Re: git: f68ee0e7a1e8 - main - shar: add a deprecation notice

Reply: Cy Schubert : "Re: git: f68ee0e7a1e8 - main - shar: add a deprecation notice"
In reply to: Cy Schubert : "Re: git: f68ee0e7a1e8 - main - shar: add a deprecation notice"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Kyle Evans <kevans_at_FreeBSD.org>
Date: Thu, 02 Jan 2025 03:12:21 UTC

On 1/1/25 20:53, Cy Schubert wrote:
> In message <202501020215.5022FeQP042716@gitrepo.freebsd.org>, Kyle Evans
> writes
> :
>> The branch main has been updated by kevans:
>>
>> URL: https://cgit.FreeBSD.org/src/commit/?id=f68ee0e7a1e8732f725cad4ac708ec49
>> 093782d4
>>
>> commit f68ee0e7a1e8732f725cad4ac708ec49093782d4
>> Author:     Kyle Evans <kevans@FreeBSD.org>
>> AuthorDate: 2025-01-02 02:15:36 +0000
>> Commit:     Kyle Evans <kevans@FreeBSD.org>
>> CommitDate: 2025-01-02 02:15:36 +0000
>>
>>      shar: add a deprecation notice
>>      
>>      The shar(1) program is simple, but the fundamental idea of a sh archive
>>      is risky at best and one that we probably shouldn't be promoting as
>>      prominently as a program in $PATH and a manpage.  Let's deprecate and
>>      remove it, since the same functionality can easily be found in
>>      tar(1) instead.
>>      
>>      Reviewed by:    emaste, philip
>>      Reviewed by:    allanjude, brooks, delphij, des, imp, rpokala (previous)
>>      MFC after:      3 days
>>      Differential Revision:  https://reviews.freebsd.org/D48130
>> ---
>>   usr.bin/shar/shar.1 | 14 +++++++++++++-
>>   1 file changed, 13 insertions(+), 1 deletion(-)
>>
>> diff --git a/usr.bin/shar/shar.1 b/usr.bin/shar/shar.1
>> index 903f937491dc..df97021b1bba 100644
>> --- a/usr.bin/shar/shar.1
>> +++ b/usr.bin/shar/shar.1
>> @@ -25,12 +25,24 @@
>>   .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
>>   .\" SUCH DAMAGE.
>>   .\"
>> -.Dd January 31, 2019
>> +.Dd January 1, 2025
>>   .Dt SHAR 1
>>   .Os
>>   .Sh NAME
>>   .Nm shar
>>   .Nd create a shell archive of files
>> +.Sh DEPRECATION NOTICE
>> +.Nm
>> +is obsolete and may not be present in
>> +.Fx 15
>> +and later.
>> +Because shell archives are simultaneously data and code and are typically
>> +interpreted by
>> +.Xr sh 1 ,
>> +they can easily be trojan-horsed and pose a significant security risk to use
>> rs.
>> +The
>> +.Xr tar 1
>> +utility can still produce shar encodings of files if needed.
>>   .Sh SYNOPSIS
>>   .Nm
>>   .Ar
>>
> 
> We should probably point to the new port or the GNU variant in ports.
> 

Oh, sorry, I didn't realize you had gone ahead with the port.  I 
wouldn't normally recommend a GNU variant, would you be OK with 
something like:

diff --git a/usr.bin/shar/shar.1 b/usr.bin/shar/shar.1
index df97021b1bba..6beb1e84ceab 100644
--- a/usr.bin/shar/shar.1
+++ b/usr.bin/shar/shar.1
@@ -43,6 +43,11 @@ they can easily be trojan-horsed and pose a 
significant security risk to users.
  The
  .Xr tar 1
  utility can still produce shar encodings of files if needed.
+The
+.Pa sysutils/freebsd-shar
+port has been created to maintain this version of
+.Nm
+past its deprecation in base.
  .Sh SYNOPSIS
  .Nm
  .Ar

?

Thanks,

Kyle Evans