Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 6 Oct 2018 06:12:48 +0000 (UTC)
From:      Tobias Kortkamp <tobik@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r481321 - in head/security: . cargo-audit
Message-ID:  <201810060612.w966Cmaw097726@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: tobik
Date: Sat Oct  6 06:12:47 2018
New Revision: 481321
URL: https://svnweb.freebsd.org/changeset/ports/481321

Log:
  New port: security/cargo-audit
  
  Audit Cargo.lock for crates with security vulnerabilities reported
  to the RustSec Advisory Database.
  
  This is a PoC implementation of the closed RFC 1752:
  https://github.com/rust-lang/rfcs/pull/1752
  
  WWW: https://rustsec.org/

Added:
  head/security/cargo-audit/
  head/security/cargo-audit/Makefile   (contents, props changed)
  head/security/cargo-audit/distinfo   (contents, props changed)
  head/security/cargo-audit/pkg-descr   (contents, props changed)
Modified:
  head/security/Makefile

Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile	Sat Oct  6 05:49:18 2018	(r481320)
+++ head/security/Makefile	Sat Oct  6 06:12:47 2018	(r481321)
@@ -64,6 +64,7 @@
     SUBDIR += ca_root_nss
     SUBDIR += calife
     SUBDIR += cardpeek
+    SUBDIR += cargo-audit
     SUBDIR += ccrypt
     SUBDIR += ccsrch
     SUBDIR += certificate-transparency

Added: head/security/cargo-audit/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/cargo-audit/Makefile	Sat Oct  6 06:12:47 2018	(r481321)
@@ -0,0 +1,82 @@
+# $FreeBSD$
+
+PORTNAME=	cargo-audit
+DISTVERSIONPREFIX=	v
+DISTVERSION=	0.5.2
+CATEGORIES=	security
+
+MAINTAINER=	tobik@FreeBSD.org
+COMMENT=	Audit Cargo.lock for crates with security vulnerabilities
+
+LICENSE=	APACHE20 MIT
+LICENSE_COMB=	dual
+LICENSE_FILE_APACHE20=	${WRKSRC}/LICENSE-APACHE
+LICENSE_FILE_MIT=	${WRKSRC}/LICENSE-MIT
+
+USES=		cargo
+USE_GITHUB=	yes
+GH_ACCOUNT=	RustSec
+
+CARGO_CRATES=	backtrace-0.3.9 \
+		backtrace-sys-0.1.24 \
+		bitflags-1.0.4 \
+		byteorder-1.2.6 \
+		cc-1.0.25 \
+		cfg-if-0.1.5 \
+		chrono-0.4.6 \
+		curl-sys-0.4.12 \
+		failure-0.1.2 \
+		failure_derive-0.1.2 \
+		git2-0.7.5 \
+		gumdrop-0.4.0 \
+		gumdrop_derive-0.4.1 \
+		idna-0.1.5 \
+		isatty-0.1.9 \
+		lazy_static-1.1.0 \
+		libc-0.2.43 \
+		libgit2-sys-0.7.10 \
+		libssh2-sys-0.2.11 \
+		libz-sys-1.0.23 \
+		log-0.4.5 \
+		matches-0.1.8 \
+		num-integer-0.1.39 \
+		num-traits-0.2.6 \
+		openssl-probe-0.1.2 \
+		openssl-sys-0.9.36 \
+		percent-encoding-1.0.1 \
+		pkg-config-0.3.14 \
+		platforms-0.1.4 \
+		proc-macro2-0.3.8 \
+		proc-macro2-0.4.20 \
+		quote-0.5.2 \
+		quote-0.6.8 \
+		redox_syscall-0.1.40 \
+		rustc-demangle-0.1.9 \
+		rustsec-0.9.1 \
+		semver-0.9.0 \
+		semver-parser-0.7.0 \
+		serde-1.0.79 \
+		serde_derive-1.0.79 \
+		syn-0.13.11 \
+		syn-0.14.9 \
+		syn-0.15.8 \
+		synstructure-0.9.0 \
+		term-0.5.1 \
+		time-0.1.40 \
+		toml-0.4.8 \
+		unicode-bidi-0.3.4 \
+		unicode-normalization-0.1.7 \
+		unicode-xid-0.1.0 \
+		url-1.7.1 \
+		vcpkg-0.2.6 \
+		version_check-0.1.5 \
+		winapi-0.3.6 \
+		winapi-i686-pc-windows-gnu-0.4.0 \
+		winapi-x86_64-pc-windows-gnu-0.4.0
+
+PLIST_FILES=	bin/cargo-audit
+
+post-install:
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/cargo-audit
+
+.include <bsd.port.mk>

Added: head/security/cargo-audit/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/cargo-audit/distinfo	Sat Oct  6 06:12:47 2018	(r481321)
@@ -0,0 +1,115 @@
+TIMESTAMP = 1538801870
+SHA256 (rust/crates/backtrace-0.3.9.tar.gz) = 89a47830402e9981c5c41223151efcced65a0510c13097c769cede7efb34782a
+SIZE (rust/crates/backtrace-0.3.9.tar.gz) = 31054
+SHA256 (rust/crates/backtrace-sys-0.1.24.tar.gz) = c66d56ac8dabd07f6aacdaf633f4b8262f5b3601a810a0dcddffd5c22c69daa0
+SIZE (rust/crates/backtrace-sys-0.1.24.tar.gz) = 522332
+SHA256 (rust/crates/bitflags-1.0.4.tar.gz) = 228047a76f468627ca71776ecdebd732a3423081fcf5125585bcd7c49886ce12
+SIZE (rust/crates/bitflags-1.0.4.tar.gz) = 15282
+SHA256 (rust/crates/byteorder-1.2.6.tar.gz) = 90492c5858dd7d2e78691cfb89f90d273a2800fc11d98f60786e5d87e2f83781
+SIZE (rust/crates/byteorder-1.2.6.tar.gz) = 19985
+SHA256 (rust/crates/cc-1.0.25.tar.gz) = f159dfd43363c4d08055a07703eb7a3406b0dac4d0584d96965a3262db3c9d16
+SIZE (rust/crates/cc-1.0.25.tar.gz) = 43191
+SHA256 (rust/crates/cfg-if-0.1.5.tar.gz) = 0c4e7bb64a8ebb0d856483e1e682ea3422f883c5f5615a90d51a2c82fe87fdd3
+SIZE (rust/crates/cfg-if-0.1.5.tar.gz) = 7363
+SHA256 (rust/crates/chrono-0.4.6.tar.gz) = 45912881121cb26fad7c38c17ba7daa18764771836b34fab7d3fbd93ed633878
+SIZE (rust/crates/chrono-0.4.6.tar.gz) = 133108
+SHA256 (rust/crates/curl-sys-0.4.12.tar.gz) = 78800a6de442f65dab6ce26c6f369c14fc585686432bf4b77119d2d384216c31
+SIZE (rust/crates/curl-sys-0.4.12.tar.gz) = 2859726
+SHA256 (rust/crates/failure-0.1.2.tar.gz) = 7efb22686e4a466b1ec1a15c2898f91fa9cb340452496dca654032de20ff95b9
+SIZE (rust/crates/failure-0.1.2.tar.gz) = 31820
+SHA256 (rust/crates/failure_derive-0.1.2.tar.gz) = 946d0e98a50d9831f5d589038d2ca7f8f455b1c21028c0db0e84116a12696426
+SIZE (rust/crates/failure_derive-0.1.2.tar.gz) = 4326
+SHA256 (rust/crates/git2-0.7.5.tar.gz) = 591f8be1674b421644b6c030969520bc3fa12114d2eb467471982ed3e9584e71
+SIZE (rust/crates/git2-0.7.5.tar.gz) = 145895
+SHA256 (rust/crates/gumdrop-0.4.0.tar.gz) = b776c41038e3c3b6b2fb188cfda9282b3caed6b964749836ce1a763a8e0b9449
+SIZE (rust/crates/gumdrop-0.4.0.tar.gz) = 13794
+SHA256 (rust/crates/gumdrop_derive-0.4.1.tar.gz) = d51865073dd492ad5b545835557c854dbdf826f72c5ca343d1c3a6ab71185e30
+SIZE (rust/crates/gumdrop_derive-0.4.1.tar.gz) = 9022
+SHA256 (rust/crates/idna-0.1.5.tar.gz) = 38f09e0f0b1fb55fdee1f17470ad800da77af5186a1a76c026b679358b7e844e
+SIZE (rust/crates/idna-0.1.5.tar.gz) = 258735
+SHA256 (rust/crates/isatty-0.1.9.tar.gz) = e31a8281fc93ec9693494da65fbf28c0c2aa60a2eaec25dc58e2f31952e95edc
+SIZE (rust/crates/isatty-0.1.9.tar.gz) = 8009
+SHA256 (rust/crates/lazy_static-1.1.0.tar.gz) = ca488b89a5657b0a2ecd45b95609b3e848cf1755da332a0da46e2b2b1cb371a7
+SIZE (rust/crates/lazy_static-1.1.0.tar.gz) = 12317
+SHA256 (rust/crates/libc-0.2.43.tar.gz) = 76e3a3ef172f1a0b9a9ff0dd1491ae5e6c948b94479a3021819ba7d860c8645d
+SIZE (rust/crates/libc-0.2.43.tar.gz) = 353810
+SHA256 (rust/crates/libgit2-sys-0.7.10.tar.gz) = 4916b5addc78ec36cc309acfcdf0b9f9d97ab7b84083118b248709c5b7029356
+SIZE (rust/crates/libgit2-sys-0.7.10.tar.gz) = 1176435
+SHA256 (rust/crates/libssh2-sys-0.2.11.tar.gz) = 126a1f4078368b163bfdee65fbab072af08a1b374a5551b21e87ade27b1fbf9d
+SIZE (rust/crates/libssh2-sys-0.2.11.tar.gz) = 458377
+SHA256 (rust/crates/libz-sys-1.0.23.tar.gz) = c7bdca442aa002a930e6eb2a71916cabe46d91ffec8df66db0abfb1bc83469ab
+SIZE (rust/crates/libz-sys-1.0.23.tar.gz) = 649632
+SHA256 (rust/crates/log-0.4.5.tar.gz) = d4fcce5fa49cc693c312001daf1d13411c4a5283796bac1084299ea3e567113f
+SIZE (rust/crates/log-0.4.5.tar.gz) = 22221
+SHA256 (rust/crates/matches-0.1.8.tar.gz) = 7ffc5c5338469d4d3ea17d269fa8ea3512ad247247c30bd2df69e68309ed0a08
+SIZE (rust/crates/matches-0.1.8.tar.gz) = 2216
+SHA256 (rust/crates/num-integer-0.1.39.tar.gz) = e83d528d2677f0518c570baf2b7abdcf0cd2d248860b68507bdcb3e91d4c0cea
+SIZE (rust/crates/num-integer-0.1.39.tar.gz) = 17881
+SHA256 (rust/crates/num-traits-0.2.6.tar.gz) = 0b3a5d7cc97d6d30d8b9bc8fa19bf45349ffe46241e8816f50f62f6d6aaabee1
+SIZE (rust/crates/num-traits-0.2.6.tar.gz) = 39923
+SHA256 (rust/crates/openssl-probe-0.1.2.tar.gz) = 77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de
+SIZE (rust/crates/openssl-probe-0.1.2.tar.gz) = 6427
+SHA256 (rust/crates/openssl-sys-0.9.36.tar.gz) = 409d77eeb492a1aebd6eb322b2ee72ff7c7496b4434d98b3bf8be038755de65e
+SIZE (rust/crates/openssl-sys-0.9.36.tar.gz) = 44508
+SHA256 (rust/crates/percent-encoding-1.0.1.tar.gz) = 31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831
+SIZE (rust/crates/percent-encoding-1.0.1.tar.gz) = 10057
+SHA256 (rust/crates/pkg-config-0.3.14.tar.gz) = 676e8eb2b1b4c9043511a9b7bea0915320d7e502b0a079fb03f9635a5252b18c
+SIZE (rust/crates/pkg-config-0.3.14.tar.gz) = 13565
+SHA256 (rust/crates/platforms-0.1.4.tar.gz) = fb9588d66c760a4652658d009a3a2dc0c00337a22638d3b207461f8fd5cd0377
+SIZE (rust/crates/platforms-0.1.4.tar.gz) = 19549
+SHA256 (rust/crates/proc-macro2-0.3.8.tar.gz) = 1b06e2f335f48d24442b35a19df506a835fb3547bc3c06ef27340da9acf5cae7
+SIZE (rust/crates/proc-macro2-0.3.8.tar.gz) = 24412
+SHA256 (rust/crates/proc-macro2-0.4.20.tar.gz) = 3d7b7eaaa90b4a90a932a9ea6666c95a389e424eff347f0f793979289429feee
+SIZE (rust/crates/proc-macro2-0.4.20.tar.gz) = 30516
+SHA256 (rust/crates/quote-0.5.2.tar.gz) = 9949cfe66888ffe1d53e6ec9d9f3b70714083854be20fd5e271b232a017401e8
+SIZE (rust/crates/quote-0.5.2.tar.gz) = 14982
+SHA256 (rust/crates/quote-0.6.8.tar.gz) = dd636425967c33af890042c483632d33fa7a18f19ad1d7ea72e8998c6ef8dea5
+SIZE (rust/crates/quote-0.6.8.tar.gz) = 15530
+SHA256 (rust/crates/redox_syscall-0.1.40.tar.gz) = c214e91d3ecf43e9a4e41e578973adeb14b474f2bee858742d127af75a0112b1
+SIZE (rust/crates/redox_syscall-0.1.40.tar.gz) = 14745
+SHA256 (rust/crates/rustc-demangle-0.1.9.tar.gz) = bcfe5b13211b4d78e5c2cadfebd7769197d95c639c35a50057eb4c05de811395
+SIZE (rust/crates/rustc-demangle-0.1.9.tar.gz) = 11463
+SHA256 (rust/crates/rustsec-0.9.1.tar.gz) = 3f4993a05421dd4b44a4096d961d3446e9cb54ba0a5e932ddfa8d7b2883eed0c
+SIZE (rust/crates/rustsec-0.9.1.tar.gz) = 22649
+SHA256 (rust/crates/semver-0.9.0.tar.gz) = 1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403
+SIZE (rust/crates/semver-0.9.0.tar.gz) = 17344
+SHA256 (rust/crates/semver-parser-0.7.0.tar.gz) = 388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3
+SIZE (rust/crates/semver-parser-0.7.0.tar.gz) = 10268
+SHA256 (rust/crates/serde-1.0.79.tar.gz) = 84257ccd054dc351472528c8587b4de2dbf0dc0fe2e634030c1a90bfdacebaa9
+SIZE (rust/crates/serde-1.0.79.tar.gz) = 72864
+SHA256 (rust/crates/serde_derive-1.0.79.tar.gz) = 31569d901045afbff7a9479f793177fe9259819aff10ab4f89ef69bbc5f567fe
+SIZE (rust/crates/serde_derive-1.0.79.tar.gz) = 46506
+SHA256 (rust/crates/syn-0.13.11.tar.gz) = 14f9bf6292f3a61d2c716723fdb789a41bbe104168e6f496dc6497e531ea1b9b
+SIZE (rust/crates/syn-0.13.11.tar.gz) = 134240
+SHA256 (rust/crates/syn-0.14.9.tar.gz) = 261ae9ecaa397c42b960649561949d69311f08eeaea86a65696e6e46517cf741
+SIZE (rust/crates/syn-0.14.9.tar.gz) = 135921
+SHA256 (rust/crates/syn-0.15.8.tar.gz) = 356d1c5043597c40489e9af2d2498c7fefc33e99b7d75b43be336c8a59b3e45e
+SIZE (rust/crates/syn-0.15.8.tar.gz) = 143088
+SHA256 (rust/crates/synstructure-0.9.0.tar.gz) = 85bb9b7550d063ea184027c9b8c20ac167cd36d3e06b3a40bceb9d746dc1a7b7
+SIZE (rust/crates/synstructure-0.9.0.tar.gz) = 17651
+SHA256 (rust/crates/term-0.5.1.tar.gz) = 5e6b677dd1e8214ea1ef4297f85dbcbed8e8cdddb561040cc998ca2551c37561
+SIZE (rust/crates/term-0.5.1.tar.gz) = 39105
+SHA256 (rust/crates/time-0.1.40.tar.gz) = d825be0eb33fda1a7e68012d51e9c7f451dc1a69391e7fdc197060bb8c56667b
+SIZE (rust/crates/time-0.1.40.tar.gz) = 29518
+SHA256 (rust/crates/toml-0.4.8.tar.gz) = 4a2ecc31b0351ea18b3fe11274b8db6e4d82bce861bbb22e6dbed40417902c65
+SIZE (rust/crates/toml-0.4.8.tar.gz) = 43888
+SHA256 (rust/crates/unicode-bidi-0.3.4.tar.gz) = 49f2bd0c6468a8230e1db229cff8029217cf623c767ea5d60bfbd42729ea54d5
+SIZE (rust/crates/unicode-bidi-0.3.4.tar.gz) = 32228
+SHA256 (rust/crates/unicode-normalization-0.1.7.tar.gz) = 6a0180bc61fc5a987082bfa111f4cc95c4caff7f9799f3e46df09163a937aa25
+SIZE (rust/crates/unicode-normalization-0.1.7.tar.gz) = 330545
+SHA256 (rust/crates/unicode-xid-0.1.0.tar.gz) = fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc
+SIZE (rust/crates/unicode-xid-0.1.0.tar.gz) = 16000
+SHA256 (rust/crates/url-1.7.1.tar.gz) = 2a321979c09843d272956e73700d12c4e7d3d92b2ee112b31548aef0d4efc5a6
+SIZE (rust/crates/url-1.7.1.tar.gz) = 68266
+SHA256 (rust/crates/vcpkg-0.2.6.tar.gz) = def296d3eb3b12371b2c7d0e83bfe1403e4db2d7a0bba324a12b21c4ee13143d
+SIZE (rust/crates/vcpkg-0.2.6.tar.gz) = 9866
+SHA256 (rust/crates/version_check-0.1.5.tar.gz) = 914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd
+SIZE (rust/crates/version_check-0.1.5.tar.gz) = 8173
+SHA256 (rust/crates/winapi-0.3.6.tar.gz) = 92c1eb33641e276cfa214a0522acad57be5c56b10cb348b3c5117db75f3ac4b0
+SIZE (rust/crates/winapi-0.3.6.tar.gz) = 1029391
+SHA256 (rust/crates/winapi-i686-pc-windows-gnu-0.4.0.tar.gz) = ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6
+SIZE (rust/crates/winapi-i686-pc-windows-gnu-0.4.0.tar.gz) = 2918815
+SHA256 (rust/crates/winapi-x86_64-pc-windows-gnu-0.4.0.tar.gz) = 712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f
+SIZE (rust/crates/winapi-x86_64-pc-windows-gnu-0.4.0.tar.gz) = 2947998
+SHA256 (RustSec-cargo-audit-v0.5.2_GH0.tar.gz) = 4b63c5c5aafdb0a1b4fe6e2cd361e5b3ee06ef57a32f0873ec7e82433ccf0d91
+SIZE (RustSec-cargo-audit-v0.5.2_GH0.tar.gz) = 82983

Added: head/security/cargo-audit/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/cargo-audit/pkg-descr	Sat Oct  6 06:12:47 2018	(r481321)
@@ -0,0 +1,7 @@
+Audit Cargo.lock for crates with security vulnerabilities reported
+to the RustSec Advisory Database.
+
+This is a PoC implementation of the closed RFC 1752:
+https://github.com/rust-lang/rfcs/pull/1752
+
+WWW: https://rustsec.org/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201810060612.w966Cmaw097726>