Bug 247953 - ports-mgmt/pkg gives annoying messages
Summary: ports-mgmt/pkg gives annoying messages
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-pkg (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-13 15:34 UTC by frank
Modified: 2020-07-13 15:34 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (pkg)


Attachments
Patch to fix the problem (1.47 KB, patch)
2020-07-13 15:34 UTC, frank
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description frank 2020-07-13 15:34:15 UTC
Created attachment 216421 [details]
Patch to fix the problem

Periodic pkg audit is a good thing. Unfortunately, it is a bit annoying with some of its warnings. For example, I receive this on a daily basis for months now:

  Database fetched: Sat Jul 11 03:38:29 CEST 2020
  bind911-9.11.20: Tag: expiration_date Value: 2021-12-31
  bind911-9.11.20: Tag: deprecated Value: End of life, please migrate to a newer version of BIND9

Which is rather annoying since the expiration date is still 18 months away!!!

Similar, some ports are completely o.k. for running, only during the build process they are using deprecated tools (notably python 2.7), this gives messages such as:

  firefox-78.0_2,1: Tag: deprecated Value: Uses Python 2.7 which is EOLed upstream
  spidermonkey60-60.9.0_3: Tag: deprecated Value: Uses Python 2.7 which is EOLed upstream
  thunderbird-68.9.0_1: Tag: deprecated Value: Uses Python 2.7 which is EOLed upstream

Note that these packages do not use Python to run, only to build.

The attached patch allows to filter this using the nobs:

security_status_pkgaudit_expiration="NO"
security_status_pkgaudit_deprecation="NO"

that can be put in periodic.conf

I would really appreciated if this patch can make it in the system.

p.s.: a better solution might be to add a time window, e.g. warn me only if a expatriation date of a pkg is less than 3 months away. However, I do not know how to do that in sh/bash.