Created attachment 231166 [details]
Use package_info file to disable the built-in updater for prowlarr.
Document it is disabled in pkg-message.
The ability to inject the message about using pkg upgrade to update the software is a really nice trick and we should do that.
However, I don't think chowning the binary so Sonarr can update itself should be included in the patch. Someone will find a way to exploit this software and replace itself with something malicious.
Created attachment 231309 [details]
Dont chown binaries, take ownership.
Thanks for all the effort you put into the arrs feld@
Created attachment 231314 [details]
Remove Sonarr.Update and use only version number for package_info (based on review from Taloth)
Created attachment 231317 [details]
Add --debug to mono call. Fixes warning in logs and the sonarr devs state it should be added.
A commit in branch main references this bug:
Author: Michiel van Baak Jansen <email@example.com>
AuthorDate: 2022-01-29 10:06:24 +0000
Commit: Guangyuan Yang <ygy@FreeBSD.org>
CommitDate: 2022-01-29 10:06:24 +0000
net-p2p/sonarr: Disable built-in updater and take maintainership
net-p2p/sonarr/Makefile | 24 +++-
net-p2p/sonarr/files/package_info.in (new) | 5 +
net-p2p/sonarr/files/pkg-message.in (new) | 26 ++++
net-p2p/sonarr/files/sonarr.in | 3 +-
net-p2p/sonarr/pkg-plist (new) | 217 +++++++++++++++++++++++++++++
5 files changed, 268 insertions(+), 7 deletions(-)