On Thu, 05 Dec 2024 11:49:39 +0100, Benoit Lecocq <b...@arcane-labs.net> wrote: > > > Le 05/12/2024 à 11:39, Kirill A. Korinsky a écrit : > > ports@, > > > > Here a trivial update of security/wapiti to 3.2.2. Realli trivial: > > https://github.com/wapiti-scanner/wapiti/compare/3.2.1...3.2.2 > > > > I also would like to take formal maintainership on that port. > > > > Ok? > > ok benoit@ > >
Seems that updae isn't so trivial. They had switched to use of their own arsenic which hasn't got any changes, only renaming: https://github.com/fabaff/arsenic/compare/main...wapiti-scanner:arsenic:main Here a diff which includes patches which put back using system arseinc. Ok? Index: Makefile =================================================================== RCS file: /home/cvs/ports/security/wapiti/Makefile,v diff -u -p -r1.18 Makefile --- Makefile 12 Nov 2024 19:05:44 -0000 1.18 +++ Makefile 5 Dec 2024 10:37:31 -0000 @@ -1,12 +1,14 @@ COMMENT = web-application vulnerability scanner -MODPY_EGG_VERSION = 3.2.1 +MODPY_EGG_VERSION = 3.2.2 DISTNAME = wapiti3-${MODPY_EGG_VERSION} PKGNAME = wapiti-${MODPY_EGG_VERSION} CATEGORIES = security www HOMEPAGE = https://wapiti-scanner.github.io/ + +MAINTAINER = Kirill A. Korinsky <kir...@korins.ky> # GPLv2 PERMIT_PACKAGE = Yes Index: distinfo =================================================================== RCS file: /home/cvs/ports/security/wapiti/distinfo,v diff -u -p -r1.4 distinfo --- distinfo 12 Nov 2024 19:05:44 -0000 1.4 +++ distinfo 5 Dec 2024 10:30:25 -0000 @@ -1,2 +1,2 @@ -SHA256 (wapiti3-3.2.1.tar.gz) = CyYIrRjGdeZoEjjv7MnV6jtUjZ+l0//9byH+8kw6x54= -SIZE (wapiti3-3.2.1.tar.gz) = 693748 +SHA256 (wapiti3-3.2.2.tar.gz) = IWpvvnBQWIGS4BRx29Xqv5quVkXbqVZ6zFJTdEYkkxI= +SIZE (wapiti3-3.2.2.tar.gz) = 693929 Index: patches/patch-wapitiCore_attack_mod_wapp_py =================================================================== RCS file: patches/patch-wapitiCore_attack_mod_wapp_py diff -N patches/patch-wapitiCore_attack_mod_wapp_py --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-wapitiCore_attack_mod_wapp_py 5 Dec 2024 15:46:15 -0000 @@ -0,0 +1,16 @@ +Revert https://github.com/wapiti-scanner/wapiti/pull/633 + +Index: wapitiCore/attack/mod_wapp.py +--- wapitiCore/attack/mod_wapp.py.orig ++++ wapitiCore/attack/mod_wapp.py +@@ -28,8 +28,8 @@ from urllib.parse import urlparse, quote_plus + from aiocache import cached + from httpx import RequestError + +-from wapiti_arsenic import get_session, browsers, services +-from wapiti_arsenic.errors import JavascriptError, UnknownError, ArsenicError ++from arsenic import get_session, browsers, services ++from arsenic.errors import JavascriptError, UnknownError, ArsenicError + + from wapitiCore.attack.cve.checker import ( + CVEChecker, cvss_score_to_wapiti_level, CVE_DIRECTORY, SUPPORTED_SOFTWARES, is_cve_supported_software Index: patches/patch-wapitiCore_net_auth_py =================================================================== RCS file: patches/patch-wapitiCore_net_auth_py diff -N patches/patch-wapitiCore_net_auth_py --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-wapitiCore_net_auth_py 5 Dec 2024 15:46:23 -0000 @@ -0,0 +1,14 @@ +Revert https://github.com/wapiti-scanner/wapiti/pull/633 + +Index: wapitiCore/net/auth.py +--- wapitiCore/net/auth.py.orig ++++ wapitiCore/net/auth.py +@@ -25,7 +25,7 @@ from urllib.parse import urlparse + import importlib.util + + from httpx import RequestError +-from wapiti_arsenic import get_session, browsers, services, errors, constants ++from arsenic import get_session, browsers, services, errors, constants + + from wapitiCore.net import Request, Response + from wapitiCore.parsers.html_parser import Html Index: patches/patch-wapitiCore_net_intercepting_explorer_py =================================================================== RCS file: patches/patch-wapitiCore_net_intercepting_explorer_py diff -N patches/patch-wapitiCore_net_intercepting_explorer_py --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-wapitiCore_net_intercepting_explorer_py 5 Dec 2024 15:46:18 -0000 @@ -0,0 +1,27 @@ +Revert https://github.com/wapiti-scanner/wapiti/pull/633 + +Index: wapitiCore/net/intercepting_explorer.py +--- wapitiCore/net/intercepting_explorer.py.orig ++++ wapitiCore/net/intercepting_explorer.py +@@ -34,9 +34,9 @@ from mitmproxy.master import Master + from mitmproxy.options import Options + from mitmproxy.http import Request as MitmRequest + import httpx +-from wapiti_arsenic import get_session, browsers, services +-from wapiti_arsenic.constants import SelectorType +-from wapiti_arsenic.errors import ArsenicError, ElementNotInteractable, UnknownArsenicError, NoSuchElement ++from arsenic import get_session, browsers, services ++from arsenic.constants import SelectorType ++from arsenic.errors import ArsenicError, ElementNotInteractable, UnknownArsenicError, NoSuchElement + import structlog + + from wapitiCore.net import Request +@@ -68,7 +68,7 @@ def is_interpreted_type(mime_type: str) -> bool: + + def set_arsenic_log_level(level: int = WARNING): + # Create logger +- logger = getLogger('wapiti_arsenic') ++ logger = getLogger('arsenic') + + # We need factory, to return application-wide logger + def logger_factory(): -- wbr, Kirill
