Merge ~alexmurray/ubuntu-cve-tracker:restore-release-stamps-and-sort-instead-by-release-version into ubuntu-cve-tracker:master
- Git
- lp:~alexmurray/ubuntu-cve-tracker
- restore-release-stamps-and-sort-instead-by-release-version
- Merge into master
Status: | Merged |
---|---|
Merged at revision: | 0ac376a38675ad0addf59403120770b5391ed150 |
Proposed branch: | ~alexmurray/ubuntu-cve-tracker:restore-release-stamps-and-sort-instead-by-release-version |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
442 lines (+77/-13) 2 files modified
scripts/cve_lib.py (+75/-10) scripts/test_cve_lib.py (+2/-3) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Emilia Torino | Approve | ||
Steve Beattie | Pending | ||
Ubuntu Security Team | Pending | ||
Review via email: mp+440074@code.launchpad.net |
Commit message
Description of the change
Alex Murray (alexmurray) wrote : | # |
Alex Murray (alexmurray) wrote : | # |
Ignore the change in cve-mode.el shown in the diff below - that was unintentional and has been removed from this MP but seems LP has not updated the inline diff to match.
Steve Beattie (sbeattie) wrote : | # |
This LGTM, though I'm not sure about the impact on the KPIs, so would like Emi's feedback.
The only minor minor thing that gives me pause is using a float value for the version.
Emilia Torino (emitorino) wrote : | # |
Thanks for considering this!
I have a question before moving fw, should trusty/esm (which its stamp is 04/2019) be consider before or after xenial (04/2016)?
With this code, trusty/esm is ordered before xenial:
>>> r = ["jammy", "focal", "trusty/esm", "esm-apps/bionic", "trusty", "xenial", "bionic", "esm-apps/jammy"]
>>> import cve_lib
>>> cve_lib.
['trusty', 'trusty/esm', 'xenial', 'bionic', 'esm-apps/bionic', 'focal', 'jammy', 'esm-apps/jammy']
Maybe this is ok for the uses cases under consideration.
Emilia Torino (emitorino) : | # |
Marc Deslauriers (mdeslaur) wrote : | # |
Personally I would like trusty/esm to appear after trusty and before xenial when listed in CVE files.
Emilia Torino (emitorino) wrote : | # |
> Personally I would like trusty/esm to appear after trusty and before xenial
> when listed in CVE files.
+1 to this as well.
Preview Diff
1 | diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py |
2 | index 0429f71..f118f93 100755 |
3 | --- a/scripts/cve_lib.py |
4 | +++ b/scripts/cve_lib.py |
5 | @@ -107,6 +107,7 @@ subprojects = { |
6 | "ppa": "ubuntu-esm/esm/ubuntu", |
7 | "parent": "ubuntu/precise", |
8 | "description": "Available with UA Infra or UA Desktop: https://ubuntu.com/advantage", |
9 | + "stamp": 1493521200, |
10 | }, |
11 | "esm/trusty": { |
12 | "eol": False, |
13 | @@ -118,6 +119,7 @@ subprojects = { |
14 | "ppa": "ubuntu-esm/esm-infra-security/ubuntu", |
15 | "parent": "ubuntu/trusty", |
16 | "description": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", |
17 | + "stamp": 1556593200, |
18 | }, |
19 | "esm-infra/xenial": { |
20 | "eol": False, |
21 | @@ -129,6 +131,7 @@ subprojects = { |
22 | "ppa": "ubuntu-esm/esm-infra-security/ubuntu", |
23 | "parent": "ubuntu/xenial", |
24 | "description": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", |
25 | + "stamp": 1618963200, |
26 | }, |
27 | "esm-apps/xenial": { |
28 | "eol": False, |
29 | @@ -140,6 +143,7 @@ subprojects = { |
30 | "ppa": "ubuntu-esm/esm-apps-security/ubuntu", |
31 | "parent": "esm-infra/xenial", |
32 | "description": "Available with Ubuntu Pro: https://ubuntu.com/pro", |
33 | + "stamp": 1618963200, |
34 | }, |
35 | "esm-apps/bionic": { |
36 | "eol": False, |
37 | @@ -151,6 +155,7 @@ subprojects = { |
38 | "ppa": "ubuntu-esm/esm-apps-security/ubuntu", |
39 | "parent": "ubuntu/bionic", |
40 | "description": "Available with Ubuntu Pro: https://ubuntu.com/pro", |
41 | + "stamp": 1524870000, |
42 | }, |
43 | "esm-apps/focal": { |
44 | "eol": False, |
45 | @@ -162,6 +167,7 @@ subprojects = { |
46 | "ppa": "ubuntu-esm/esm-apps-security/ubuntu", |
47 | "parent": "ubuntu/focal", |
48 | "description": "Available with Ubuntu Pro: https://ubuntu.com/pro", |
49 | + "stamp": 1587567600, |
50 | }, |
51 | "esm-apps/jammy": { |
52 | "eol": False, |
53 | @@ -173,6 +179,7 @@ subprojects = { |
54 | "ppa": "ubuntu-esm/esm-apps-security/ubuntu", |
55 | "parent": "ubuntu/jammy", |
56 | "description": "Available with Ubuntu Pro: https://ubuntu.com/pro", |
57 | + "stamp": 1650693600, |
58 | }, |
59 | "fips/xenial": { |
60 | "eol": False, |
61 | @@ -260,6 +267,7 @@ subprojects = { |
62 | "eol": True, |
63 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
64 | "name": "Ubuntu 4.10", |
65 | + "version": 4.10, |
66 | "codename": "Warty Warthog", |
67 | "alias": "warty", |
68 | "description": "Interim Release", |
69 | @@ -269,6 +277,7 @@ subprojects = { |
70 | "eol": True, |
71 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
72 | "name": "Ubuntu 5.04", |
73 | + "version": 5.04, |
74 | "codename": "Hoary Hedgehog", |
75 | "alias": "hoary", |
76 | "description": "Interim Release", |
77 | @@ -278,6 +287,7 @@ subprojects = { |
78 | "eol": True, |
79 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
80 | "name": "Ubuntu 5.10", |
81 | + "version": 5.10, |
82 | "codename": "Breezy Badger", |
83 | "alias": "breezy", |
84 | "description": "Interim Release", |
85 | @@ -287,6 +297,7 @@ subprojects = { |
86 | "eol": True, |
87 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
88 | "name": "Ubuntu 6.06 LTS", |
89 | + "version": 6.06, |
90 | "codename": "Dapper Drake", |
91 | "alias": "dapper", |
92 | "description": "Long Term Support", |
93 | @@ -296,6 +307,7 @@ subprojects = { |
94 | "eol": True, |
95 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
96 | "name": "Ubuntu 6.10", |
97 | + "version": 6.10, |
98 | "codename": "Edgy Eft", |
99 | "alias": "edgy", |
100 | "description": "Interim Release", |
101 | @@ -305,6 +317,7 @@ subprojects = { |
102 | "eol": True, |
103 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
104 | "name": "Ubuntu 7.04", |
105 | + "version": 7.04, |
106 | "codename": "Feisty Fawn", |
107 | "alias": "feisty", |
108 | "description": "Interim Release", |
109 | @@ -314,6 +327,7 @@ subprojects = { |
110 | "eol": True, |
111 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
112 | "name": "Ubuntu 7.10", |
113 | + "version": 7.10, |
114 | "codename": "Gutsy Gibbon", |
115 | "alias": "gutsy", |
116 | "description": "Interim Release", |
117 | @@ -323,6 +337,7 @@ subprojects = { |
118 | "eol": True, |
119 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
120 | "name": "Ubuntu 8.04 LTS", |
121 | + "version": 8.04, |
122 | "codename": "Hardy Heron", |
123 | "alias": "hardy", |
124 | "description": "Long Term Support", |
125 | @@ -332,6 +347,7 @@ subprojects = { |
126 | "eol": True, |
127 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
128 | "name": "Ubuntu 8.10", |
129 | + "version": 8.10, |
130 | "codename": "Intrepid Ibex", |
131 | "alias": "intrepid", |
132 | "description": "Interim Release", |
133 | @@ -341,6 +357,7 @@ subprojects = { |
134 | "eol": True, |
135 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
136 | "name": "Ubuntu 9.04", |
137 | + "version": 9.04, |
138 | "codename": "Jaunty Jackalope", |
139 | "alias": "jaunty", |
140 | "description": "Interim Release", |
141 | @@ -350,6 +367,7 @@ subprojects = { |
142 | "eol": True, |
143 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
144 | "name": "Ubuntu 9.10", |
145 | + "version": 9.10, |
146 | "codename": "Karmic Koala", |
147 | "alias": "karmic", |
148 | "description": "Interim Release", |
149 | @@ -359,6 +377,7 @@ subprojects = { |
150 | "eol": True, |
151 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
152 | "name": "Ubuntu 10.04 LTS", |
153 | + "version": 10.04, |
154 | "codename": "Lucid Lynx", |
155 | "alias": "lucid", |
156 | "description": "Long Term Support", |
157 | @@ -368,6 +387,7 @@ subprojects = { |
158 | "eol": True, |
159 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
160 | "name": "Ubuntu 10.10", |
161 | + "version": 10.10, |
162 | "codename": "Maverick Meerkat", |
163 | "alias": "maverick", |
164 | "description": "Interim Release", |
165 | @@ -377,6 +397,7 @@ subprojects = { |
166 | "eol": True, |
167 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
168 | "name": "Ubuntu 11.04", |
169 | + "version": 11.04, |
170 | "codename": "Natty Narwhal", |
171 | "alias": "natty", |
172 | "description": "Interim Release", |
173 | @@ -386,6 +407,7 @@ subprojects = { |
174 | "eol": True, |
175 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
176 | "name": "Ubuntu 11.10", |
177 | + "version": 11.10, |
178 | "codename": "Oneiric Ocelot", |
179 | "alias": "oneiric", |
180 | "description": "Interim Release", |
181 | @@ -395,6 +417,7 @@ subprojects = { |
182 | "eol": True, |
183 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
184 | "name": "Ubuntu 12.04 LTS", |
185 | + "version": 12.04, |
186 | "codename": "Precise Pangolin", |
187 | "alias": "precise", |
188 | "description": "Long Term Support", |
189 | @@ -404,6 +427,7 @@ subprojects = { |
190 | "eol": True, |
191 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
192 | "name": "Ubuntu 12.10", |
193 | + "version": 12.10, |
194 | "codename": "Quantal Quetzal", |
195 | "alias": "quantal", |
196 | "description": "Interim Release", |
197 | @@ -413,6 +437,7 @@ subprojects = { |
198 | "eol": True, |
199 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
200 | "name": "Ubuntu 13.04", |
201 | + "version": 13.04, |
202 | "codename": "Raring Ringtail", |
203 | "alias": "raring", |
204 | "description": "Interim Release", |
205 | @@ -422,6 +447,7 @@ subprojects = { |
206 | "eol": True, |
207 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
208 | "name": "Ubuntu 13.10", |
209 | + "version": 13.10, |
210 | "codename": "Saucy Salamander", |
211 | "alias": "saucy", |
212 | "description": "Interim Release", |
213 | @@ -431,6 +457,7 @@ subprojects = { |
214 | "eol": True, |
215 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
216 | "name": "Ubuntu 14.04 LTS", |
217 | + "version": 14.04, |
218 | "codename": "Trusty Tahr", |
219 | "alias": "trusty", |
220 | "description": "Long Term Support", |
221 | @@ -440,6 +467,7 @@ subprojects = { |
222 | "eol": True, |
223 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
224 | "name": "Ubuntu 14.10", |
225 | + "version": 14.10, |
226 | "codename": "Utopic Unicorn", |
227 | "alias": "utopic", |
228 | "description": "Interim Release", |
229 | @@ -449,6 +477,7 @@ subprojects = { |
230 | "eol": True, |
231 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
232 | "name": "Ubuntu 15.04", |
233 | + "version": 15.04, |
234 | "codename": "Vivid Vervet", |
235 | "alias": "vivid", |
236 | "description": "Interim Release", |
237 | @@ -458,6 +487,7 @@ subprojects = { |
238 | "eol": True, |
239 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
240 | "name": "Ubuntu 15.10", |
241 | + "version": 15.10, |
242 | "codename": "Wily Werewolf", |
243 | "alias": "wily", |
244 | "description": "Interim Release", |
245 | @@ -467,6 +497,7 @@ subprojects = { |
246 | "eol": True, |
247 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
248 | "name": "Ubuntu 16.04 LTS", |
249 | + "version": 16.04, |
250 | "codename": "Xenial Xerus", |
251 | "alias": "xenial", |
252 | "description": "Long Term Support", |
253 | @@ -476,6 +507,7 @@ subprojects = { |
254 | "eol": True, |
255 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
256 | "name": "Ubuntu 16.10", |
257 | + "version": 16.10, |
258 | "codename": "Yakkety Yak", |
259 | "alias": "yakkety", |
260 | "description": "Interim Release", |
261 | @@ -485,6 +517,7 @@ subprojects = { |
262 | "eol": True, |
263 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
264 | "name": "Ubuntu 17.04", |
265 | + "version": 17.04, |
266 | "codename": "Zesty Zapus", |
267 | "alias": "zesty", |
268 | "description": "Interim Release", |
269 | @@ -494,6 +527,7 @@ subprojects = { |
270 | "eol": True, |
271 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
272 | "name": "Ubuntu 17.10", |
273 | + "version": 17.10, |
274 | "codename": "Artful Aardvark", |
275 | "alias": "artful", |
276 | "description": "Interim Release", |
277 | @@ -504,6 +538,7 @@ subprojects = { |
278 | "oval": True, |
279 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
280 | "name": "Ubuntu 18.04 LTS", |
281 | + "version": 18.04, |
282 | "codename": "Bionic Beaver", |
283 | "alias": "bionic", |
284 | "description": "Long Term Support", |
285 | @@ -513,6 +548,7 @@ subprojects = { |
286 | "eol": True, |
287 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
288 | "name": "Ubuntu 18.10", |
289 | + "version": 18.10, |
290 | "codename": "Cosmic Cuttlefish", |
291 | "alias": "cosmic", |
292 | "description": "Interim Release", |
293 | @@ -522,6 +558,7 @@ subprojects = { |
294 | "eol": True, |
295 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
296 | "name": "Ubuntu 19.04", |
297 | + "version": 19.04, |
298 | "codename": "Disco Dingo", |
299 | "alias": "disco", |
300 | "description": "Interim Release", |
301 | @@ -531,6 +568,7 @@ subprojects = { |
302 | "eol": True, |
303 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
304 | "name": "Ubuntu 19.10", |
305 | + "version": 19.10, |
306 | "codename": "Eoan Ermine", |
307 | "alias": "eoan", |
308 | "description": "Interim Release", |
309 | @@ -541,6 +579,7 @@ subprojects = { |
310 | "oval": True, |
311 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
312 | "name": "Ubuntu 20.04 LTS", |
313 | + "version": 20.04, |
314 | "codename": "Focal Fossa", |
315 | "alias": "focal", |
316 | "description": "Long Term Support", |
317 | @@ -550,6 +589,7 @@ subprojects = { |
318 | "eol": True, |
319 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
320 | "name": "Ubuntu 20.10", |
321 | + "version": 20.10, |
322 | "codename": "Groovy Gorilla", |
323 | "alias": "groovy", |
324 | "description": "Interim Release", |
325 | @@ -559,6 +599,7 @@ subprojects = { |
326 | "eol": True, |
327 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
328 | "name": "Ubuntu 21.04", |
329 | + "version": 21.04, |
330 | "codename": "Hirsute Hippo", |
331 | "alias": "hirsute", |
332 | "description": "Interim Release", |
333 | @@ -568,6 +609,7 @@ subprojects = { |
334 | "eol": True, |
335 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
336 | "name": "Ubuntu 21.10", |
337 | + "version": 21.10, |
338 | "codename": "Impish Indri", |
339 | "alias": "impish", |
340 | "description": "Interim Release", |
341 | @@ -578,6 +620,7 @@ subprojects = { |
342 | "oval": True, |
343 | "components": ["main", "restricted", "universe", "multiverse", "partner"], |
344 | "name": "Ubuntu 22.04 LTS", |
345 | + "version": 22.04, |
346 | "codename": "Jammy Jellyfish", |
347 | "alias": "jammy", |
348 | "description": "Long Term Support", |
349 | @@ -588,6 +631,7 @@ subprojects = { |
350 | "oval": True, |
351 | "components": ["main", "restricted", "universe", "multiverse"], |
352 | "name": "Ubuntu 22.10", |
353 | + "version": 22.10, |
354 | "codename": "Kinetic Kudu", |
355 | "alias": "kinetic", |
356 | "devel": False, |
357 | @@ -599,6 +643,7 @@ subprojects = { |
358 | "oval": True, |
359 | "components": ["main", "restricted", "universe", "multiverse"], |
360 | "name": "Ubuntu 23.04", |
361 | + "version": 23.04, |
362 | "codename": "Lunar Lobster", |
363 | "alias": "lunar", |
364 | "devel": True, # there can be only one ⚔ |
365 | @@ -717,7 +762,7 @@ def release_progenitor(rel): |
366 | return parent |
367 | |
368 | def release_stamp(rel): |
369 | - """Return the time stamp for rel.""" |
370 | + """Return the time stamp for rel or its parent if it doesn't define one.""" |
371 | stamp = -1 |
372 | _, _, _, details = get_subproject_details(rel) |
373 | if details: |
374 | @@ -733,6 +778,20 @@ def release_stamp(rel): |
375 | stamp = details["stamp"] |
376 | return stamp |
377 | |
378 | +def release_version(rel): |
379 | + """Return the version for rel or its parent if it doesn't have one.""" |
380 | + version = 0.0 |
381 | + _, _, _, details = get_subproject_details(rel) |
382 | + if details: |
383 | + try: |
384 | + version = details["version"] |
385 | + except KeyError: |
386 | + rel = release_progenitor(rel) |
387 | + _, _, _, details = get_subproject_details(rel) |
388 | + if details: |
389 | + version = details["version"] |
390 | + return version |
391 | + |
392 | def release_ppa(rel): |
393 | """Return the ppa for a given subproject.""" |
394 | ppa = None |
395 | @@ -889,15 +948,21 @@ for release in subprojects: |
396 | |
397 | |
398 | def release_sort(release_list): |
399 | - '''takes a list of release names and sorts them in release order''' |
400 | - |
401 | - # turn list into a tuples of (name, release stamp) |
402 | - rels = [(x, release_stamp(x)) for x in release_list] |
403 | - # sort list by release stamp (formatted to 20 places so we don't have to |
404 | - # worry about the number of digits in the stamp) but also prepend the |
405 | - # release name so releases that have the same stamp sort in alphabetical |
406 | - # order by name, then pull out just the names |
407 | - return [x[0] for x in sorted(rels, key=lambda x: ("%020d" % x[1]) + x[0])] |
408 | + '''takes a list of release names and sorts them in release order |
409 | + |
410 | + This is not a strict ordering based on when the release was made but a logic |
411 | + ordering used for human consumption. |
412 | + ''' |
413 | + |
414 | + # turn list into a tuples of (name, version) - we want sub-releases to sort |
415 | + # later than their parent, so introduce a hack to add one month to their |
416 | + # release version so they sort after their parent |
417 | + rels = [(x, release_version(x) + 0.01 if "/" in x else release_version(x)) |
418 | + for x in release_list] |
419 | + # sort by release version but also append the release name so releases that |
420 | + # have the same stamp sort in alphabetical order by name, then pull out just |
421 | + # the names |
422 | + return [x[0] for x in sorted(rels, key=lambda x: ("%02.2f" % x[1]) + x[0])] |
423 | |
424 | |
425 | def release_is_older_than(release_a, release_b): |
426 | diff --git a/scripts/test_cve_lib.py b/scripts/test_cve_lib.py |
427 | index 8d9792c..c5130dc 100755 |
428 | --- a/scripts/test_cve_lib.py |
429 | +++ b/scripts/test_cve_lib.py |
430 | @@ -71,10 +71,9 @@ class TestPackageOverrideTests: |
431 | |
432 | class TestReleaseSort: |
433 | def test_release_sort(self): |
434 | - print(cve_lib.all_releases) |
435 | assert cve_lib.release_sort( |
436 | - ["jammy", "focal", "xenial", "bionic", "esm-apps/jammy"]) == \ |
437 | - ["xenial", "bionic", "focal", "esm-apps/jammy", "jammy"] |
438 | + ["jammy", "focal", "esm-apps/bionic", "xenial", "bionic", "esm-apps/jammy"]) == \ |
439 | + ["xenial", "bionic", "esm-apps/bionic", "focal", "jammy", "esm-apps/jammy"] |
440 | |
441 | # check all release lists in cve_lib are sorted OOTB |
442 | @pytest.mark.parametrize("releases", |
Failing CI is unrelated to these changes - the unit tests all passed before it failed on check-syntax issues in various CVE files.