Bug 247953

Created attachment 216421 [details]
Patch to fix the problem

Periodic pkg audit is a good thing. Unfortunately, it is a bit annoying with some of its warnings. For example, I receive this on a daily basis for months now:

  Database fetched: Sat Jul 11 03:38:29 CEST 2020
  bind911-9.11.20: Tag: expiration_date Value: 2021-12-31
  bind911-9.11.20: Tag: deprecated Value: End of life, please migrate to a newer version of BIND9

Which is rather annoying since the expiration date is still 18 months away!!!

Similar, some ports are completely o.k. for running, only during the build process they are using deprecated tools (notably python 2.7), this gives messages such as:

  firefox-78.0_2,1: Tag: deprecated Value: Uses Python 2.7 which is EOLed upstream
  spidermonkey60-60.9.0_3: Tag: deprecated Value: Uses Python 2.7 which is EOLed upstream
  thunderbird-68.9.0_1: Tag: deprecated Value: Uses Python 2.7 which is EOLed upstream

Note that these packages do not use Python to run, only to build.

The attached patch allows to filter this using the nobs:

security_status_pkgaudit_expiration="NO"
security_status_pkgaudit_deprecation="NO"

that can be put in periodic.conf

I would really appreciated if this patch can make it in the system.

p.s.: a better solution might be to add a time window, e.g. warn me only if a expatriation date of a pkg is less than 3 months away. However, I do not know how to do that in sh/bash.