[Git][security-tracker-team/security-tracker][master] 2 commits: lts-cve-triage: support debian-security-support patterns

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
14d3df2f by Sylvain Beucler at 2022-04-14T16:15:54+02:00
lts-cve-triage: support debian-security-support patterns
e.g. better analysis for "node-moment" and "golang-github-prometheus-client-golang"

- - - - -
3c0dc3c9 by Sylvain Beucler at 2022-04-14T16:18:11+02:00
lts-cve-triage: minor code clarification

- - - - -


1 changed file:

- bin/lts-cve-triage.py


Changes:

=====================================
bin/lts-cve-triage.py
=====================================
@@ -20,6 +20,7 @@ import setup_paths
 import sys
 import argparse
 import collections
+import re
 
 from tracker_data import TrackerData
 from unsupported_packages import UnsupportedPackages, LimitedSupportPackages
@@ -96,6 +97,9 @@ tracker = TrackerData(update_cache=not args.skip_cache_update)
 unsupported = UnsupportedPackages(debian_version=9,
                                   update_cache=not args.skip_cache_update)
 limited = LimitedSupportPackages(update_cache=not args.skip_cache_update)
+# unsupport/limited package names can be regexps
+unsupported_re = re.compile('|'.join(unsupported))
+limited_re = re.compile('|'.join(limited))
 
 
 def add_to_list(key, pkg, issue):
@@ -114,8 +118,8 @@ for pkg in tracker.iterate_packages():
         if status_in_lts.status in ('not-affected', 'resolved'):
             continue
 
-        if status_in_lts.status == 'open':
-            if pkg in unsupported:
+        elif status_in_lts.status == 'open':
+            if re.fullmatch(unsupported_re, pkg):
                 add_to_list('triage_end_of_life', pkg, issue)
                 continue
 
@@ -123,7 +127,7 @@ for pkg in tracker.iterate_packages():
 
                 # package issues in LTS that still need being triaged
 
-                if pkg in limited:
+                if re.fullmatch(limited_re, pkg):
                     add_to_list('triage_limited_support', pkg, issue)
                     continue
 
@@ -150,7 +154,7 @@ for pkg in tracker.iterate_packages():
                 if status_in_next_lts.status == 'resolved':
                     add_to_list('possible_easy_fixes', pkg, issue)
 
-        if status_in_lts.status == 'ignored':
+        elif status_in_lts.status == 'ignored':
             if (status_in_lts.reason == 'no-dsa' and
                     status_in_next_lts.status == 'open'):
                 add_to_list('unexpected_nodsa', pkg, issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bba95208c717b32a7177820db2e5c282f9f69d2e...3c0dc3c9acf074bb867353b093ebded3fa94c9cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bba95208c717b32a7177820db2e5c282f9f69d2e...3c0dc3c9acf074bb867353b093ebded3fa94c9cc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/38ccf09d/attachment-0001.htm>