From owner-freebsd-ports@freebsd.org  Wed Oct 30 17:13:07 2019
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id EE44015B723
 for <freebsd-ports@mailman.nyi.freebsd.org>;
 Wed, 30 Oct 2019 17:13:07 +0000 (UTC) (envelope-from yuri@rawbw.com)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 473FQW5Qqzz4Gwq
 for <freebsd-ports@freebsd.org>; Wed, 30 Oct 2019 17:13:07 +0000 (UTC)
 (envelope-from yuri@rawbw.com)
Received: by mailman.nyi.freebsd.org (Postfix)
 id B864215B721; Wed, 30 Oct 2019 17:13:07 +0000 (UTC)
Delivered-To: ports@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B818715B720
 for <ports@mailman.nyi.freebsd.org>; Wed, 30 Oct 2019 17:13:07 +0000 (UTC)
 (envelope-from yuri@rawbw.com)
Received: from shell1.rawbw.com (shell1.rawbw.com [198.144.192.42])
 by mx1.freebsd.org (Postfix) with ESMTP id 473FQV1Wn5z4Gwl
 for <ports@freebsd.org>; Wed, 30 Oct 2019 17:13:05 +0000 (UTC)
 (envelope-from yuri@rawbw.com)
Received: from yv.noip.me (c-67-180-169-236.hsd1.ca.comcast.net
 [67.180.169.236]) (authenticated bits=0)
 by shell1.rawbw.com (8.15.1/8.15.1) with ESMTPSA id x9UHD0ZK032633
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
 Wed, 30 Oct 2019 10:13:01 -0700 (PDT) (envelope-from yuri@rawbw.com)
X-Authentication-Warning: shell1.rawbw.com: Host
 c-67-180-169-236.hsd1.ca.comcast.net [67.180.169.236] claimed to be
 yv.noip.me
Subject: Re: packaging a port that uses npm during build.
To: Willem Jan Withagen <wjw@digiware.nl>,
 "ports@freebsd.org" <ports@freebsd.org>
References: <ed00bd7d-c13c-f7ec-1fbb-48b97f242a6c@digiware.nl>
From: Yuri <yuri@rawbw.com>
Message-ID: <1455167b-62ca-0601-ff27-e86fa54baecf@rawbw.com>
Date: Wed, 30 Oct 2019 10:12:59 -0700
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101
 Thunderbird/68.2.0
MIME-Version: 1.0
In-Reply-To: <ed00bd7d-c13c-f7ec-1fbb-48b97f242a6c@digiware.nl>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Rspamd-Queue-Id: 473FQV1Wn5z4Gwl
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=pass (mx1.freebsd.org: domain of yuri@rawbw.com designates 198.144.192.42
 as permitted sender) smtp.mailfrom=yuri@rawbw.com
X-Spamd-Result: default: False [-4.82 / 15.00]; ARC_NA(0.00)[];
 TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[];
 FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:198.144.192.32/27:c];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 HAS_XAW(0.00)[]; DMARC_NA(0.00)[rawbw.com];
 RECEIVED_SPAMHAUS_PBL(0.00)[236.169.180.67.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net
 : 127.0.0.10]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCPT_COUNT_TWO(0.00)[2];
 RCVD_IN_DNSWL_NONE(0.00)[42.192.144.198.list.dnswl.org : 127.0.10.0];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 IP_SCORE(-2.62)[ip: (-6.10), ipnet: 198.144.192.0/20(-3.33), asn: 7961(-3.63),
 country: US(-0.05)]; RCVD_NO_TLS_LAST(0.10)[];
 FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:7961, ipnet:198.144.192.0/20, country:US];
 MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Oct 2019 17:13:08 -0000

On 2019-10-28 04:17, Willem Jan Withagen wrote:
>
> I think I read once somewhere that there is also a "flag" that 
> indicates that the port wants network access during the build. Is that 
> feasible? 


No, this isn't/shouldn't be possible.


Please look at how misc/netron is done. It pre-packages NPM modules into 
a separate distfile.


CAVEAT: Please keep in mind that NodeJS downloads JS files from a 
multitude of GitHub locations, which makes this technology fundamentally 
insecure because any malicious  or otherwise harmful change in any of 
the hundreds of projects would be automatically propagated into the 
FreeBSD package and further to the users. For this reason NodeJS 
software is less secure and for example RPM and Debian packages often 
(or always) just don't include such software into their distributions.


misc/netron only has a few js files installed so it is okay. You can 
also do the same with more complex projects, with the above caveat.


Best,

Yuri