Am 23.01.2018 um 05:19 schrieb Sandro Tosi: >> What can we do to get this feature into reportbug? > > * did you update the patch to include the new contact field in > distribution.json and not hardcode the email address?
Done. > * did you test what happen in offline mode and fix the eventual regression? I have tested reportbug with reportbug --offline <package> and added a try/except block to catch any exceptions that may occur with Python Requests (timeouts, network errors, etc.). If we reach this point in our code without a network connection, the program will exit because we need the information in distributions.json to proceed. Otherwise everything else works as expected. > i did a quick check on the number of bugs reported in a week, and over > the 600+ bugs filed, less than 30 where for a stable release (either > stretch or previous ones); i think you may also clarify that prompt, > as i suspect users will get rather confused "how am i supposed to know > if this is a security update? i just apt-get upgrade the system and > now this package doesnt work" kind of scenario. I don't know how I can clarify this prompt at the moment. I have added it because the security team does not want to be informed of any bug report against a package with a stable update or security update. The description of the Y/N choice is quite clear. If you are not sure, press N. Otherwise just hit the Enter key. Before we can evaluate the usefulness of this prompt we need some data from experience. Please find attached the updated version of the patch. Regards, Markus
diff -Nru reportbug-7.1.8/bin/reportbug reportbug-7.1.8+nmu1/bin/reportbug
--- reportbug-7.1.8/bin/reportbug 2017-12-29 05:25:43.000000000 +0100
+++ reportbug-7.1.8+nmu1/bin/reportbug 2018-01-23 20:43:14.000000000 +0100
@@ -32,6 +32,8 @@
import optparse
import re
import locale
+import requests
+import json
import subprocess
import shlex
import email
@@ -1926,6 +1928,34 @@
listcc += ui.get_multiline(
'Enter any additional addresses this report should be sent to;
press ENTER after each address.')
+ # If the bug is reported against a package with a version that
+ # indicates a security update add the security or lts team to CC
+ # after user confirmation
+ is_security_update = False
+ if pkgversion:
+ regex = re.compile('(\+|~)deb(\d+)u(\d+)')
+ secversion = regex.search(pkgversion)
+ if secversion:
+ if ui.yes_no('Do you want to report a regression because of a
security update? ',
+ 'Yes, please inform the LTS and security teams.',
+ 'No or I am not sure.', True):
+ is_security_update = True
+ distnumber = secversion[2]
+ try:
+ r =
requests.get('https://security-tracker.debian.org/tracker/distributions.json')
+ except requests.exceptions.RequestException as e:
+ print (e)
+ sys.exit(1)
+ data = r.json()
+ support = 'none'
+ for key, value in data.items():
+ if distnumber == value['major-version']:
+ support = value['support']
+ email_address = value['contact']
+
+ if is_security_update and support != 'none':
+ listcc.extend(email_address)
+
if severity and rtype:
severity = debbugs.convert_severity(severity, rtype)
diff -Nru reportbug-7.1.8/debian/changelog reportbug-7.1.8+nmu1/debian/changelog
--- reportbug-7.1.8/debian/changelog 2017-12-29 05:25:43.000000000 +0100
+++ reportbug-7.1.8+nmu1/debian/changelog 2018-01-23 20:43:14.000000000
+0100
@@ -1,3 +1,10 @@
+reportbug (7.1.8+nmu1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ *
+
+ -- Markus Koschany <a...@debian.org> Tue, 23 Jan 2018 20:43:14 +0100
+
reportbug (7.1.8) unstable; urgency=medium
* reportbug/debbugs.py
signature.asc
Description: OpenPGP digital signature
