It takes FreshPorts about an hour to process an entire vuln.xml file. There is a lot of work to do. Let’s cut that up. Usually, a new vuln is being added, or an existing vuln is being changed. It was suggested by someone, I cannot recall who, that we could store a checksum for each vuln and use that value to decide whether or not to process an incoming vuln.
The problem: how do you calculate a checksum of a vuln?
The vuxml_parsing.pm script makes use XML::Parser to read the vuln.xml file. This module contains a print_self() function, which we might be able to shoehorn into generating an md5. I suggest that the best time to calculate the checksum is just before updating the database; at that time, we have all the data for the vuln.