ubuntu-security-tools

Merge ~jslarraz/ubuntu-security-tools:fix-increment-version into ubuntu-security-tools:master

  1. Git
  2. lp:~jslarraz/ubuntu-security-tools
  3. fix-increment-version
  4. Merge into master
Proposed by Jorge Sancho Larraz
Status: Merged
Approved by: Eduardo Barretto
Approved revision: 3f4d285f1a432215ec99f58f3fe803159a86ff90
Merged at revision: d97cb07d2246f9fbb35e6b322a8fe5be32274019
Proposed branch: ~jslarraz/ubuntu-security-tools:fix-increment-version
Merge into: ubuntu-security-tools:master
Diff against target: 75 lines (+16/-15)
3 files modified
build-tools/umt (+0/-12)
package-tools/increment_version.py (+11/-3)
package-tools/test_increment_version.py (+5/-0)
Reviewer Review Type Date Requested Status
Eduardo Barretto Approve
Review via email: mp+461971@code.launchpad.net

Commit message

umt/increment_version: fix regex for ~XX.YY versions

To post a comment you must log in.
Revision history for this message
Ian Constantin (iconstantin) wrote :

The changes lgtm re: what we discussed in sec-priv, thanks!

Revision history for this message
Eduardo Barretto (ebarretto) wrote :

lgtm!
I just added a comment, but that could be added to this PR or added later directly.

review: Approve
Revision history for this message
Jorge Sancho Larraz (jslarraz) wrote :

Missing test case added in https://git.launchpad.net/~jslarraz/ubuntu-security-tools/commit/?id=b7a1abef32bf738d1c6f826e970df4f50e6d5872 according to @ebaretto comment

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/build-tools/umt b/build-tools/umt
2index b76e9d6..7382143 100755
3--- a/build-tools/umt
4+++ b/build-tools/umt
5@@ -5623,18 +5623,6 @@ def launch_dch(old_ver, new_ver, release=None, note=None, is_devel_release=False
6 warn("Suggestion is not valid if releases have the same previous version\n" +
7 "Use '%s' style instead\n" % (re.sub('build.*', '', old_ver) + 'ubuntu0.Y.MM.1'))
8
9- release_name = None
10- release_num = None
11- if "security" in release:
12- release_name = release.split("-")[0]
13-
14- if release_name:
15- release_num = BetterUbuntuDistroInfo().get_release(release_name)
16-
17- if release_num:
18- if release_num == old_ver[-5:]:
19- new_ver = old_ver+".1"
20-
21 if is_devel_release and not build:
22 command = ['/usr/bin/dch', '-i']
23 else:
24diff --git a/package-tools/increment_version.py b/package-tools/increment_version.py
25index 8fa2669..e56dc1e 100644
26--- a/package-tools/increment_version.py
27+++ b/package-tools/increment_version.py
28@@ -157,20 +157,28 @@ def increment_version_security(old_version, esm=False, devel=False, details=None
29 new_version = old_version + suffix
30 if esm:
31 new_version = new_version + "~esm1"
32- elif re.search("~([0-9]+\\.)?([0-9]{2}\\.[0-9]{2})(\\.[0-9]+)$", old_version):
33+ elif re.search("~([0-9]+\\.)?([0-9]{2}\\.[0-9]{2})(\\.[0-9]+)?$", old_version):
34 # eg. ~XX.YY ~XX.YY.1, ~0.XX.YY.1
35 if devel:
36 new_version = increment_version_security(old_version.split("~")[0], esm=esm, devel=devel)
37 else:
38- split = old_version.split(".")
39- if len(split) == 2:
40+ # Intentionally not handling potential errors with details["release"] not in subprojects
41+ # or release_name.split(' ')[1] being len 1. It should not happen. If it crash we will
42+ # have the chance to look at the code instead of proposing a wrong version
43+ release_name = cve_lib.subprojects['ubuntu/' + details["release"]]['name']
44+ release_id = release_name.split(' ')[1]
45+
46+ # Handle ~XX.YY and ~0.XX.YY
47+ if old_version.endswith(release_id):
48 new_version = old_version + ".1"
49 if esm:
50 new_version = new_version + "~esm1"
51+ # Handle ~0.XX.YY.1
52 else:
53 if esm:
54 new_version = old_version + "+esm1"
55 else:
56+ split = old_version.split(".")
57 new_version = re.sub(
58 "\\.[0-9]+$", "." + str(int(split[len(split) - 1]) + 1), old_version
59 )
60diff --git a/package-tools/test_increment_version.py b/package-tools/test_increment_version.py
61index bebc5b0..6065217 100755
62--- a/package-tools/test_increment_version.py
63+++ b/package-tools/test_increment_version.py
64@@ -46,6 +46,11 @@ class TestIncrementVersion(unittest.TestCase):
65 TC("2.0cvs.20060707-2", "2.0cvs.20060707-2ubuntu1", devel=True),
66 TC("2.0-2ubuntu0.1~esm9", "2.0-2ubuntu0.1~esm10", esm=True),
67 TC("2.1.0-3build2~16.04.1", "2.1.0-3ubuntu0.1~esm1", esm=True),
68+ TC("2.1.0-1~0.16.04", "2.1.0-1~0.16.04.1", esm=False, details={'release': 'xenial'}),
69+ TC("2.1.0-1~16.04", "2.1.0-1~16.04.1", esm=False, details={'release': 'xenial'}),
70+ TC("2.1.0-1~16.04.1", "2.1.0-1~16.04.2", esm=False, details={'release': 'xenial'}),
71+ TC("2.1.0-1~16.04", "2.1.0-1~16.04.1~esm1", esm=True, details={'release': 'xenial'}),
72+ TC("2.1.0-1~16.04.1~esm1", "2.1.0-1~16.04.1~esm2", esm=True, details={'release': 'xenial'}),
73 TC("4.3-1", "4.3-1ubuntu0.1", details={'package': 'plib', 'release': 'focal'},
74 pkg_list={'focal': ['4.3-1', '', ''], 'jammy': ['4.3-2', '', '']},
75 msg="The exact same version is not used in other releases (debian build changes)"),

Subscribers

People subscribed via source and target branches