Ubuntu CVE Tracker

Code review comment for ~eslerm/ubuntu-cve-tracker:check-cves-f-strings

  1. Git
  2. lp:~eslerm/ubuntu-cve-tracker
  3. check-cves-f-strings
  4. Merge into master
Revision history for this message
Steve Beattie (sbeattie) wrote :

 review approve

On Fri, Mar 15, 2024 at 10:52:17PM -0000, Mark Esler wrote:
> @@ -1344,20 +1351,20 @@ class CVEHandler(xml.sax.handler.ContentHandler):
> if dpkg_compare_versions(version, 'ge', fixed_version):
> if rel == cve_lib.devel_release:
> rel = 'devel'
> - fixed_in += ",%s,%s" % (rel, version)
> + fixed_in += f",{rel},{version}"
> break
> elif self.debian[cve]['pkgs'][pkg]['state'].startswith('<not-affected>') and \
> len(self.debian[cve]['pkgs'][pkg]['priority']) > 0:
> # capture that debian believes their version is unaffected
> - not_affected.append((pkg, "debian: %s" % self.debian[cve]['pkgs'][pkg]['priority']))
> - cmd += ['-p', "%s%s" % (pkg, fixed_in)]
> + not_affected.append(pkg, f"debian: {self.debian[cve]['pkgs'][pkg]['priority']}")

Note that the append() call here gets converted from a tuple to two
arguments, which append() won't accept. I added a commit to reinstate
the tuple:

 https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=946c26c48f8619120efe31c73581823d082dbb42

and have merged your changes with it to master.

Thanks!

--
Steve Beattie
<email address hidden>

review: Approve

« Back to merge proposal