Hi Roger, > On 11 Aug 2017, at 04:41, Roger Marquis <marq...@roble.com> wrote: > > In the past pkg-audit and even pkg-version have not been reliable tools > where installed ports or packages have been subsequently discontinued or > renamed. Today, however, I notice that dovecot2 is still showing up in > the output of pkg-version despite the port having been renamed to > dovecot (without the numeric suffix) several days ago.
Yes, there is a difference between renaming a port, and renaming the vuxml (which is the database behind pkg audit etc.) entries. The entries are listed as ‘dovecot2-*’ there and when renaming a port these entries should ideally be renamed too. It seems that that was not under consideration at the name change moment(s). I’ll try to look into this (starting by prodding the person(s) who did the rename) and asking them to rename the entries in vuxml as well. > > Does this mean there has been a policy change? If so does it cover > pkg-audit as well? There had been no policy change. The application backend is just matching on what was recorded at the moment it was added. Thanks for the notification though, we should add that to the porters-handbook. Cheers REmko > > Roger > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
signature.asc
Description: Message signed with OpenPGP
