pacaudit

command module

v1.2.1 Latest Latest Go to latest Published: Jun 25, 2020 License: GPL-3.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

pacaudit audits installed packages on Arch Linux against known vulnerabilities listed on https://security.archlinux.org

It ships with a preInstall hook for pacman that warns you if you try to install a vulnerable package.

trizen -S pacaudit

or

any other AUR helper

pacaudit

prints all vulnerable packages by name and the sum of all vulnerable packages
pacaudit -v

prints all vulnerable packages by name, with CVE, severity and the sum of all vulnerable packages
pacaudit -n

returns "OK" if no vulnerable packages are installed, "WARNING" if no vulnerable package with severity HIGH or higher is installed and CRITICAL else
pacaudit -c

print results colorized. Used with verbose (-v) flag
pacaudit -p PKGNAME

check if PKGNAME is listed as vulnerable. Useful for alpk-hooks
pacaudit -i /PATH/TO/JSON/FILE

pacaudit uses the provided json file instead of the online list of vulnerable packages. Useful for hosts without web access.
pacaudit -d

download json file for offline comparison
pacaudit -h

print usage and info

pacaudit audits installed packages against known vulnerabilities listed on security.archlinux.org/vulnerable. Use after pacman -Syu.