This avoids listing packages with limited support which clobber the output.
---
Do we want to enable this by default?
bin/lts-cve-triage.py | 7 ++++++-
bin/unsupported_packages.py | 43 +++++++++++++++++++++++++++++--------------
2 files changed, 35 insertions(+), 15 deletions(-)
diff --git a/bin/lts-cve-triage.py b/bin/lts-cve-triage.py
index f0f09d191..1c757b510 100755
--- a/bin/lts-cve-triage.py
+++ b/bin/lts-cve-triage.py
@@ -20,7 +20,7 @@ import argparse
import collections
from tracker_data import TrackerData, RELEASES
-from unsupported_packages import UnsupportedPackages
+from unsupported_packages import UnsupportedPackages, LimitedSupportPackages
def colored(x, *args, **kwargs):
return x
@@ -65,6 +65,8 @@ parser.add_argument('--skip-dla-needed', action='store_true',
help='Skip packages already in dla-needed.txt')
parser.add_argument('--skip-cache-update', action='store_true',
help='Skip updating the tracker data cache')
+parser.add_argument('--ignore-limited', action='store_true',
+ help='Ignore packages with limited security support')
parser.add_argument('--filter', nargs='+', choices=[x[0] for x in LIST_NAMES],
help='Only report on specified lists')
parser.add_argument('--exclude', nargs='+', choices=[x[0] for x in LIST_NAMES],
@@ -73,6 +75,9 @@ args = parser.parse_args()
tracker = TrackerData(update_cache=not args.skip_cache_update)
unsupported = UnsupportedPackages(update_cache=not args.skip_cache_update)
+if args.ignore_limited:
+ unsupported = unsupported.union(LimitedSupportPackages(update_cache=not
args.skip_cache_update))
+
def add_to_list(key, pkg, issue):
assert key in [l[0] for l in LIST_NAMES]
diff --git a/bin/unsupported_packages.py b/bin/unsupported_packages.py
index ffc062884..b6ba7cac9 100644
--- a/bin/unsupported_packages.py
+++ b/bin/unsupported_packages.py
@@ -19,28 +19,18 @@ import requests
re_line = re.compile(r'(?!#)(?P<pkg>[^\s]+)')
-class UnsupportedPackages(set):
- URL =
"https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/plain/security-support-ended.deb{}";
- CACHED_DATA_PATH = "~/.cache/security-support-ended.deb{}"
-
- def __init__(self, debian_version=7, update_cache=True):
- self.debian_version = debian_version
-
- self.cache = os.path.expanduser(self.CACHED_DATA_PATH).format(
- self.debian_version,
- )
+class DebSecSupport(set):
+ def __init__(self, update_cache):
if update_cache:
self.update_cache()
self.load()
def update_cache(self):
- url = self.URL.format(self.debian_version)
-
- print("Updating {} from {} ...".format(self.cache, url))
+ print("Updating {} from {} ...".format(self.cache, self.url))
- response = requests.get(url, allow_redirects=True)
+ response = requests.get(self.url, allow_redirects=True)
response.raise_for_status()
with open(self.cache, 'w') as f:
@@ -53,3 +43,28 @@ class UnsupportedPackages(set):
if m is not None:
self.add(m.group('pkg'))
+
+
+class UnsupportedPackages(DebSecSupport):
+ URL =
"https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/plain/security-support-ended.deb{}";
+ CACHED_DATA_PATH = "~/.cache/security-support-ended.deb{}"
+
+ def __init__(self, debian_version=7, update_cache=True):
+ self.debian_version = debian_version
+ self.url = self.URL.format(self.debian_version)
+
+ self.cache = os.path.expanduser(self.CACHED_DATA_PATH).format(
+ self.debian_version,
+ )
+
+ super(UnsupportedPackages, self).__init__(update_cache=True)
+
+
+class LimitedSupportPackages(DebSecSupport):
+ URL =
"https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/plain/security-support-limited";
+ CACHED_DATA_PATH = "~/.cache/security-support-limited"
+
+ def __init__(self, update_cache=True):
+ self.url = self.URL
+ self.cache = os.path.expanduser(self.CACHED_DATA_PATH)
+ super(LimitedSupportPackages, self).__init__(update_cache=True)
--
2.11.0
