-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmethod.txt
113 lines (80 loc) · 3.26 KB
/
method.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
TWO BIGGEST CHALLENGES:
=======================
CHALLENGE-1:
------------
+ With an abitrary file in the system, how to know exactly the version (and related info: released date,...) of the program/package it belongs to?
CHALLENGE-2:
------------
+ With a program name (or its file names), how to find information about its latest version on Internet?
==========================================
### Type of programs:
That not managed by Package Manager (APT).
1. Binaries: Method
* Pre-install (Linux distro) [A]
* Compliled from source files
+ Extracted from a TARBALL (remain) [A]
+ Extracted from a TARBALL (deleted) [C]
+ In a GIT repository (remain) [B]
+ In a GIT repository (deleted) [C]
* (Pre-compiled) Extracted from a TARBALL [A]
2. Scripts:
* Extracted from a TARBALL [A]
* In a GIT repository [B]
### Method:
## [A]: Modify Date-time based.
Modify Date-time is (considerably) the Release Date.
## [B]: Git method.
Extract information by git commands (CommitID, Tag, Dates).
## [C]: Other heuristical method.
<Chall-1>: Provided 2 binaries, how to know which one is newer (later version)
than the other one? => (T.B.D).
<Chall-2>: Provided a program name, how to find latest version info of it on Internet?
* If it exists on Github: => Use GitHub API?
* If it does not exist on Github: => (T.B.D)
### Notes:
* `Binaries`: executable ELF files, libraries (.so), APK (.apk), Java (.jar)
* `Scripts`: shell(.sh), python(.py, .pyc), perl(.pl).
========================================
Show all packages:
$ apt-cache pkgnames
Show info about one package:
$ apt-cache show <package_name>
Step 1:
+ Get information:
Linux: apt-cache, .git directories
Windows: registry
+ Output: Database (.txt file) for both Linux/Windows (same format)
Format: (CSV text file)
package_name,version,released_date,compilation_date,architecture,size,sha256,sha1,md5sum,homepage,description-md5,filename
Additional info:
+ released date:
+ compilation date: WINDOWS only?
+ filename:
Step 2:
+ Check latest information
By APT method? (Linux)
By GIT method? (Linux)
By manual website checking method? (Linux/Windows)
By external provided database (Symantec?)
Input: Package names list (text file)
Ouput: Database (.txt file) for both Linux/Windows (same format)
Format: (CSV text file)
==> should be the same format as Step 1?
Step 3:
+ Compare output files of Step 1 and Step 2.
=> Identify outdated packages.
Step 4:
+ Make (visualized) report.
ISSUES:
+ Number of packages is very large (only APT is: approx. 60K)
=> Solution: not process on ALL packages at a time, but process package by package (ONLY ONE) at a time.
CHALLENGES:
+ There are many ways to check current version of installed packages, NEED to specify HOW to select any of them?
Ref: https://www.cyberciti.biz/faq/debian-ubuntu-linux-apt-get-aptitude-show-package-version-command/
+ "LATEST" definition?: also depends on architecture, OS,..?
--> how to confirm which is latest version suitable for current machine?
+ How to get latest version info with only the Homepage?
+ Other OS without APT?
======================
$ apt list --installed
$ apt-cache pkgnames | while read line; do echo "Processing $line" && apt-show-versions $line | grep -v "not installed"; done