Date: Fri, 21 Aug 2015 07:42:07 -0700 (PDT) From: Roger Marquis <marquis@roble.com> To: freebsd-pkg@freebsd.org Subject: Re: pkg audit-pkg RFQ
index | | raw e-mail
Matthew Seaman wrote: > pkg audit already takes an optional pkgname argument, and it will give > you all the vulnerability reports for that package, even if not > installed. Great news, thanks Matt. Didn't see this while perusing the source code. Perhaps the man page should be updated: < audit Audit installed packages against known vulnerabilities. > audit Audit installed packages or package/s specified on the command line against known vulnerabilities. > What it doesn't do is filter by either the installed version or the > available versions in your configured repos. That would be good > functionality to have, but I don't think it warrants adding a whole extra > verb to pkg(8); just a few command line flags to pkg audit. Also doesn't parse stdin but I agree this should be easy to workaround. Rogerhelp