remove portaudit from handbook, as it has been removed from portstree
Unit Tests Skipped
Removing the outdated information seems fine, can you clarify whether the pkg audit command is listed already ? if not, then we should not remove this, but replace this with ''pkg audit''.
Seems like that whole section on portaudit should be reworked to cover pkg-audit.
Why "uri"? The <link> tag does this with less duplication:
As above, use <link>.
"the manual page for" is redundant, just say "refer to ...". However, this should include the man page for pkg-audit:
refer to &man.pkg-audit.8; and &man.periodic.8;.
(I don't know if there is an entity for pkg-audit yet, might need to add one.)
I think Phabricator is showing an incorrect diff here, but the link to the rendered version does not show the new changes.
"pkg port" is somewhat redundant and confusing. I suggest not calling it a port, but just referring to it as an application. Maybe also specify that it it is really "pkg audit" that is doing the polling and database stuff. There are also a couple of sentences combined that should be separate. For example:
"The &os; Security Team updates and maintains a database of security issues. Security auditing code in <application>pkg</application> checks this database for known problems."
Needs a comma before "please". But a less-hesitant sentence can be made by rearranging it into instructions rather than an if/then:
"Please refer to <> for instructions on installing pkg."
s/will be/are/ (active rather than passive)
Also, it's not clear which functionality that next sentence is talking about. Not the config files...
"any time" is two words.
It is redundant to say "invoking pkg:". Might as well just say "invoking:" and let the full command speak for itself.
This is kind of confusing. Rather than have the separate note, why not include the explanation before the manual command?
"The database is automatically updated during the periodic run. To manually update the database and check for problems, invoke:"
s/will display/displays/ (active rather than passive)
"any installed vulnerable packages" has three adjectives in a row. Maybe "any known vulnerabilities in installed packages:"
Looks like another Phabricator disjointed diff.
See the previous comment about breaking this into two sentences. Either way, the important thing should be stated first, that pkg checks a database for security issues. The aside about it being maintained by the security team is secondary and interrupts the main point.
Also, "known security issue" is redundant.
s/providing an/provides a/
"up-to-date" is kind of a Britishism. How about "updated"?