On May 12, 2022, at 18:04, Steven Smith wrote:
>
> I tried to write privoxy-pki-bundle to have these two basic behaviors:
>
> • Updates to the file ${prefix}/share/curl/curl-ca-bundle.crt via port
> curl-ca-bundle will force reinstallation of the CA file
> ${prefix}/etc/privoxy/CA/trustedCAs.pem with the new CAs.
> • port install privoxy-pki-bundle will generate this CA file from
> source; MacPorts will not use a buildbot to create and save an (inevitably
> outdated) file of CAs to be installed when this port is installed.
>
> Apparently, neither of these behaviors is working, as I see from the recent
> update of curl-ca-bundle.
>
> I’d appreciate any pointers to get this port configured and working the way
> it should to make sure that CAs are automatically updated, and old CAs aren’t
> installed.
I don't understand exactly what you're asking for. It sounds like you're saying
the privoxy-pki-bundle port would like to have the curl-ca-bundle.crt file that
the curl-ca-bundle port installs converted to a different format. If so, write
the privoxy-pki-bundle port so that it has depends_build port:curl-ca-bundle
and performs the conversion and installs the converted file. Whenever the
curl-ca-bundle port is updated to a new version, the privoxy-pki-bundle port's
revision should be increased so that it rebuilds with the new bundle. A comment
can be added to the curl-ca-bundle port to remind people to do that when
curl-ca-bundle is updated.
