Merge ~litios/ubuntu-cve-tracker:customer_ppa_metadata into ubuntu-cve-tracker:master
Status: | Rejected |
---|---|
Rejected by: | David Fernandez Gonzalez |
Proposed branch: | ~litios/ubuntu-cve-tracker:customer_ppa_metadata |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
228 lines (+102/-42) 8 files modified
scripts/cve_lib.py (+32/-42) scripts/test_cve_lib.py (+36/-0) test/subprojects/bar/focal/supported.txt (+1/-0) test/subprojects/bar/priority-critical (+8/-0) test/subprojects/bar/priority-invalid-value (+8/-0) test/subprojects/foo/focal/supported.txt (+1/-0) test/subprojects/foo/priority-critical (+8/-0) test/subprojects/foo/priority-invalid-value (+8/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
David Fernandez Gonzalez | Disapprove | ||
Emilia Torino | Pending | ||
Eduardo Barretto | Pending | ||
Review via email: mp+442260@code.launchpad.net |
Commit message
Currently, only UCT CVEs could contain metadata fields. This commit
allows other project CVEs to have metadata, that will be loaded
into the main structure under the External-Metadata tag
Description of the change
The following fields have been considered for the external CVEs:
> 'Assigned-to', 'Notes', 'Priority', 'References'
The main motivation behind this change is so we can assign a different person to a subproject CVE as well as priority, as that may differ from the one designed in the Ubuntu CVE.
If metadata is present on the subproject CVE, it will be picked up when loading the main CVE file. If not, it will simply omit it.
Example: https:/
Example with error: https:/
Unmerged commits
- 5ba83c0... by David Fernandez Gonzalez
-
unit-tests:0 (build) check-cves:0 (build) 1 → 2 of 2 results First • Previous • Next • Last - 476f5b9... by David Fernandez Gonzalez
-
unit-tests:0 (build) check-cves:0 (build) 1 → 2 of 2 results First • Previous • Next • Last
hey, thanks for this changes, before checking it, could you please run and paste the output:
$ python3-coverage run -a -m pytest scripts/
I also wonder if we should move those tests hidden inside $UCT/scripts to $UCT/test. But this could be done in a separate PR.