Ubuntu CVE Tracker

Merge ~alexmurray/ubuntu-cve-tracker:fix-lp-2028915-by-moving-priority-reason-checking-to-check-syntax into ubuntu-cve-tracker:master

  1. Git
  2. lp:~alexmurray/ubuntu-cve-tracker
  3. fix-lp-2028915-by-moving-priority-reason-checking-to-check-syntax
  4. Merge into master
Proposed by Alex Murray
Status: Needs review
Proposed branch: ~alexmurray/ubuntu-cve-tracker:fix-lp-2028915-by-moving-priority-reason-checking-to-check-syntax
Merge into: ubuntu-cve-tracker:master
Diff against target: 57 lines (+14/-7)
2 files modified
scripts/check-syntax (+14/-0)
scripts/cve_lib.py (+0/-7)
Reviewer Review Type Date Requested Status
Steve Beattie Pending
Review via email: mp+447968@code.launchpad.net

Description of the change

Quick change to move priority reason checking out of cve_lib and into check-syntax as per https://bugs.launchpad.net/ubuntu-cve-tracker/+bug/2028915

To post a comment you must log in.
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

Should we revive and rebase this PR?

Reply
Revision history for this message
Alex Murray (alexmurray) wrote :

I have rebased this on current master but I suspect it will be redundant now that we are redoing all the work to rebase priority checking on NVD CVSS as per https://code.launchpad.net/~emitorino/ubuntu-cve-tracker/+git/ubuntu-cve-tracker/+merge/459935

Reply

Unmerged commits

c0ceaff... by Alex Murray

scripts: move priority reason checking to check-syntax (LP: #2028915)

Signed-off-by: Alex Murray <email address hidden>

Failed
[SUCCEEDED] unit-tests:0 (build)
[FAILED] check-cves:0 (build)
12 of 2 results FirstPreviousNextLast

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/scripts/check-syntax b/scripts/check-syntax
index 3d7ee58..ba0aab7 100755
--- a/scripts/check-syntax
+++ b/scripts/check-syntax
@@ -52,6 +52,9 @@ required_fields = [
52 'Ubuntu-Description',52 'Ubuntu-Description',
53]53]
5454
55PRIORITY_REASON_REQUIRED = ["low", "high", "critical"]
56PRIORITY_REASON_DATE_START = "2023-07-11"
57
55def CVEs_from_CNA():58def CVEs_from_CNA():
56 """Returns a dict of CVEs assigned from the README in the embargoed cna59 """Returns a dict of CVEs assigned from the README in the embargoed cna
57 directory, using a space and text after CVE-NNNN-NNNN as indicator of60 directory, using a space and text after CVE-NNNN-NNNN as indicator of
@@ -442,6 +445,17 @@ def check_cve(cve):
442 )445 )
443 cve_okay = False446 cve_okay = False
444447
448 if data["PublicDate"] > PRIORITY_REASON_DATE_START and \
449 data["Priority"][0] in PRIORITY_REASON_REQUIRED and not data["Priority"][1]:
450 filename = srcmap["Priority"][0]
451 linenum = srcmap["Priority"][1]
452 print(
453 "%s: %d: needs a reason for being '%s'"
454 % (filename, linenum, data["Priority"][0]),
455 file=sys.stderr,
456 )
457 cve_okay = False
458
445 supported = []459 supported = []
446 for pkg in sorted(data["pkgs"].keys()):460 for pkg in sorted(data["pkgs"].keys()):
447 # Verify have required releases for each package461 # Verify have required releases for each package
diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
index a4690dd..4081ca0 100755
--- a/scripts/cve_lib.py
+++ b/scripts/cve_lib.py
@@ -64,8 +64,6 @@ else:
64 boilerplates_dir = "boilerplates"64 boilerplates_dir = "boilerplates"
6565
66PRODUCT_UBUNTU = "ubuntu"66PRODUCT_UBUNTU = "ubuntu"
67PRIORITY_REASON_REQUIRED = ["low", "high", "critical"]
68PRIORITY_REASON_DATE_START = "2023-07-11"
6967
70# common to all scripts68# common to all scripts
71# these get populated by the contents of subprojects defined below69# these get populated by the contents of subprojects defined below
@@ -2403,11 +2401,6 @@ def load_cve(cve, strict=False, srcmap=None):
2403 data['PublicDate'] = data['CRD']2401 data['PublicDate'] = data['CRD']
2404 srcmap['PublicDate'] = srcmap['CRD']2402 srcmap['PublicDate'] = srcmap['CRD']
24052403
2406 if data["PublicDate"] > PRIORITY_REASON_DATE_START and \
2407 data["Priority"][0] in PRIORITY_REASON_REQUIRED and not priority_reason:
2408 linenum = srcmap["Priority"][1]
2409 msg += "%s: %d: needs a reason for being '%s'\n" % (cve, linenum, data["Priority"][0])
2410 code = EXIT_FAIL
2411 for item in priority_reason:2404 for item in priority_reason:
2412 field = 'Priority' if not item else 'Priority_' + item2405 field = 'Priority' if not item else 'Priority_' + item
2413 data[field][1] = ' '.join(priority_reason[item])2406 data[field][1] = ' '.join(priority_reason[item])

Subscribers

People subscribed via source and target branches