[Secure-testing-commits] r38613 - bin templates

Ben Hutchings benh at moszumanska.debian.org
Thu Dec 31 00:23:22 UTC 2015 

Author: benh
Date: 2015-12-31 00:23:22 +0000 (Thu, 31 Dec 2015)
New Revision: 38613

Modified:
   bin/contact-maintainers
   templates/lts-no-dsa.txt
   templates/lts-update-planned.txt
Log:
Change maintainer lookup in contact-maintainers to use PTS

The current implementation depends on apt-cache and may use stale
information depending on the local APT configuration.  If squeeze
source packages are enabled in order to work on squeeze-lts, this may
pick up the maintainers from those packages.

Use rdflib to parse the maintainer names and addresses from the PTS.
As a fallback, if rdflib is not available, use the PTS alias for the
package maintainers.

The PTS does not separate Maintainer and Uploaders, so remove this
distinction from the script and templates.


Modified: bin/contact-maintainers
===================================================================
--- bin/contact-maintainers	2015-12-30 22:53:09 UTC (rev 38612)
+++ bin/contact-maintainers	2015-12-31 00:23:22 UTC (rev 38613)
@@ -6,6 +6,7 @@
 import subprocess
 import sys
 import tempfile
+import warnings
 
 from jinja2 import Template
 
@@ -17,24 +18,45 @@
     return pwd.getpwuid(os.getuid()).pw_gecos.split(',')[0].decode('utf-8')
 
 
-def get_source_field(pkg, name):
-    # XXX: retrieve data in a more reliable way
-    cmd = 'apt-cache showsrc {}|grep ^{}:|tail -n 1'.format(
-        pkg, name.capitalize())
-    output = subprocess.check_output(cmd, shell=True).strip()
-    if output:
-        return output.decode('utf-8').split(': ')[1]
-    return ''
+try:
+    import rdflib
 
+except ImportError:
+    warnings.warn('python-rdflib not installed; will fall back to PTS email address')
+    def get_maintainers(pkg):
+        return u'{}@packages.debian.org'.format(pkg)
 
-def get_maintainer(pkg):
-    return get_source_field(pkg, 'Maintainer')
+else:
+    def get_maintainers(pkg):
+        import re, urllib
 
+        # RDF object and predicate references used on PTS
+        project = rdflib.term.URIRef(u'http://packages.qa.debian.org/{}#project'.format(pkg))
+        has_contributor = rdflib.term.URIRef(u'http://schema.org/contributor')
+        is_named = rdflib.term.URIRef(u'http://xmlns.com/foaf/0.1/name')
+        is_same_as = rdflib.term.URIRef(u'http://www.w3.org/2002/07/owl#sameAs')
 
-def get_uploaders(pkg):
-    return get_source_field(pkg, 'Uploaders')
+        maint = []
 
+        graph = rdflib.Graph()
+        graph.parse('https://packages.qa.debian.org/{}/{}.rdf'.format(pkg[0], pkg))
+        for contrib in graph[project : has_contributor]:
+            names = [n for n in graph[contrib : is_named]]
+            addresses = [urllib.unquote(m.group(1)) for m in
+                         map(re.compile(r'http://webid\.debian\.net/maintainers/(.*)#agent$').match,
+                             graph[contrib : is_same_as])
+                         if m]
+            if not names or not addresses:
+                warnings.warn('found contributor missing name and/or address')
+                continue
+            address = addresses[0]
+            if '@' not in address:
+                address += '@debian.org'
+            maint.append(u'"{}" <{}>'.format(names[0], address))
 
+        return u', '.join(maint)
+
+
 # Parse command line
 parser = argparse.ArgumentParser(
     description='Get in touch with package maintainers')
@@ -75,9 +97,9 @@
     'package': args.package,
     'sender': get_full_name(),
     'cve': args.cve,
-    'to': get_maintainer(args.package),
+    'to': get_maintainers(args.package),
     'cc': cc,
-    'uploaders': get_uploaders(args.package),
+    'uploaders': ''
 }
 
 # Generate the mail

Modified: templates/lts-no-dsa.txt
===================================================================
--- templates/lts-no-dsa.txt	2015-12-30 22:53:09 UTC (rev 38612)
+++ templates/lts-no-dsa.txt	2015-12-31 00:23:22 UTC (rev 38613)
@@ -2,10 +2,6 @@
 Cc: {{ cc }}
 Subject: About the security issues affecting {{ package }} in Squeeze
 
-# XXX: Decide whether you want to put some of those persons in copy and
-# then drop this comment
-# Uploaders: {{ uploaders}}
-
 Hello dear maintainer(s),
 
 the Debian LTS team recently reviewed the security issue(s) affecting your

Modified: templates/lts-update-planned.txt
===================================================================
--- templates/lts-update-planned.txt	2015-12-30 22:53:09 UTC (rev 38612)
+++ templates/lts-update-planned.txt	2015-12-31 00:23:22 UTC (rev 38613)
@@ -2,10 +2,6 @@
 Cc: {{ cc }}
 Subject: squeeze update of {{ package }}?
 
-# XXX: Decide whether you want to put some of those persons in copy and
-# then drop this comment
-# Uploaders: {{ uploaders}}
-
 Hello dear maintainer(s),
 
 the Debian LTS team would like to fix the security issues which are

More information about the Secure-testing-commits mailing list