Only commit PAUSE approved modules?

[schwern]

CPAN has an ownership policy and not everything on BackPAN is actually part of a distribution. Knowing what's indexed comes from the PAUSE uploads database. gitpan should make use of this and only select stable tarballs which were in the index.
http://devel.cpantesters.org/

Trouble is, PAUSE goes by module. gitpan by distribution. You have releases which contain some authorized and some unauthorized modules. For example, this appears in the PAUSE uploads database. Its clearly the result of an incomplete ownership transfer, and valid.
http://search.cpan.org/~chorny/Apache-Session-1.88/

But this does not. However, for the purposes of gitPAN there's no problem making a repo for this. gitPAN has no global module index to worry about.
http://search.cpan.org/dist/lcwa/

There isn't a whole lot one can do about that. The data in the uploads database just lists tarballs. If we had the same info that search.cpan does we could maybe apply some heuristics and say that if the module matching the dist name is authorized (ie. Apache-Session-1.88.tar.gz is authorized for Apache::Session) then its ok.

[tsibley]

maybe apply some heuristics and say that if the module matching the dist name is authorized (ie. Apache-Session-1.88.tar.gz is authorized for Apache::Session) then its ok.

PAUSE now actually requires ownership/comaint on Apache::Session to upload Apache-Session-*, and requires that the tarball contain the Apache::Session package (or at the very least a stub).

[schwern]

We're moving to be part of MetaCPAN's indexer and will have their facilities for determining authorized vs unauthorized releases.