Date: Fri, 21 Aug 2015 11:16:56 +0100 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-pkg@freebsd.org Subject: Re: pkg audit-pkg RFQ Message-ID: <55D6FA98.8010202@FreeBSD.org> In-Reply-To: <201508210041.t7L0fZul042807@smtp.infracaninophile.co.uk> References: <201508210041.t7L0fZul042807@smtp.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --SR1gPbJsp5RwpTbV7BqsKaLvQKN6d72MV Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 21/08/2015 01:41, Roger Marquis wrote: > I believe it would be straightforward to add an "audit-pkg" flag (i.e.,= "pkg > audit-pkg [$pkgname] [...]") for either a single package or a list of > packages, on the command line or via stdin, installed or not, and retur= n a > report on the vulnerability status of the specified ports/packages?=20 > Essentially the same as "pkg audit" but with port/package names specifi= ed > rather than derived from local.sqlite. pkg audit already takes an optional pkgname argument, and it will give you all the vulnerability reports for that package, even if not installed. What it doesn't do is filter by either the installed version or the available versions in your configured repos. That would be good functionality to have, but I don't think it warrants adding a whole extra verb to pkg(8); just a few command line flags to pkg audit. Cheers, Matthew --SR1gPbJsp5RwpTbV7BqsKaLvQKN6d72MV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 iQJ8BAEBCgBmBQJV1vqfXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATQQUP/0zBX5ZmHjrwo4P80hIxemcS PXPDWej3xqnwm8sK8XcUIRZOYIZDAzD4mKFjPoHGj/jJ49IzipaDCisq2R8j3Sad uBRWGIoR03++5vc/BKmiZnHdKMU3Day6YRpnY/v/bDSnAVRmMnzv3mqwyZ0pjqF+ NiZ4O4sfLKNrwnU0HQzP6yZ74uje3p+yXUrt2shxa8M45GUzn53Av0aHqPV/a/2J sdIU664ZmdvJfoGAhs6PVKe8sG7jeRsqww/oKovEA1ZHclsFAae70jBqBzrDzraQ x+I15Nkh6/h9YCUWPzzd1uk/fJHUlK2WfTkKKldDMNBs+u7OMwwYaXVtt1X2c+W+ 2yaHx3jF2/a2WQ5+TiwwouSBFJwZDGm7Gr0gkAxsPUo7urWa5JGgmZ932Ch04VqP K0+f/6k5twEvJHoFNsy+1Je6Sllzo1i+pSmXjyxQq071N/N735NN1+1GK2u/ua3P lwGfiK7I/Ck0pgn3LYf6r7iigcZXRQzLi22P2PEtwvU/APK3bosdw+UFaEShEy1J FVhycWHHlk62V93/qFSnWqG85voNPcJCfb4cFy0mcV0IuunTuY0zgLjE0+xdOExT qBZLordm8XONXkkV2hbLMvaHfiAkEuCeTru/Oxi9l6eGcQUJC+QvWtDFgnCzj0SW r8b389/EczctABgcLu8r =Jsrw -----END PGP SIGNATURE----- --SR1gPbJsp5RwpTbV7BqsKaLvQKN6d72MV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55D6FA98.8010202>