Update to v1.2.0

HubTou · Mar 17, 2024 · 4e5fe79 · 4e5fe79
1 parent d6809ce
commit 4e5fe79
Show file tree

Hide file tree

Showing 7 changed files with 150 additions and 135 deletions.
diff --git a/VUXML.1.md b/VUXML.1.md
@@ -118,7 +118,7 @@ This implementation was made for the [PNU project](https://github.com/HubTou/PNU
 While working on the [pipinfo(1)](https://github.com/HubTou/pipinfo) tool, I noticed that some Python packages installed as FreeBSD ports
 where marked as vulnerable in [Python advisories](https://github.com/pypa/advisory-database) but not in [FreeBSD ports advisories](https://www.vuxml.org/freebsd/index.html).
 
-I made a tool to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
+I made a tool called [pysec2vuxml](https://github.com/HubTou/pysec2vuxml) to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
 
 So I made a library in order to verify if these vulnerable ports where also marked as vulnerable in FreeBSD VuXML,
 and got carried away writing this utility to demonstrate the use of the library!
@@ -130,7 +130,7 @@ This utility is available under the [3-clause BSD license](https://opensource.or
 [Hubert Tournier](https://github.com/HubTou)
 
 ## CAVEATS
-[PORTREVISION and PORTEPOCH](https://people.freebsd.org/~olivierd/porters-handbook/makefile-naming.html) (ie. software versions ending with "\_number" or ",number")
-are not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
-I would have to develop my own versions comparison library in order to handle that (well, maybe one day :-) ).
+[PORTEPOCH](https://people.freebsd.org/~olivierd/porters-handbook/makefile-naming.html) (ie. software versions ending with ",number")
+is not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
 
+Exotic version numbers (ie. with letters for example) are also not taken into account.
diff --git a/VUXML.3.md b/VUXML.3.md
@@ -99,7 +99,7 @@ This implementation was made for the [PNU project](https://github.com/HubTou/PNU
 While working on the [pipinfo(1)](https://github.com/HubTou/pipinfo) tool, I noticed that some Python packages installed as FreeBSD ports
 where marked as vulnerable in [Python advisories](https://github.com/pypa/advisory-database) but not in [FreeBSD ports advisories](https://www.vuxml.org/freebsd/index.html).
 
-I made a tool to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
+I made a tool called [pysec2vuxml](https://github.com/HubTou/pysec2vuxml) to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
 
 So I made this library in order to verify if these vulnerable ports where also marked as vulnerable in FreeBSD VuXML,
 and got carried away writing a full utility demonstrating its use!
@@ -111,7 +111,7 @@ This library is available under the [3-clause BSD license](https://opensource.or
 [Hubert Tournier](https://github.com/HubTou)
 
 ## CAVEATS
-[PORTREVISION and PORTEPOCH](https://people.freebsd.org/~olivierd/porters-handbook/makefile-naming.html) (ie. software versions ending with "\_number" or ",number")
-are not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
-I would have to develop my own versions comparison library in order to handle that (well, maybe one day :-) ).
+[PORTEPOCH](https://people.freebsd.org/~olivierd/porters-handbook/makefile-naming.html) (ie. software versions ending with ",number")
+is not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
 
+Exotic version numbers (ie. with letters for example) are also not taken into account.
diff --git a/man/vuxml.1 b/man/vuxml.1
@@ -1,4 +1,4 @@
-.Dd March 15, 2024
+.Dd March 17, 2024
 .Dt VUXML 1
 .Os
 .Sh NAME
@@ -208,7 +208,9 @@ While working on the
 tool, I noticed that some Python packages installed as FreeBSD ports
 where marked as vulnerable in Python advisories but not in FreeBSD ports advisories.
 .Pp
-I made a tool to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
+I made a tool called
+.Xr pysec2vuxml
+to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
 .Pp
 So I made a library in order to verify if these vulnerable ports where also marked as vulnerable in FreeBSD VuXML,
 and got carried away writing this utility to demonstrate the use of the library!
@@ -217,6 +219,7 @@ This utility is available under the 3\-clause BSD license.
 .Sh AUTHORS
 .An Hubert Tournier
 .Sh CAVEATS
-PORTREVISION and PORTEPOCH (ie. software versions ending with "_number" or ",number")
-are not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
-I would have to develop my own versions comparison library in order to handle that (well, maybe one day :\-) ).
+PORTEPOCH (ie. software versions ending with ",number")
+is not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
+.Pp
+Exotic version numbers (ie. with letters for example) are also not taken into account.
diff --git a/man/vuxml.3 b/man/vuxml.3
@@ -195,7 +195,9 @@ While working on the
 tool, I noticed that some Python packages installed as FreeBSD ports
 where marked as vulnerable in Python advisories but not in FreeBSD ports advisories.
 .Pp
-I made a tool to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
+I made a tool called
+.Xr pysec2vuxml
+to check the 4000+ FreeBSD ports of Python packages, and found around 1% of them vulnerable.
 .Pp
 So I made this library in order to verify if these vulnerable ports where also marked as vulnerable in FreeBSD VuXML,
 and got carried away writing a full utility demonstrating its use!
@@ -204,6 +206,7 @@ This library is available under the 3\-clause BSD license.
 .Sh AUTHORS
 .An Hubert Tournier
 .Sh CAVEATS
-PORTREVISION and PORTEPOCH (ie. software versions ending with "_number" or ",number")
-are not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
-I would have to develop my own versions comparison library in order to handle that (well, maybe one day :\-) ).
+PORTEPOCH (ie. software versions ending with ",number")
+is not taken into account when checking if a vulnerable Python package is also a vulnerable FreeBSD port.
+.Pp
+Exotic version numbers (ie. with letters for example) are also not taken into account.
diff --git a/setup.cfg b/setup.cfg
@@ -3,7 +3,7 @@ name = pnu-vuxml
 description = FreeBSD VuXML library and query tool
 long_description = file: README.md
 long_description_content_type = text/markdown
-version = 1.1.0
+version = 1.2.0
 license = BSD 3-Clause License
 license_files = License
 author = Hubert Tournier
@@ -53,8 +53,8 @@ console_scripts =
     vuxml = vuxml:main
 
 [options.data_files]
-man/man1 =
+share/man/man1 =
     man/vuxml.1.gz
-man/man3 =
+share/man/man3 =
     man/vuxml.3.gz