New port: security/vuls VULnerability Scanner
ClosedPublic
Actions

Authored by ultima on Jul 27 2017, 1:03 AM.

Details

Reviewers

lifanov
matthew

Commits

rP446844: Vuls is an agentless vulnerability scanner written in golang.

Summary

Vuls is an agentless vulnerability scanner written in golang.
It can scan localhost or remote hosts via SSH. Vuls has a Terminal-Based User
Interface(TUI) to display the scan results.

Vuls' features include:

scan for vulnerabilitie in Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, FreeBSD and Raspbian;
scan middleware that are not included in OS package management;
nondestructive testing;
email and slack notification.

WWW: https://github.com/future-architect/vuls

PR\: 220328
Sumitted by\: Alexandru Ciobanu <iscandr@gmail.com> (maintainer)
Reviewed by\: lifanov (mentor), matthew (mentor)
Approved by\: lifanov (mentor), matthew (mentor)
Differential Revision\: https://reviews.freebsd.org/DXXXXX

Test Plan

portlint:
WARN: Makefile: possible use of absolute pathname "/var/db/vuls".
WARN: Makefile: no port directory /usr/ports/security/go-cve-dictionary found, even though it is listed in RUN_DEPENDS.
0 fatal errors and 2 warnings found.

#2 is due to go-cve-dictionary being a new port and not committed yet. Will wait for this to be committed first.

poudriere:
103i386
103amd64
110i386
110amd64
12i386
12amd64

Diff Detail

Repository

rP FreeBSD ports repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

ultima created this revision.Jul 27 2017, 1:03 AM

Herald added a subscriber: mat. · View Herald TranscriptJul 27 2017, 1:03 AM

mat added inline comments.Jul 27 2017, 7:58 AM

security/vuls/Makefile
19 ↗	(On Diff #31238)	This is not the v0.3.0 tag, so this port should not have this version. $ git describe --tags 7ecd09f v0.3.0-19-g7ecd09f You should probably remove the GH_TAGNAME and change the top block to: DISTVERSIONPREFIX= v DISTVERSION= 0.3.0-19 DISTVERSIONSUFFIX= -g7ecd09f
118 ↗	(On Diff #31238)	Remove quotes. Also, what does it do exactly ? The port defines a do-build and a do-install target, so the software's makefile is never used.
122 ↗	(On Diff #31238)	I do not know how go works, but wouldn't it be easier to put the modules in the directories that are expected instead of putting them in another and patching everything to point at the right place ?

iscandr_gmail.com added a subscriber: iscandr_gmail.com.Jul 27 2017, 10:01 AM

iscandr_gmail.com added inline comments.Jul 27 2017, 10:29 AM

security/vuls/Makefile
122 ↗	(On Diff #31238)	Build dependencies don't use the same package name for imports. E.g. gopkg.in/cheggaaa/pb.v2/pb.go uses "gopkg.in/mattn/go-isatty.v0" while github.com/fatih/color/color.go uses "github.com/mattn/go-isatty". The patching is required to ensure uniform package names in imports across all dependencies.

mat added inline comments.Jul 27 2017, 11:42 AM

security/vuls/Makefile
122 ↗	(On Diff #31238)	Mmmm, I did not know go was such a mess :-)
security/vuls/pkg-plist
1–2 ↗	(On Diff #31238)	This could probably be using PLIST_FILES.

iscandr_gmail.com added inline comments.Jul 27 2017, 2:21 PM

security/vuls/pkg-plist
1–2 ↗	(On Diff #31238)	Done.

Updated with suggestions

Harbormaster completed remote builds in B10701: Diff 31265.Jul 27 2017, 7:25 PM

mat added inline comments.Jul 27 2017, 10:05 PM

security/vuls/Makefile
4–6 ↗	(On Diff #31265)	This is wrong, it should be: DISTVERSIONPREFIX= v DISTVERSION= 0.3.0-19 DISTVERSIONSUFFIX= -g7ecd09f
119 ↗	(On Diff #31265)	You forgot the `@sample` bit that you had in the plist.
security/vuls/pkg-message
3 ↗	(On Diff #31265)	As there is a RUN_DEPENDS, I am not sure this is relevent.

Removed PORTVERSION, added DISTVERSION

I did consider the pkg-message on this port. I think it is best to be insistent on the database provided by go-cve-dictionary as the port is more or less useless if the user doesn't create the database provided by go-cve-dictionary. It should encourage a new user installing the port to check the message provided by the depend.

Harbormaster completed remote builds in B10715: Diff 31288.Jul 28 2017, 12:49 AM

ultima added inline comments.Jul 28 2017, 12:55 AM

security/vuls/Makefile
118 ↗	(On Diff #31238)	The quotes or escape is needed for the @sample, without them the plist will generate the space between @sample and the file as a new line.