Following discussion on the QA list about tainting, and given that one of the goals of PPI is to be able to do code-related tasks "safely" without risking the involvement of the perl interpreter, it seems logical that PPI should also work correctly under tainting.
Since I am admittedly not familiar with tainting except at a conceptual level (i.e. I know what it does and how it works, but I don't use it) what are the implications for a large codebase like PPI?
What, specifically, do I need to do to PPI to be taint-safe and to prove that I'm taint-safe? Is it simply a case of putting -T into every test script, and making sure that they all pass with -T?
What do I have to care about?
Further, if there is stuff to do to make it taint-safe, would anyone like to help?
Commit bits available as needed if so.