Bug 266977

Summary: security/metasploit: Update to 6.2.23
Product: Ports & Packages Reporter: Yonas Yanfa <yonas.yanfa>
Component: Individual Port(s)Assignee: Nuno Teixeira <eduardo>
Status: Closed FIXED    
Severity: Affects Only Me CC: eduardo, fernape, tanawts
Priority: --- Flags: bugzilla: maintainer-feedback? (tanawts)
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://github.com/rapid7/metasploit-framework/compare/6.1.24...6.2.23
Attachments:
Description Flags
security/metasploit: update to 6.2.21
tanawts: maintainer-approval+
security/metasploit: update to 6.2.21
tanawts: maintainer-approval+
security/metasploit: update to 6.2.23 none

Description Yonas Yanfa 2022-10-11 22:19:24 UTC 
Latest version is 6.2.21.
Comment 1 Fernando ApesteguĂ­a freebsd_committer freebsd_triage 2022-10-12 12:10:19 UTC 
Hi Yonas,

Could you provide a patch? Maintainers are notify when a new version of the software is available (unless we tell portscout otherwise) so there is usually no need to open a PR for that :-)
Comment 2 Yonas Yanfa 2022-10-12 18:06:13 UTC 
Hi Fernando,

> Could you provide a patch? 

I cannot provide a patch, as I'm not interested in installing the ports collection.


> Maintainers are notify when a new version of the software is available (unless we tell portscout otherwise) so there is usually no need to open a PR for that

I've found many ports that are not kept up-to-date and that creating a PR is the best way to get the port updated.

If you're looking for a better solution, the FreeBSD ports infrastructure should:

1. Automatically upgrade ports to the latest version without manual intervention
2. Automatically test ports before publishing

#2 would require all port maintainers to create tests as a requirement for approving new ports and avoiding deprecation of old ports.

Common automated test criteria could include:

1. `service <name> [enable/setup/start/stop]` all work.
2. If `service <name> setup` is required, it must be mentioned in the post install message.
3. command-line program works - eg. `program --version` outputs a version string.
4. HTTP REST APIs works, if present.
5. Built-in test suites run successfully.
6. A simple test program works - eg. creating accounts / databases / etc.

With these automated tests, we should be more confident in shipping packages without the need for manual testing, which currently isn't happening consistently, and keep up with faster release cycles.
Comment 3 Gian-Simon Purkert 2022-10-12 18:25:57 UTC 
(In reply to Yonas Yanfa from comment #2)

>I cannot provide a patch, as I'm not interested in installing the ports collection.

But packages (the one's you install with pkg install *) are created from the port-tree, so a patch would be greatly appreciated.

you are just one step away from making a jail (poudriere?) and one "git clone"...install portlint and portclippy.

I understand what you mean, but instead of of just telling what the newest version is (the same what portscout already does..most of the time) you could provide a patch...it's even faster

It is fun to be a small part of a project..at least it is for me.

>If you're looking for a better solution, the FreeBSD ports infrastructure should:

Yes please start..i personally would be exited to see that..go for it!!
Comment 4 Gian-Simon Purkert 2022-10-12 18:59:55 UTC 
>I've found many ports that are not kept up-to-date and that creating a PR is >the best way to get the port updated.
>I would not say that FreeBSD is "outdated":

https://repology.org/repositories/statistics

Fedora Rawhide:
Outdated:
4577 	23.5%

FreeBSD:
Outdated:
5334 	22.1%

Much more packages and less "outdated" ones..that's kind of impressive.
Comment 5 tanawts 2022-10-24 17:30:07 UTC 
Created attachment 237583 [details]
security/metasploit: update to 6.2.21

Patch submitted to update Metasploit to 6.2.21
Comment 6 Nuno Teixeira freebsd_committer freebsd_triage 2022-10-24 18:45:06 UTC 
Latest version is 6.2.23.

Could you provide a patch to it?
Please use git formated diff.

Thanks
Comment 7 tanawts 2022-10-25 01:59:15 UTC 
Created attachment 237593 [details]
security/metasploit: update to 6.2.21

Updated patch to be in git format per request
Comment 8 Nuno Teixeira freebsd_committer freebsd_triage 2022-10-25 10:09:12 UTC 
(In reply to tanawts from comment #7)

Thanks for the diff.
Latest version is 6.2.23, you can use this PR to send a diff for update.

Cheers
Comment 9 tanawts 2022-10-25 14:11:15 UTC 
Thanks! I'm afraid this is my first new patch as a port maintainer since FreeBSD migrated from Subversion to Git; I don't have commit permissions, and the porters handbook doesn't seem to cover any further next steps.  Is there anything else that needs to be done on my side?
Comment 10 Nuno Teixeira freebsd_committer freebsd_triage 2022-10-25 15:26:13 UTC 
(In reply to tanawts from comment #9)

You could provide a patch for 6.2.23 same way as you provided it for 6.2.21 and we can use this PR same way.
Comment 11 tanawts 2022-10-25 22:35:19 UTC 
Created attachment 237632 [details]
security/metasploit: update to 6.2.23

Git formatted patch to update Metasploit from 6.1.24 to 6.2.23
Comment 12 commit-hook freebsd_committer freebsd_triage 2022-10-26 12:37:19 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=23dc83f737c77c3c5f28c33de9680d666c8ae027

commit 23dc83f737c77c3c5f28c33de9680d666c8ae027
Author:     Tanawts <tanawts@gmail.com>
AuthorDate: 2022-10-26 12:34:22 +0000
Commit:     Nuno Teixeira <eduardo@FreeBSD.org>
CommitDate: 2022-10-26 12:36:07 +0000

    security/metasploit: Update to 6.2.23

    ChangeLog:
    https://github.com/rapid7/metasploit-framework/compare/6.1.24...6.2.23

    PR:             266977
    Reported by:    yonas.yanfa@gmail.com

 security/metasploit/Makefile | 3 +--
 security/metasploit/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 13 Nuno Teixeira freebsd_committer freebsd_triage 2022-10-26 12:38:45 UTC 
Committed, thanks!