pkg audit-pkg RFQ
Matthew Seaman
matthew at FreeBSD.org
Fri Aug 21 10:17:15 UTC 2015
On 21/08/2015 01:41, Roger Marquis wrote:
> I believe it would be straightforward to add an "audit-pkg" flag (i.e., "pkg
> audit-pkg [$pkgname] [...]") for either a single package or a list of
> packages, on the command line or via stdin, installed or not, and return a
> report on the vulnerability status of the specified ports/packages?
> Essentially the same as "pkg audit" but with port/package names specified
> rather than derived from local.sqlite.
pkg audit already takes an optional pkgname argument, and it will give
you all the vulnerability reports for that package, even if not
installed. What it doesn't do is filter by either the installed version
or the available versions in your configured repos. That would be good
functionality to have, but I don't think it warrants adding a whole
extra verb to pkg(8); just a few command line flags to pkg audit.
Cheers,
Matthew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 957 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-pkg/attachments/20150821/6c1550be/attachment.bin>
More information about the freebsd-pkg
mailing list