Merge ~emitorino/review-tools:fix_usn_notfication_service_using_dpkg_list into review-tools:master
- Git
- lp:~emitorino/review-tools
- fix_usn_notfication_service_using_dpkg_list
- Merge into master
Proposed by
Emilia Torino
Status: | Merged |
---|---|
Approved by: | Alex Murray |
Approved revision: | 9d3b4107458ffdaac944558a73f00d15dcfde288 |
Merged at revision: | d4d7e8a69fdf1a912f47f923baa879e09d7b6ccc |
Proposed branch: | ~emitorino/review-tools:fix_usn_notfication_service_using_dpkg_list |
Merge into: | review-tools:master |
Diff against target: |
631 lines (+414/-22) 6 files modified
reviewtools/available.py (+13/-5) reviewtools/store.py (+19/-14) reviewtools/tests/test_available.py (+7/-3) tests/test-updates-available.sh (+9/-0) tests/test-updates-available.sh.expected (+103/-0) tests/test.sh.expected (+263/-0) |
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Alex Murray | Approve | ||
Review via email: mp+403485@code.launchpad.net |
Commit message
This is a MP to fix https:/
Description of the change
- store.py: consider faked-by-
- available.py: considering binary names could contain arch specifier when parsing dpkg.list
To post a comment you must log in.
Revision history for this message
Emilia Torino (emitorino) : | # |
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/reviewtools/available.py b/reviewtools/available.py |
2 | index fa52cae..e43960b 100644 |
3 | --- a/reviewtools/available.py |
4 | +++ b/reviewtools/available.py |
5 | @@ -416,9 +416,9 @@ def _update_seen(seen_fn, seen_db, pkg_db): |
6 | # rocks |
7 | def scan_store(secnot_db_fn, store_db_fn, seen_db_fn, pkgname, store_db_type="snap"): |
8 | """For each entry in store db (either snap or rock), see if there are any |
9 | - binary packages with security notices, if see report them if not in the |
10 | - seen db. We perform these actions on each snap and rock and do not form |
11 | - a queue to keep the implementation simple. |
12 | + binary packages with security notices, if see report them if not in the |
13 | + seen db. We perform these actions on each snap and rock and do not form |
14 | + a queue to keep the implementation simple. |
15 | """ |
16 | secnot_db = read_usn_db(secnot_db_fn) |
17 | store_db = read_file_as_json_dict(store_db_fn) |
18 | @@ -483,8 +483,16 @@ def scan_snap(secnot_db_fn, snap_fn, with_cves=False): |
19 | if not line.startswith("ii "): |
20 | continue |
21 | tmp = line.split() |
22 | + pkg_name = tmp[1] |
23 | + # Since dpkg 1.16.2, the binary name could include and arch qualifier: e.g liblz4-1:amd64 |
24 | + # For now we assume that if the colon is present, we are in a situation where the binary name is |
25 | + # including the arch. We could assert valid architectures as well but that means this code should be |
26 | + # updated as new arch are supported or even existing ones are removed. |
27 | + arch_qualifier_parts = pkg_name.split(":") |
28 | + if len(arch_qualifier_parts) == 2: |
29 | + pkg_name = arch_qualifier_parts[0] |
30 | man["parts"][fake_key]["stage-packages"].append( |
31 | - "%s=%s" % (tmp[1], tmp[2]) |
32 | + "%s=%s" % (pkg_name, tmp[2]) |
33 | ) |
34 | |
35 | secnot_db = read_usn_db(secnot_db_fn) |
36 | @@ -526,7 +534,7 @@ def scan_rock(secnot_db_fn, rock_fn, with_cves=False): |
37 | |
38 | def scan_shared_publishers(store_fn): |
39 | """Check store db for any snaps with a shared email that don't also have a |
40 | - mapping. |
41 | + mapping. |
42 | """ |
43 | store_db = read_file_as_json_dict(store_fn) |
44 | report = get_shared_snap_without_override(store_db) |
45 | diff --git a/reviewtools/store.py b/reviewtools/store.py |
46 | index 7cda73a..3e27b4e 100644 |
47 | --- a/reviewtools/store.py |
48 | +++ b/reviewtools/store.py |
49 | @@ -325,7 +325,7 @@ def get_pkg_revisions(item, secnot_db, errors, pkg_type="snap"): |
50 | |
51 | def get_shared_snap_without_override(store_db): |
52 | """Report snaps that use a shared email but don't have an entry for |
53 | - additional addresses. |
54 | + additional addresses. |
55 | """ |
56 | missing = {} |
57 | for item in store_db: |
58 | @@ -351,7 +351,7 @@ def get_shared_snap_without_override(store_db): |
59 | # TODO: support for build-packages is not fully implemented yet. |
60 | def get_staged_and_build_packages_from_manifest(m): |
61 | """Obtain list of packages in primed-stage-packages if section is present. |
62 | - If not, obtain it from stage-packages for various parts instead |
63 | + If not, obtain it from stage-packages for various parts instead |
64 | """ |
65 | if "parts" not in m: |
66 | debug("Could not find 'parts' in manifest") |
67 | @@ -366,14 +366,20 @@ def get_staged_and_build_packages_from_manifest(m): |
68 | manifest_has_primed_staged_section = False |
69 | |
70 | if "primed-stage-packages" in m and m["primed-stage-packages"] is not None: |
71 | + # An empty primed-stage-packages section (i.e. primed-stage-packages: []) |
72 | + # is consider valid as well. |
73 | manifest_has_primed_staged_section = True |
74 | # Note, prime-stage-packages is grouped with stage-packages |
75 | get_packages_from_manifest_section(d, m["primed-stage-packages"], "staged") |
76 | |
77 | for part in m["parts"]: |
78 | - # stage-packages part is only analyzed if primed-stage-packages is not |
79 | - # present. |
80 | - if not manifest_has_primed_staged_section: |
81 | + # stage-packages in each part is only analyzed if primed-stage-packages |
82 | + # is not present. The only exception is if the snap includes the |
83 | + # dpkg.list file (e.g. core snaps) since primed-stage-packages is always empty |
84 | + if ( |
85 | + not manifest_has_primed_staged_section |
86 | + or part == "faked-by-review-tools-dpkg" |
87 | + ): |
88 | if ( |
89 | "stage-packages" in m["parts"][part] |
90 | and m["parts"][part]["stage-packages"] is not None |
91 | @@ -401,8 +407,7 @@ def get_staged_and_build_packages_from_manifest(m): |
92 | |
93 | |
94 | def get_staged_packages_from_rock_manifest(m): |
95 | - """Obtain list of packages in stage-packages if section is present. |
96 | - """ |
97 | + """Obtain list of packages in stage-packages if section is present.""" |
98 | if "stage-packages" not in m: |
99 | debug("Could not find 'stage-packages' in manifest") |
100 | return None |
101 | @@ -426,7 +431,7 @@ def get_staged_packages_from_rock_manifest(m): |
102 | # key. |
103 | def get_packages_from_manifest_section(d, manifest_section, package_type): |
104 | """Obtain packages from a given manifest section (primed-stage-packages |
105 | - or stage-packages along with any build-packages for a given part) |
106 | + or stage-packages along with any build-packages for a given part) |
107 | """ |
108 | for entry in manifest_section: |
109 | if "=" not in entry: |
110 | @@ -451,7 +456,7 @@ def get_packages_from_manifest_section(d, manifest_section, package_type): |
111 | # snaps, git trees) |
112 | def get_packages_from_rock_manifest_section(d, manifest_section, package_type): |
113 | """Obtain packages from a given manifest section (rock manifest v1 only |
114 | - has staged-packages) |
115 | + has staged-packages) |
116 | """ |
117 | for entry in manifest_section: |
118 | # rock manifest v1 stage-packages section is a list of |
119 | @@ -486,8 +491,8 @@ def get_packages_from_rock_manifest_section(d, manifest_section, package_type): |
120 | |
121 | def normalize_and_verify_snap_manifest(m): |
122 | """Normalize manifest (ie, assign empty types if None for SafeLoader |
123 | - defaults) and verify snap manifest is well-formed and has everything we |
124 | - expect""" |
125 | + defaults) and verify snap manifest is well-formed and has everything we |
126 | + expect""" |
127 | # normalize toplevel keys |
128 | assign_type_to_dict_values(m, SnapReview.snap_manifest_required) |
129 | assign_type_to_dict_values(m, SnapReview.snap_manifest_optional) |
130 | @@ -507,9 +512,9 @@ def normalize_and_verify_snap_manifest(m): |
131 | |
132 | def normalize_and_verify_rock_manifest(m): |
133 | """Normalize manifest (ie, assign empty types if None for SafeLoader |
134 | - defaults) and verify rock manifest is well-formed and has everything we |
135 | - expect in this initial implementation. |
136 | - TODO: Update once rock manifest is properly implemented""" |
137 | + defaults) and verify rock manifest is well-formed and has everything we |
138 | + expect in this initial implementation. |
139 | + TODO: Update once rock manifest is properly implemented""" |
140 | # normalize toplevel keys |
141 | assign_type_to_dict_values(m, RockReview.rock_manifest_required) |
142 | assign_type_to_dict_values(m, RockReview.rock_manifest_optional) |
143 | diff --git a/reviewtools/tests/test_available.py b/reviewtools/tests/test_available.py |
144 | index 08e73de..a9ce71e 100644 |
145 | --- a/reviewtools/tests/test_available.py |
146 | +++ b/reviewtools/tests/test_available.py |
147 | @@ -568,7 +568,7 @@ each snap revision |
148 | |
149 | def test_check__secnot_report_for_kernel_stage_and_build_pkg_new_secnot(self): |
150 | """Test _secnot_report_for_pkg() - new secnot for build and |
151 | - staged pkg""" |
152 | + staged pkg""" |
153 | errors = {} |
154 | self.pkg_db = store.get_pkg_revisions( |
155 | self.kernel_store_db[0], self.secnot_kernel_and_build_pkgs_db, errors |
156 | @@ -912,6 +912,10 @@ Revision r12 (i386; channels: candidate, beta) |
157 | snap_fn = "./tests/test-core_16-2.37.2_amd64.snap" |
158 | res = available.scan_snap(self.secnot_core_with_dpkg_list_fn, snap_fn) |
159 | self.assertTrue(len(res) > 0) |
160 | + # This asserts a binary was obtained from the URLs since its not listed in the USN binaries keys |
161 | + self.assertIn("libc-bin", res) |
162 | + # This asserts the dpkg-query file was properly parsed and arch qualifiers were ignored LP: #1930105 |
163 | + self.assertIn("libc6", res) |
164 | self.assertIn("3323-1", res) |
165 | |
166 | def test_check_scan_snap_dpkg_list_app(self): |
167 | @@ -1063,7 +1067,7 @@ Revision r12 (i386; channels: candidate, beta) |
168 | |
169 | def test_check_scan_store_with_pkgname_bad_publisher(self): |
170 | """Test scan_store() - with pkgname and bad publisher - snaps and |
171 | - rocks |
172 | + rocks |
173 | """ |
174 | store_dbs = { |
175 | "snap": ["./tests/test-store-unittest-bad-1.db", "1ad"], |
176 | @@ -1128,7 +1132,7 @@ Revision r12 (i386; channels: candidate, beta) |
177 | self, |
178 | ): |
179 | """Test scan_store() - kernel snap and build pkg update but invalid |
180 | - snapcraft version""" |
181 | + snapcraft version""" |
182 | store_fn = "./tests/test-store-kernel-invalid-snapcraft-version.db" |
183 | (sent, errors) = available.scan_store( |
184 | self.secnot_build_pkgs_only_fn, store_fn, None, None |
185 | diff --git a/tests/test-core-with-primed-staged_16-2.37.2_amd64.snap b/tests/test-core-with-primed-staged_16-2.37.2_amd64.snap |
186 | new file mode 100644 |
187 | index 0000000..dc17a96 |
188 | Binary files /dev/null and b/tests/test-core-with-primed-staged_16-2.37.2_amd64.snap differ |
189 | diff --git a/tests/test-updates-available.sh b/tests/test-updates-available.sh |
190 | index fc90e53..05fea65 100755 |
191 | --- a/tests/test-updates-available.sh |
192 | +++ b/tests/test-updates-available.sh |
193 | @@ -242,6 +242,15 @@ echo "Running: snap-updates-available --with-cves --usn-db='./tests/test-usn-cor |
194 | PYTHONPATH=./ ./bin/snap-updates-available --with-cves --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-core_16-2.37.2_amd64.snap' 2>&1 | tee -a "$tmp" |
195 | echo "" | tee -a "$tmp" |
196 | |
197 | +# testing core snap with manifest including primed-stage-packages: [] LP: #1930106 |
198 | +echo "Running: snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-core-with-primed-staged_16-2.37.2_amd64.snap'" | tee -a "$tmp" |
199 | +PYTHONPATH=./ ./bin/snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./test-core-with-primed-staged_16-2.37.2_amd64.snap' 2>&1 | tee -a "$tmp" |
200 | +echo "" | tee -a "$tmp" |
201 | + |
202 | +echo "Running: snap-updates-available --with-cves --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-core-with-primed-staged_16-2.37.2_amd64.snap'" | tee -a "$tmp" |
203 | +PYTHONPATH=./ ./bin/snap-updates-available --with-cves --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-core-with-primed-staged_16-2.37.2_amd64.snap' 2>&1 | tee -a "$tmp" |
204 | +echo "" | tee -a "$tmp" |
205 | + |
206 | echo "Running: snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-dpkg-list-app_1.0_amd64.snap'" | tee -a "$tmp" |
207 | PYTHONPATH=./ ./bin/snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-dpkg-list-app_1.0_amd64.snap' 2>&1 | tee -a "$tmp" |
208 | echo "" | tee -a "$tmp" |
209 | diff --git a/tests/test-updates-available.sh.expected b/tests/test-updates-available.sh.expected |
210 | index 9558d25..20216b9 100644 |
211 | --- a/tests/test-updates-available.sh.expected |
212 | +++ b/tests/test-updates-available.sh.expected |
213 | @@ -1051,6 +1051,10 @@ Running: snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.d |
214 | "3323-1", |
215 | "3534-1" |
216 | ], |
217 | + "libc6": [ |
218 | + "3323-1", |
219 | + "3534-1" |
220 | + ], |
221 | "multiarch-support": [ |
222 | "3323-1", |
223 | "3534-1" |
224 | @@ -1073,6 +1077,69 @@ Running: snap-updates-available --with-cves --usn-db='./tests/test-usn-core-with |
225 | "CVE-2018-1000001" |
226 | ] |
227 | }, |
228 | + "libc6": { |
229 | + "3323-1": [ |
230 | + "CVE-2017-1000366" |
231 | + ], |
232 | + "3534-1": [ |
233 | + "CVE-2017-1000408", |
234 | + "CVE-2017-1000409", |
235 | + "CVE-2017-15670", |
236 | + "CVE-2017-15804", |
237 | + "CVE-2017-16997", |
238 | + "CVE-2017-17426", |
239 | + "CVE-2018-1000001" |
240 | + ] |
241 | + }, |
242 | + "multiarch-support": { |
243 | + "3323-1": [ |
244 | + "CVE-2017-1000366" |
245 | + ], |
246 | + "3534-1": [ |
247 | + "CVE-2017-1000408", |
248 | + "CVE-2017-1000409", |
249 | + "CVE-2017-15670", |
250 | + "CVE-2017-15804", |
251 | + "CVE-2017-16997", |
252 | + "CVE-2017-17426", |
253 | + "CVE-2018-1000001" |
254 | + ] |
255 | + } |
256 | +} |
257 | + |
258 | +Running: snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-core-with-primed-staged_16-2.37.2_amd64.snap' |
259 | +ERROR: Could not find './test-core-with-primed-staged_16-2.37.2_amd64.snap' |
260 | + |
261 | +Running: snap-updates-available --with-cves --usn-db='./tests/test-usn-core-with-dpkg-list.db' --snap='./tests/test-core-with-primed-staged_16-2.37.2_amd64.snap' |
262 | +{ |
263 | + "libc-bin": { |
264 | + "3323-1": [ |
265 | + "CVE-2017-1000366" |
266 | + ], |
267 | + "3534-1": [ |
268 | + "CVE-2017-1000408", |
269 | + "CVE-2017-1000409", |
270 | + "CVE-2017-15670", |
271 | + "CVE-2017-15804", |
272 | + "CVE-2017-16997", |
273 | + "CVE-2017-17426", |
274 | + "CVE-2018-1000001" |
275 | + ] |
276 | + }, |
277 | + "libc6": { |
278 | + "3323-1": [ |
279 | + "CVE-2017-1000366" |
280 | + ], |
281 | + "3534-1": [ |
282 | + "CVE-2017-1000408", |
283 | + "CVE-2017-1000409", |
284 | + "CVE-2017-15670", |
285 | + "CVE-2017-15804", |
286 | + "CVE-2017-16997", |
287 | + "CVE-2017-17426", |
288 | + "CVE-2018-1000001" |
289 | + ] |
290 | + }, |
291 | "multiarch-support": { |
292 | "3323-1": [ |
293 | "CVE-2017-1000366" |
294 | @@ -1095,6 +1162,10 @@ Running: snap-updates-available --usn-db='./tests/test-usn-core-with-dpkg-list.d |
295 | "3323-1", |
296 | "3534-1" |
297 | ], |
298 | + "libc6": [ |
299 | + "3323-1", |
300 | + "3534-1" |
301 | + ], |
302 | "multiarch-support": [ |
303 | "3323-1", |
304 | "3534-1" |
305 | @@ -1117,6 +1188,20 @@ Running: snap-updates-available --with-cves --usn-db='./tests/test-usn-core-with |
306 | "CVE-2018-1000001" |
307 | ] |
308 | }, |
309 | + "libc6": { |
310 | + "3323-1": [ |
311 | + "CVE-2017-1000366" |
312 | + ], |
313 | + "3534-1": [ |
314 | + "CVE-2017-1000408", |
315 | + "CVE-2017-1000409", |
316 | + "CVE-2017-15670", |
317 | + "CVE-2017-15804", |
318 | + "CVE-2017-16997", |
319 | + "CVE-2017-17426", |
320 | + "CVE-2018-1000001" |
321 | + ] |
322 | + }, |
323 | "multiarch-support": { |
324 | "3323-1": [ |
325 | "CVE-2017-1000366" |
326 | @@ -1813,6 +1898,10 @@ Running: snap-check-notices --no-fetch ./tests/test-core_16-2.37.2_amd64.snap |
327 | "3323-1", |
328 | "3534-1" |
329 | ], |
330 | + "libc6": [ |
331 | + "3323-1", |
332 | + "3534-1" |
333 | + ], |
334 | "multiarch-support": [ |
335 | "3323-1", |
336 | "3534-1" |
337 | @@ -1839,6 +1928,20 @@ Running: snap-check-notices --no-fetch --with-cves ./tests/test-core_16-2.37.2_a |
338 | "CVE-2018-1000001" |
339 | ] |
340 | }, |
341 | + "libc6": { |
342 | + "3323-1": [ |
343 | + "CVE-2017-1000366" |
344 | + ], |
345 | + "3534-1": [ |
346 | + "CVE-2017-1000408", |
347 | + "CVE-2017-1000409", |
348 | + "CVE-2017-15670", |
349 | + "CVE-2017-15804", |
350 | + "CVE-2017-16997", |
351 | + "CVE-2017-17426", |
352 | + "CVE-2018-1000001" |
353 | + ] |
354 | + }, |
355 | "multiarch-support": { |
356 | "3323-1": [ |
357 | "CVE-2017-1000366" |
358 | diff --git a/tests/test.sh.expected b/tests/test.sh.expected |
359 | index 499cd67..e79db3e 100644 |
360 | --- a/tests/test.sh.expected |
361 | +++ b/tests/test.sh.expected |
362 | @@ -26011,6 +26011,269 @@ test-content_0.1_all.snap: pass |
363 | } |
364 | } |
365 | |
366 | += test-core-with-primed-staged_16-2.37.2_amd64.snap = |
367 | +Errors |
368 | +------ |
369 | + - lint-snap-v2:snap_type_redflag |
370 | + (NEEDS REVIEW) type 'os' not allowed |
371 | +test-core-with-primed-staged_16-2.37.2_amd64.snap: FAIL |
372 | + |
373 | += --sdk test-core-with-primed-staged_16-2.37.2_amd64.snap = |
374 | += snap.v2_declaration = |
375 | +{ |
376 | + "error": {}, |
377 | + "info": {}, |
378 | + "warn": {} |
379 | +} |
380 | += snap.v2_functional = |
381 | +{ |
382 | + "error": {}, |
383 | + "info": {}, |
384 | + "warn": {} |
385 | +} |
386 | += snap.v2_lint = |
387 | +{ |
388 | + "error": { |
389 | + "lint-snap-v2:snap_type_redflag": { |
390 | + "manual_review": true, |
391 | + "text": "(NEEDS REVIEW) type 'os' not allowed" |
392 | + } |
393 | + }, |
394 | + "info": { |
395 | + "lint-snap-v2:apps_present": { |
396 | + "manual_review": false, |
397 | + "text": "OK (optional apps field not specified)" |
398 | + }, |
399 | + "lint-snap-v2:architecture_specified_needed:amd64": { |
400 | + "manual_review": false, |
401 | + "text": "Could not find compiled binaries for architecture 'amd64'" |
402 | + }, |
403 | + "lint-snap-v2:architecture_valid": { |
404 | + "manual_review": false, |
405 | + "text": "OK" |
406 | + }, |
407 | + "lint-snap-v2:assumes_valid": { |
408 | + "manual_review": false, |
409 | + "text": "OK (assumes not specified)" |
410 | + }, |
411 | + "lint-snap-v2:confinement_valid": { |
412 | + "manual_review": false, |
413 | + "text": "'confinement' should not be used with 'type: os'" |
414 | + }, |
415 | + "lint-snap-v2:description": { |
416 | + "manual_review": false, |
417 | + "text": "OK" |
418 | + }, |
419 | + "lint-snap-v2:description_present": { |
420 | + "manual_review": false, |
421 | + "text": "OK" |
422 | + }, |
423 | + "lint-snap-v2:grade_valid": { |
424 | + "manual_review": false, |
425 | + "text": "OK" |
426 | + }, |
427 | + "lint-snap-v2:hook_executable:configure": { |
428 | + "manual_review": false, |
429 | + "text": "OK" |
430 | + }, |
431 | + "lint-snap-v2:hooks_present": { |
432 | + "manual_review": false, |
433 | + "text": "OK (optional hooks field not specified)" |
434 | + }, |
435 | + "lint-snap-v2:iffy_files": { |
436 | + "manual_review": false, |
437 | + "text": "OK" |
438 | + }, |
439 | + "lint-snap-v2:name_valid": { |
440 | + "manual_review": false, |
441 | + "text": "OK" |
442 | + }, |
443 | + "lint-snap-v2:snap_manifest": { |
444 | + "manual_review": false, |
445 | + "text": "OK" |
446 | + }, |
447 | + "lint-snap-v2:snap_type_valid": { |
448 | + "manual_review": false, |
449 | + "text": "OK" |
450 | + }, |
451 | + "lint-snap-v2:summary": { |
452 | + "manual_review": false, |
453 | + "text": "OK" |
454 | + }, |
455 | + "lint-snap-v2:summary_present": { |
456 | + "manual_review": false, |
457 | + "text": "OK" |
458 | + }, |
459 | + "lint-snap-v2:title_present": { |
460 | + "manual_review": false, |
461 | + "text": "OK (optional title field not specified)" |
462 | + }, |
463 | + "lint-snap-v2:unknown_field": { |
464 | + "manual_review": false, |
465 | + "text": "OK" |
466 | + }, |
467 | + "lint-snap-v2:unknown_hook": { |
468 | + "manual_review": false, |
469 | + "text": "OK" |
470 | + }, |
471 | + "lint-snap-v2:valid_unicode": { |
472 | + "manual_review": false, |
473 | + "text": "ok" |
474 | + }, |
475 | + "lint-snap-v2:vcs_files": { |
476 | + "manual_review": false, |
477 | + "text": "OK" |
478 | + }, |
479 | + "lint-snap-v2:version_valid": { |
480 | + "manual_review": false, |
481 | + "text": "OK" |
482 | + } |
483 | + }, |
484 | + "warn": {} |
485 | +} |
486 | += snap.v2_security = |
487 | +{ |
488 | + "error": {}, |
489 | + "info": { |
490 | + "security-snap-v2:squashfs_files": { |
491 | + "manual_review": false, |
492 | + "text": "OK" |
493 | + }, |
494 | + "security-snap-v2:squashfs_repack_checksum": { |
495 | + "manual_review": false, |
496 | + "text": "OK" |
497 | + } |
498 | + }, |
499 | + "warn": {} |
500 | +} |
501 | + |
502 | += --json test-core-with-primed-staged_16-2.37.2_amd64.snap = |
503 | +{ |
504 | + "snap.v2_declaration": { |
505 | + "error": {}, |
506 | + "info": {}, |
507 | + "warn": {} |
508 | + }, |
509 | + "snap.v2_functional": { |
510 | + "error": {}, |
511 | + "info": {}, |
512 | + "warn": {} |
513 | + }, |
514 | + "snap.v2_lint": { |
515 | + "error": { |
516 | + "lint-snap-v2:snap_type_redflag": { |
517 | + "manual_review": true, |
518 | + "text": "(NEEDS REVIEW) type 'os' not allowed" |
519 | + } |
520 | + }, |
521 | + "info": { |
522 | + "lint-snap-v2:apps_present": { |
523 | + "manual_review": false, |
524 | + "text": "OK (optional apps field not specified)" |
525 | + }, |
526 | + "lint-snap-v2:architecture_specified_needed:amd64": { |
527 | + "manual_review": false, |
528 | + "text": "Could not find compiled binaries for architecture 'amd64'" |
529 | + }, |
530 | + "lint-snap-v2:architecture_valid": { |
531 | + "manual_review": false, |
532 | + "text": "OK" |
533 | + }, |
534 | + "lint-snap-v2:assumes_valid": { |
535 | + "manual_review": false, |
536 | + "text": "OK (assumes not specified)" |
537 | + }, |
538 | + "lint-snap-v2:confinement_valid": { |
539 | + "manual_review": false, |
540 | + "text": "'confinement' should not be used with 'type: os'" |
541 | + }, |
542 | + "lint-snap-v2:description": { |
543 | + "manual_review": false, |
544 | + "text": "OK" |
545 | + }, |
546 | + "lint-snap-v2:description_present": { |
547 | + "manual_review": false, |
548 | + "text": "OK" |
549 | + }, |
550 | + "lint-snap-v2:grade_valid": { |
551 | + "manual_review": false, |
552 | + "text": "OK" |
553 | + }, |
554 | + "lint-snap-v2:hook_executable:configure": { |
555 | + "manual_review": false, |
556 | + "text": "OK" |
557 | + }, |
558 | + "lint-snap-v2:hooks_present": { |
559 | + "manual_review": false, |
560 | + "text": "OK (optional hooks field not specified)" |
561 | + }, |
562 | + "lint-snap-v2:iffy_files": { |
563 | + "manual_review": false, |
564 | + "text": "OK" |
565 | + }, |
566 | + "lint-snap-v2:name_valid": { |
567 | + "manual_review": false, |
568 | + "text": "OK" |
569 | + }, |
570 | + "lint-snap-v2:snap_manifest": { |
571 | + "manual_review": false, |
572 | + "text": "OK" |
573 | + }, |
574 | + "lint-snap-v2:snap_type_valid": { |
575 | + "manual_review": false, |
576 | + "text": "OK" |
577 | + }, |
578 | + "lint-snap-v2:summary": { |
579 | + "manual_review": false, |
580 | + "text": "OK" |
581 | + }, |
582 | + "lint-snap-v2:summary_present": { |
583 | + "manual_review": false, |
584 | + "text": "OK" |
585 | + }, |
586 | + "lint-snap-v2:title_present": { |
587 | + "manual_review": false, |
588 | + "text": "OK (optional title field not specified)" |
589 | + }, |
590 | + "lint-snap-v2:unknown_field": { |
591 | + "manual_review": false, |
592 | + "text": "OK" |
593 | + }, |
594 | + "lint-snap-v2:unknown_hook": { |
595 | + "manual_review": false, |
596 | + "text": "OK" |
597 | + }, |
598 | + "lint-snap-v2:valid_unicode": { |
599 | + "manual_review": false, |
600 | + "text": "ok" |
601 | + }, |
602 | + "lint-snap-v2:vcs_files": { |
603 | + "manual_review": false, |
604 | + "text": "OK" |
605 | + }, |
606 | + "lint-snap-v2:version_valid": { |
607 | + "manual_review": false, |
608 | + "text": "OK" |
609 | + } |
610 | + }, |
611 | + "warn": {} |
612 | + }, |
613 | + "snap.v2_security": { |
614 | + "error": {}, |
615 | + "info": { |
616 | + "security-snap-v2:squashfs_files": { |
617 | + "manual_review": false, |
618 | + "text": "OK" |
619 | + }, |
620 | + "security-snap-v2:squashfs_repack_checksum": { |
621 | + "manual_review": false, |
622 | + "text": "OK" |
623 | + } |
624 | + }, |
625 | + "warn": {} |
626 | + } |
627 | +} |
628 | + |
629 | = test-core_16-2.37.2_amd64.snap = |
630 | Errors |
631 | ------ |
LGTM! Thanks Emi