Thomas Sibley, Shoichi Kaji.

The list above is almost certainly incomplete as it is automatically generated from version control history including the perl and cperl repos. In particular, it does not include the names of the (very much appreciated) contributors who reported issues to the Perl bug tracker and the cperl github issues.

Many of the changes included in this version originated in the CPAN modules included in Perl's core. We're grateful to the entire CPAN community for helping Perl to flourish.

For a more complete list of all of Perl's historical contributors, please see the AUTHORS file in the Perl source distribution.

Generated with:

    cperl Porting/ cperl-5.26.0..HEAD -c

Reporting Bugs

If you find what you think is a bug, you might check the perl bug database at . There may also be information at , the Perl Home Page.

If you believe you have an unreported bug, please run the cperlbug program included with your release. Be sure to trim your bug down to a tiny but sufficient test case. Your bug report, along with the output of perl -V, will be sent off to to be analysed by the Perl porting team.

If you think it's a cperl specific bug or trust the cperl developers more please file an issue at

If the bug you are reporting has security implications which make it inappropriate to send to a publicly archived mailing list, then see "SECURITY VULNERABILITY CONTACT INFORMATION" in perlsec For details of how to report the issue.


The Changes file for an explanation of how to view exhaustive details on what changed.

The INSTALL file for how to build Perl.

The README file for general stuff.

The Artistic and Copying files for copyright information.


Hey! The above document had some coding errors, which are explained below:

Around line 2688:

alternative text 'do "%s" failed, '.' is no longer in @INC; did you mean do "./%s"? ' contains non-escaped | or /