From nobody Wed Dec 7 14:22:34 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NRzyL4MXjz4jxtD; Wed, 7 Dec 2022 14:22:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NRzyL3PH9z3ptr; Wed, 7 Dec 2022 14:22:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1670422954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iqtSfLL7JDB963hIiEZEM2++0+fiJW/DWl/nips2nj4=; b=ota/Pp9/RQZDYe7CGVePaVP3nflcN/I54qUsocpJOI2eVMgIq5o4amIEDViodjjs/753KP qTUminjmd1jGIK+LXAbWkG9BnacDvY9mqy6POrkMdqInrcnUpL7NHfrtRHWSuoV4XSec7K Ud1qxyTrTkMqZ+0GcAvWsEswfO7KMscX7i/r+kufejABo4evaUl+cDhfGUEsTslde6ho75 DCfu5dBPRZsBaqSN0dXdBmAv1ixVGDiW/Rx3Y2i+P2kBxzv76+1x1far4GRi2Z/nF8zR0y oaxVE4iVsUgbeBX358UtD3VtNotUhTJ9cO1NivPn9TRtMN8X6zESFZ9lVp5P6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1670422954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iqtSfLL7JDB963hIiEZEM2++0+fiJW/DWl/nips2nj4=; b=RuQym6oyiFEUxDyYjBw+2lO0Q1788/GiLo/ZJyLjnqyCj0qbGw9Quv6ojey+7vi7zjfSL5 TozAjgvEZLTpyj4mRBsbkTCXlFYK0lpBtSVEdkvt+HoBx+4NQBnFpJThtebxoV/JLkuXmQ +8S8iKQxZGih+KPpHY0Ti0Be68hjRaZy4TNB6p3aQpXdJ9Ad4rzXFsxPUCOEiE1xEUl5av MLcUT/5cYitoxMej7nh4XsYzRi8KBJ/tx+YxQVoYaf6DMriem0f3M+rv0mr6icgdOoGBH4 9N09qbWp5lVrOjhDxhUqqojOW28yYZO2TGozzwbj42yFhB/GfHhXYltzsJiREg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1670422954; a=rsa-sha256; cv=none; b=dpxWXImykbBqvM5mH1B7eCdk+wpDm0MSOZ16dtrb3JO75tV78fVbwH5TsFnj0CfLmLyieo 975wHq0mmFUV1itMzW6+jcnoRdFDGqHOMm66d8RJwYJ09ayjRGTg1Q4zr4CirzBO5r1Zqr 58MG3wWwJInF8/7tg6aFHvJLJs9EZzrn8DQx7GDpLTASoQsDZMlId8Tt2UYKmRtLBDQjWE iV/t4HR8mdGRDv92ND0+AJhsyc7UjdEqSN2UY5J4OdL+ulImRYY+ZGjBR7bPHgE4Okkrk1 sQTHIiymRvL4T/Dv60PFwCSYeVjwfLB0Ink3Ja78cZ/M1O6mUklLXLQsN/pt1w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NRzyL2QbJzKcM; Wed, 7 Dec 2022 14:22:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2B7EMYJg056075; Wed, 7 Dec 2022 14:22:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2B7EMYiF056074; Wed, 7 Dec 2022 14:22:34 GMT (envelope-from git) Date: Wed, 7 Dec 2022 14:22:34 GMT Message-Id: <202212071422.2B7EMYiF056074@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Muhammad Moinur Rahman Subject: git: 0a6ca5e45885 - main - security/local-php-security-checker: New port List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bofh X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0a6ca5e458852c41ce57a0238fcaa641ffd7cd6f Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by bofh: URL: https://cgit.FreeBSD.org/ports/commit/?id=0a6ca5e458852c41ce57a0238fcaa641ffd7cd6f commit 0a6ca5e458852c41ce57a0238fcaa641ffd7cd6f Author: Muhammad Moinur Rahman AuthorDate: 2022-12-07 14:19:58 +0000 Commit: Muhammad Moinur Rahman CommitDate: 2022-12-07 14:22:07 +0000 security/local-php-security-checker: New port The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with known security vulnerabilities. It uses the Security Advisories Database behind the scenes availble from https://github.com/FriendsOfPHP/security-advisories PR: 261148 Reported by: einar@isnic.is Tested by: bofh Approved by: einar@isnic.is (Submitter is maintainer) --- security/Makefile | 1 + security/local-php-security-checker/Makefile | 27 +++++++++++++++++++++++++++ security/local-php-security-checker/distinfo | 15 +++++++++++++++ security/local-php-security-checker/pkg-descr | 4 ++++ 4 files changed, 47 insertions(+) diff --git a/security/Makefile b/security/Makefile index e06ce1c14534..616591b13233 100644 --- a/security/Makefile +++ b/security/Makefile @@ -326,6 +326,7 @@ SUBDIR += linux-c7-openssl-devel SUBDIR += linux-c7-p11-kit SUBDIR += linux-c7-trousers + SUBDIR += local-php-security-checker SUBDIR += logcheck SUBDIR += lua-bcrypt SUBDIR += luasec diff --git a/security/local-php-security-checker/Makefile b/security/local-php-security-checker/Makefile new file mode 100644 index 000000000000..d8004e9a0fae --- /dev/null +++ b/security/local-php-security-checker/Makefile @@ -0,0 +1,27 @@ +PORTNAME= local-php-security-checker +DISTVERSIONPREFIX= v +DISTVERSION= 2.0.6 +CATEGORIES= security +MASTER_SITES= GH + +MAINTAINER= einar@isnic.is +COMMENT= Tool to check PHP composer dependencies for vulnerabilities +WWW= https://github.com/fabpot/local-php-security-checker + +LICENSE= AGPLv3 +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= go:modules + +USE_GITHUB= yes +GH_ACCOUNT= fabpot +GH_TUPLE= davecgh:go-spew:v1.1.1:davecgh_go_spew/vendor/github.com/davecgh/go-spew \ + go-yaml:yaml:v3.0.1:go_yaml_yaml/vendor/gopkg.in/yaml.v3 \ + hashicorp:go-version:v1.6.0:hashicorp_go_version/vendor/github.com/hashicorp/go-version \ + mitchellh:go-homedir:v1.1.0:mitchellh_go_homedir/vendor/github.com/mitchellh/go-homedir \ + pmezard:go-difflib:v1.0.0:pmezard_go_difflib/vendor/github.com/pmezard/go-difflib \ + stretchr:testify:v1.8.1:stretchr_testify/vendor/github.com/stretchr/testify + +PLIST_FILES= bin/local-php-security-checker + +.include diff --git a/security/local-php-security-checker/distinfo b/security/local-php-security-checker/distinfo new file mode 100644 index 000000000000..96d41e960bc6 --- /dev/null +++ b/security/local-php-security-checker/distinfo @@ -0,0 +1,15 @@ +TIMESTAMP = 1670419416 +SHA256 (fabpot-local-php-security-checker-v2.0.6_GH0.tar.gz) = 7fe2748d148a6ff1922f148a0141f727161996dcbda2037ea84d466f0c719fc2 +SIZE (fabpot-local-php-security-checker-v2.0.6_GH0.tar.gz) = 22337 +SHA256 (davecgh-go-spew-v1.1.1_GH0.tar.gz) = 7d82b9bb7291adbe7498fe946920ab3e7fc9e6cbfc3b2294693fad00bf0dd17e +SIZE (davecgh-go-spew-v1.1.1_GH0.tar.gz) = 42152 +SHA256 (go-yaml-yaml-v3.0.1_GH0.tar.gz) = cf05411540d3e6ef8f1fd88434b34f94cedaceb540329031d80e23b74540c4e5 +SIZE (go-yaml-yaml-v3.0.1_GH0.tar.gz) = 91173 +SHA256 (hashicorp-go-version-v1.6.0_GH0.tar.gz) = bac1ea761f4f5818f9966d7a3ecbd97d3dcc277ad5f0c4832081d36b4b0b1991 +SIZE (hashicorp-go-version-v1.6.0_GH0.tar.gz) = 15892 +SHA256 (mitchellh-go-homedir-v1.1.0_GH0.tar.gz) = 646671c73a84a8dfb4a5a76b80c7b63549ffefa906524d45077301bc7da76600 +SIZE (mitchellh-go-homedir-v1.1.0_GH0.tar.gz) = 3362 +SHA256 (pmezard-go-difflib-v1.0.0_GH0.tar.gz) = 28f3dc1b5c0efd61203ab07233f774740d3bf08da4d8153fb5310db6cea0ebda +SIZE (pmezard-go-difflib-v1.0.0_GH0.tar.gz) = 11398 +SHA256 (stretchr-testify-v1.8.1_GH0.tar.gz) = 6749fede6c26ae66b7e7500136dbe56913b4e0679099b6c1154d2210a9a1ec00 +SIZE (stretchr-testify-v1.8.1_GH0.tar.gz) = 97670 diff --git a/security/local-php-security-checker/pkg-descr b/security/local-php-security-checker/pkg-descr new file mode 100644 index 000000000000..dca0672b7b42 --- /dev/null +++ b/security/local-php-security-checker/pkg-descr @@ -0,0 +1,4 @@ +The Local PHP Security Checker is a command line tool that checks if your PHP +application depends on PHP packages with known security vulnerabilities. It +uses the Security Advisories Database behind the scenes availble from +https://github.com/FriendsOfPHP/security-advisories.