Merge ~alexmurray/ubuntu-cve-tracker:try-lookup-kernel-cves-from-local-repo into ubuntu-cve-tracker:master
Status: | Merged |
---|---|
Merged at revision: | f0b7992bb2fa2e85c53ca3f374f0258c5345e9b8 |
Proposed branch: | ~alexmurray/ubuntu-cve-tracker:try-lookup-kernel-cves-from-local-repo |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
80 lines (+41/-6) 1 file modified
scripts/cve_lib.py (+41/-6) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Rodrigo Figueiredo Zaiden | Approve | ||
Ubuntu Security Team | Pending | ||
Review via email: mp+466121@code.launchpad.net |
Commit message
scripts/cve_lib.py: try looking up kernel commits from local git clone
First try and look up kernel git commit details from the locally configured
linux_kernel_path (this is already used in the kernel CVE triage scripts) and
then fallback to pulling down the individual commit via the network if that
fails.
This should speed up these operations when a local git repo exists is configured
AND has the relevant commits.
Tested with a simple example:
$ grep linux_kernel_path ~/.ubuntu-
$ time ./scripts/
real 0m6.611s
user 0m6.115s
sys 0m0.054s
$ sed -i s/'#linux_
$ time ./scripts/
real 0m6.173s
user 0m6.105s
sys 0m0.066s
$ diff active/
1c1
< Candidate: CVE-2025-00001
---
> Candidate: CVE-2025-00002
4c4
< https:/
---
> https:/
LGTM.
Thanks for this, was wanting something like that for a while.
Ran a few tests on my side and it is working fine!