Date: Mon, 22 Sep 2014 08:26:12 +0700 From: Victor Sudakov <vas@mpeks.tomsk.su> To: Craig Rodrigues <rodrigc@freebsd.org> Cc: freebsd-pkg@freebsd.org Subject: Re: portaudit -C Message-ID: <20140922012612.GA81996@admin.sibptus.tomsk.ru> In-Reply-To: <CAG=rPVc9cC2-oSe_FAxkPTEWP-36YznowFcbtcx7s62y7YcObQ@mail.gmail.com> References: <20140921153841.GA75919@admin.sibptus.tomsk.ru> <CAG=rPVc9cC2-oSe_FAxkPTEWP-36YznowFcbtcx7s62y7YcObQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Craig Rodrigues wrote: > > > > portaudit says, "The portaudit tool is now obsolete, please remove > > portaudit and use the command 'pkg audit' instead." > > > > portaudit had a very useful function: "portaudit -C": > > > > -C Print a vulnerability report for the port in the current working > > directory. Mostly useful for port developers. > > > > How do I do it with "pkg audit"? > > > > Hi, > > You can do something like this: > > cd /usr/ports/net/asterisk11 > make -d x check-vulnerable # make -d x check-vulnerable make: illegal argument to d option -- x We need a different "x". BTW the "check-vulnerable" target is not documented in ports(7), I had to hunt for in in /usr/ports/Mk/* Maybe we need some "pretty-print-vulnerable" target once portaudit is now obsolete? > > or > > cd /usr/ports/net/asterisk11 > pkg audit `make -V PKGNAME` This requires that net/asterisk11 be already installed, doesn't it? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:sudakov@sibptus.tomsk.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140922012612.GA81996>