From owner-freebsd-ports-bugs@freebsd.org Sat Feb 10 22:12:58 2018 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AE21BF01066 for ; Sat, 10 Feb 2018 22:12:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3AE8A74EB2 for ; Sat, 10 Feb 2018 22:12:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 95DF92D5E2 for ; Sat, 10 Feb 2018 22:12:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w1AMCv7u066288 for ; Sat, 10 Feb 2018 22:12:57 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w1AMCv62066287 for freebsd-ports-bugs@FreeBSD.org; Sat, 10 Feb 2018 22:12:57 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 225780] www/caddy: missing documentation Date: Sat, 10 Feb 2018 22:12:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: portmaster@bsdforge.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: resolution bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Feb 2018 22:12:58 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225780 Chris Hutchinson changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|Rejected |--- Status|Closed |Open --- Comment #2 from Chris Hutchinson --- (In reply to Fabian Freyer from comment #1) > It's correct that it doesn't come with any manpage. It might be worth fil= ing > a bug upstream [1] for this. >=20 > However, there is a README, README.md in the git repository [2] (which the > port builds from) and there is documentation on the Homepage indicated in > pgk-descr. This is of no value when attempting to use the port after installation. >=20 > I'm not quite sure what the intent of this PR is. The summary indicates s= ome > supsicion as to whether the port may be malicious. I haven't performed a > full audit of the source code and don't know of one having taken place. > Therefore, while it's theoretically possible there may be some malicious > code involved, I haven't observed the port to do anything of the sort. The purpose, and choice of title for this pr(1) is/was to indicate that an administrator auditing a system finding a command, or application with no documentation of any kind. Should, and Does find the file to be suspect. Highly suspect, should the system not be working correctly, and be suspected of infection. This is just another reason as to why UNIX has always provided some form of documentation for the (executable) files present on the system. Why should/would www/caddy think that they should be an exception to that rule? Why would/should www/caddy believe that documentation for it is of so little value, that it shouldn't accompany it's product? This is simply bad policy, and I don't think it's in FreeBSD', or it's users best interest to accommodate such a policy. Allowing www/caddy to continue with it's current policy sets a bad precedence, and should not be permitted. >=20 > I'm closing this PR as there isn't much I can do about this. There is plenty you can do as a maintainer -- especially when you have given an indication that there is documentation online; you can simply add/include [at least] the Usage documentation. Does the README contain this? As such. I'm re-opening this pr(1). I hope you better understand now. :-) All the best. :-) --Chris > Feel free to > reopen if there is a manpage upstream to be included in the port or there > are some concrete other concerns. >=20 > [1] https://github.com/mholt/caddy/issues > [2] https://github.com/mholt/caddy --=20 You are receiving this mail because: You are the assignee for the bug.=