[Git][security-tracker-team/security-tracker][master] 3 commits: gen-DSA: support entries in d?a-needed with multiple dists

[Emilio Pozuelo Monfort (@pochu)]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
52bf1182 by Emilio Pozuelo Monfort at 2024-08-29T10:45:02+02:00
gen-DSA: support entries in d?a-needed with multiple dists

Currently these formats are supported:

pkg
pkg/dist

This change also allows gen-DSA to find entries such as:

pkg/dist1,dist2

- - - - -
02538eba by Emilio Pozuelo Monfort at 2024-08-29T17:02:00+02:00
Document syntax for mysa-needed files

- - - - -
9112f48e by Emilio Pozuelo Monfort at 2024-08-29T15:34:10+00:00
Merge branch 'gen-DSA-multiple-dists' into 'master'

gen-DSA: support entries in d?a-needed with multiple dists

See merge request security-tracker-team/security-tracker!185
- - - - -


2 changed files:

- bin/gen-DSA
- doc/security-team.d.o/security_tracker


Changes:

=====================================
bin/gen-DSA
=====================================
@@ -409,7 +409,7 @@ EOF
     cat $daid_entry data/$IDMODE/list > $tmp_list
     cat $tmp_list > data/$IDMODE/list
     rm -f $tmp_list
-    sed -rn '/^'"$PACKAGE"'(\/\w+)?(\s.*|$)\b/{: next;n;/^\s/b next;d};p' $needed_file > $needed_file.new
+    sed -rn '/^'"$PACKAGE"'(\/[a-z,]+)?(\s.*|$)\b/{: next;n;/^\s/b next;d};p' $needed_file > $needed_file.new
     mv $needed_file.new $needed_file
     echo "$IDMODE text written to ./$IDMODE-$DAID"
     if [ "$IDMODE" = "DLA" ] || [ "$IDMODE" = "ELA" ]; then


=====================================
doc/security-team.d.o/security_tracker
=====================================
@@ -600,6 +600,26 @@ see [ITP/RFP packages](#issues-in-itp-andor-rfp-packages))
 `NOTE:` annotations are often used for URLs for more information but can also be
 used for descriptive comments.
 
+Syntax of mysa-needed.txt files
+-------------------------------
+
+The mysa-needed.txt files (such as dsa-needed.txt) contain a list of packages
+that need to be updated. Lines containing two dashes (`--`) are used as
+separators. Anything before the first separator are comments. After that, the
+first line in each section should contain the package name, possibly followed
+by a slash and a comma-separated list of affected releases. Also an assignee
+can be specified inside parenthesis. Comment lines can be added in following
+lines, indented by two spaces.
+
+An example could look like this:
+
+    --
+    linux (somebody)
+      update to latest point release
+    --
+    vlc/bookworm,bullseye
+    --
+
 Checking in your changes
 ------------------------
 



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5678e33a44102fd4e0ef928de2cf2dd4f04cada2...9112f48e32a04febad321c982d7638584b4417c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5678e33a44102fd4e0ef928de2cf2dd4f04cada2...9112f48e32a04febad321c982d7638584b4417c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240829/e5457ae8/attachment-0001.htm>