svn commit: r487286 - head/security/vuxml
Matthew Seaman
matthew at FreeBSD.org
Wed Dec 12 10:57:15 UTC 2018
On 12/12/2018 10:30, Mathieu Arnold wrote:
> On Wed, Dec 12, 2018 at 10:26:29AM +0000, Matthew Seaman wrote:
>> On 12/12/2018 09:57, Mathieu Arnold wrote:
>>> On Wed, Dec 12, 2018 at 09:16:04AM +0000, Matthew Seaman wrote:
>>>> Author: matthew
>>>> Date: Wed Dec 12 09:16:04 2018
>>>> New Revision: 487286
>>>> URL: https://svnweb.freebsd.org/changeset/ports/487286
>>>>
>>>> Log:
>>>> PHP 70 was EoL'd and is no longer in the ports.
>>>>
>>>> Reported by: joneum
>>>
>>> No longer in trunk, still in the quarterly, please put it back.
>>>
>>
>> It's been put back now.
>
> As a side note, the descriptions in vuxml are not about what currently
> exists, it is about what once existed, so technically, even in two
> years, when recording a flavored php app, one should still mention all
> the previous package names, so that people with old ports tree who have
> not been updated in a while still get a notification that this app is
> vulnerable to something.
How far back should we take this?
Is there any limit on how old a ports tree and the packages installed
from it can be and still be expected to be supported by VuXML? Other
than the practical limitation of 'pkg audit' or some equivalent being
available?
Cheers,
Matthew
More information about the svn-ports-all
mailing list