Bug 251685 - security/vuls: Update to 0.13.7
Summary: security/vuls: Update to 0.13.7
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dmitri Goutnik
URL: https://github.com/future-architect/v...
Depends on:
Reported: 2020-12-08 15:31 UTC by Alexandru Ciobanu
Modified: 2021-01-09 19:32 UTC (History)
2 users (show)

See Also:

vuls.diff (1.26 KB, patch)
2020-12-08 15:31 UTC, Alexandru Ciobanu
iscandr: maintainer-approval+
Details | Diff
build logs (19.81 KB, text/plain)
2020-12-23 22:08 UTC, Alex
no flags Details
Fix dependencies conflict (3.22 KB, patch)
2020-12-24 05:29 UTC, Alexandru Ciobanu
iscandr: maintainer-approval+
Details | Diff
Build log (111.93 KB, text/plain)
2020-12-24 05:30 UTC, Alexandru Ciobanu
no flags Details
vuls-0.13.7.patch (19.15 KB, patch)
2021-01-09 19:32 UTC, Dmitri Goutnik
dmgk: maintainer-approval?
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandru Ciobanu 2020-12-08 15:31:24 UTC
Created attachment 220368 [details]
Comment 1 Alexandru Ciobanu 2020-12-08 15:32:17 UTC
* Update to 0.13.7

portlint warnings:
WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy.

testport: OK (poudriere: 12.2-RELEASE-p1 amd64 tested)
Comment 2 Alex 2020-12-23 22:08:43 UTC
Created attachment 220876 [details]
build logs


Currently the port can't be built since the sources can't be downloaded. The build logs are attached. 

Thanks very much!
Comment 3 Alexandru Ciobanu 2020-12-23 22:30:38 UTC
(In reply to Alex from comment #2)
Hi Alex,

I've noticed the same issue with poudriere. Re-running the build a couple of times did the trick for me. I believe there are some limits on codeload.github.com being hit. If you have any suggestions how to overcome this I can give them a try.

Comment 4 Alex 2020-12-23 23:15:31 UTC
Hi Alex,

I don't think this has anything to do with codeload.github.com. I think it might be a permission issue somewhere. The previous version of security/vuls which is on the 2020Q4 branch is working just fine. 

HEAD - http://beefy6.nyi.freebsd.org/data/121amd64-default/558707/logs/errors/vuls-

2020Q4 - http://beefy2.nyi.freebsd.org/data/121amd64-quarterly/527662/logs/vuls-0.6.1.log
Comment 5 Alex 2020-12-23 23:40:45 UTC
if you try to download some a file in a folder where you don't have write permissions you'll get this:

shell# fetch https://codeload.github.com/cenkalti/backoff/tar.gz/v2.2.1\?dummy\=/cenkalti-backoff-v2.2.1_GH0.tar.gz
fetch: https://codeload.github.com/cenkalti/backoff/tar.gz/v2.2.1?dummy=/cenkalti-backoff-v2.2.1_GH0.tar.gz: size of remote file is not known

I think this is the problem(only those files fail to download):

Comment 6 Alex 2020-12-24 01:03:35 UTC
you get the same error if you try to download the file into a folder that doesn't exist.
Comment 7 Alexandru Ciobanu 2020-12-24 05:29:24 UTC
Created attachment 220879 [details]
Fix dependencies conflict

The fetch failure was due to a conflict in dependencies. This patch fixes it.
Comment 8 Alexandru Ciobanu 2020-12-24 05:30:12 UTC
Created attachment 220880 [details]
Build log
Comment 9 Alexandru Ciobanu 2020-12-24 05:35:46 UTC
Comment on attachment 220880 [details]
Build log

It builds cleanly now. Thanks for the pointers!
Comment 10 Dmitri Goutnik freebsd_committer 2021-01-09 19:32:24 UTC
Created attachment 221429 [details]

(In reply to Alexandru Ciobanu from comment #9)
Thanks for the update Alexandru, but the diff you attached seems incomplete. I did a quick `make gomod-vendor` and it turns out that some dependencies need an update too.


- GH_SUBDIR is not needed with go:modules and can be removed.

- post-patch target can be removed entirely because GH_TUPLE and post-extract already place dependencies in correct subdirs.

Please see/test/approve attached vuls-0.13.7.patch.