Good point. v1's source reads were against current HEAD on each repo; I didn't check historical contracts. Running git log -p on each pam_putenv site now to find when the strdup pattern was established. Will report back before v2.