[Git][security-tracker-team/security-tracker][master] 4 commits: bin/check-syntax: drop dead code

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Mon Aug 11 21:57:29 BST 2025 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b37e74ad by Sylvain Beucler at 2025-08-11T22:57:22+02:00
bin/check-syntax: drop dead code

I suppose the initial 2005 code (per git-blame) was meant to strip
CAN- and CVE- and make unicity checks only based on YYYY-XXXX, but
this should have been: 'if n[0:3]' (not 0:4).  Anyhow, we don't use
'CAN' anymore and never enter the 'if' during 'make check', so let's
drop it for clarity.

- - - - -
a127cd2f by Sylvain Beucler at 2025-08-11T22:57:22+02:00
bin/tracker_data.py: fix invalid escape sequence warning

- - - - -
f8a981b0 by Sylvain Beucler at 2025-08-11T22:57:22+02:00
bin/tracker_data.py: drop six, we already moved to py3

- - - - -
55bb5816 by Sylvain Beucler at 2025-08-11T22:57:22+02:00
lts-cve-triage: drop possible_easy_fixes report

This report lists issues fixed in stable while the package is already
triaged in dla-needed.txt.

This is noise for front-desk (since it's already triaged).

This is not useful to regular LTS contributors, who don't use this
triage script -- and even if they did, this is only a lesser
alternative to checking:
https://security-tracker.debian.org/tracker/source-package/PACKAGE

This will also allow filtering packages already in dla-needed.txt in a
global way (in another commit).

- - - - -


3 changed files:

- bin/check-syntax
- bin/lts-cve-triage.py
- bin/tracker_data.py


Changes:

=====================================
bin/check-syntax
=====================================
@@ -12,8 +12,6 @@ def do_parse(f):
     try:
         for r in f:
             n = r.name
-            if n[0:4] in ('CAN', 'CVE'):
-                n = n[4:]
             if n in names:
                 if names[n] != r.name:
                     sys.stderr.write("error: duplicate CVE entry: %s and %s\n"


=====================================
bin/lts-cve-triage.py
=====================================
@@ -90,9 +90,6 @@ LIST_NAMES = (
     ('unexpected_nodsa',
      ('Issues tagged no-dsa in {lts} that are open in {next_lts}')
      .format(**RELEASES)),
-    ('possible_easy_fixes',
-     ('Issues from dla-needed.txt that are already fixed in {next_lts}')
-     .format(**RELEASES)),
     ('undetermined',
      ('Undetermined issues in {lts}').format(**RELEASES)),
     ('to_forward',
@@ -173,13 +170,6 @@ for pkg in tracker.iterate_packages():
                 else:
                     add_to_list('triage_other', pkg, issue)
 
-            else:
-
-                # package issues already triaged for LTS...
-
-                if status_in_next_lts.status == 'resolved':
-                    add_to_list('possible_easy_fixes', pkg, issue)
-
         # status=='ignored': <no-dsa>/<postponed>/<ignored>/<unimportant>/<undetermined>
         elif status_in_lts.status == 'ignored':
             if (status_in_lts.reason == 'no-dsa' and


=====================================
bin/tracker_data.py
=====================================
@@ -29,7 +29,6 @@ import re
 import subprocess
 
 import requests
-import six
 
 import setup_paths # noqa
 from debian_support import PointUpdateParser
@@ -102,8 +101,8 @@ class TrackerData(object):
 
     @classmethod
     def parse_needed_file(self, inputfile):
-        PKG_RE = '^(\S+)(?:\s+\((.*)\))?$'
-        SEP_RE = '^--$'
+        PKG_RE = r'^(\S+)(?:\s+\((.*)\))?$'
+        SEP_RE = r'^--$'
         state = 'LOOK_FOR_SEP'
         result = {}
         package = ''
@@ -145,7 +144,7 @@ class TrackerData(object):
             yield pkg
 
     def iterate_pkg_issues(self, pkg):
-        for id, data in six.iteritems(self.data[pkg]):
+        for id, data in iter(self.data[pkg].items()):
             data['package'] = pkg
             yield Issue(id, data)
 



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/038089eedbe53ded70856bcc19bdf445b54f0341...55bb58160b4629f15ea030a50d73d6efc5dd9808

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/038089eedbe53ded70856bcc19bdf445b54f0341...55bb58160b4629f15ea030a50d73d6efc5dd9808
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250811/31bd2d1c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list