Freshmeat is free software release tracking tool with vulnerabilities tracker. Here this is a self hosted web application which allows you to track software directory by tracking software releases, software news, and vulnerabilities. Here it takes the TOM feed of a software projects from you and then start showing the tacking stats. Here you can add multiple projects here and it will keep tracking them those software projects for releases, and vulnerabilities. You can run it locally or you can install this on a VPS after running a few commands.
If you’d like to see all the software news and vulnerabilities posted by developers or the creators. All you need to do is just add different projects on its easy to use online interface and then you are simply done. It even supports email alerts if you have some SMTP server then you can configure settings in the configuration file. Not only this, but it comes with built-in workers that you can use to explicitly run in order to refresh content. This is because the automatic refresh functionality is not yet implemented.
If you want to keep track of a certain software directory without visiting the main website again and again then this tool, Freshmeat here will help you. Just configure it once and then you can simply add software and track their releases on the main web UI of this tool. This web app uses Python, Node.js, and uses PostgreSQL database. And before getting started with this I assume that you have a little knowledge of these things.
Installing Freshmeat on a Linux VPS:
I will recommend using a Linux VPS for the installation of Freshmeat. Just get the terminal ready and make sure that you have Python3 installed along with Pipenv. And then proceed with installation of PostgreSQL. For that, you just run the following command and then you can simply wait for the installation process to finish.
sudo apt install postgresql npm
After PostgreSQL installation, you can set new password and update that in the records. You have to use update the username, passwords, and other SMTP details in the “development.cfg” file which is located in the “/src/Instance” folder in the source code. And then finally install the dependencies by running the following command.
pipenv install
pipenv shell
npm install
After the dependencies install, you can start with the database configuration part. For that, you just need to run the following commands one after another and then simply wait.
export APPLICATION_SETTINGS=development.cfg
python src/manager.py db_create
python src/manager.py db_init
python src/manager.py create_admin <login> <password>
python src/manager.py import_projects var/projects.json
python src/manager.py import_osi_approved_licenses
If these commands finish successfully without any problem then you have completed the installation part. Now, you just have to run the app and then add projects that you want to monitor. That is all explained in the next section.
Using Freshmeat to Track Software Directories and Software Releases:
In the previous section, I have mentioned how you can install it. The same command should work on other platforms as well such as Windows. However, you will have to install the PostgreSQL using some other method. Now, simply come back where we left and in the same terminal, you run the following command. Copy the HTTP URL it shows in the terminal and then you can simply paste that in the address bar of the browser and then wait for web UI of the app to show up.
python src/runserver.py
You can see the main UI of Freshmeat in the screenshot above. At first, there are no projects included and the interface is empty. So, you should start adding some projects in this software directory tracker. To add a project, you simply click on “Projects+” and then proceed with the flow. Give your project a name and then you can simply add its URL and add some additional comments and finally save the project. Simple as that.
In this manner, you can add multiple projects in Freshmeat. After adding the projects, you can simply move on to the statistics section and see more details there. In the statistics, you can see the license distribution and tags to explore. Now, after all this, one more thing that you can work with here is the workers included in this tool.
The included workers are located in the “src/workers/” directory and you can run them explicitly whenever you want. And you can also define a schedule periodically with the help of cron jobs. the various workers included are below and you can see how to run them.
Retrieving CVEs: python src/manager.py fetch_cves
Release tracking: python src/manager.py fetch_releases
Retrieving news about projects: python src/manager.py fetch_news
Above you can see the different workers included in this project. If you have knowledge of cron jobs then I sure that you will be able to set up this on any platform. However, I only tested it on a Linux machine, so I can’t guarantee that it will work without any problem on other platforms. But it should work on Windows and macOS in the same manner.
Closing thoughts
If you need to monitor software directory for new releases and new vulnerabilities then Freshmeat is the right tool for you. The installation part can be tricky, so I will advise you to proceed carefully. Make sure that Linux repositories are up to date and the system is not running low on memory or the resource consumption is not too high during the installation and setting up process. Overall, the interface is simple and all the sections and UI elements are self-explanatory.
