Hi Markus, On Sun, Dec 10, 2017 at 03:58:30PM +0100, Markus Koschany wrote: > Am 10.12.2017 um 13:35 schrieb Salvatore Bonaccorso: > [...] > >>> and beeing accessible under > >>> https://security-tracker.debian.org/tracker/distributions.json > >> > >> That makes as lot of sense! (I used YAML in the example for readability, > >> output of the tracker should be JSON). The main reason why I'd prefer > >> the tracker is that we can update the file ourselves when switching > >> releases. > > > > Yes I can understand why you prefer the security-tracker itself. My > > convern was (and still in back on my head), we add more mappings. But > > with eabove, we do not need to take care of stable->oldstable, etc ... > > just add the who-is-supporting field. > > > > A version of the above is live on the security-tracker, but I have not > > yet commited the changes. I would first like to know: are you happy > > with the 'major-version' nomenclature, otherwise we could change it to > > 'version'. 'support' should maybe 'support-by'? > > Hi, > > IMO my version of distributions.json did the same thing. We only can > deduce the version from the package, so the version was the key and the > values were "lts", "oldstable", "stable". Everything else is not supported. > > https://bugs.debian.org/cgi-bin/bugreport.cgi?att=2;bug=878088;filename=distribution.json;msg=45 > > For the next LTS this file would look like > > 8: "lts" > 9: "stable" > > and then > > 8: "lts" > 9: "oldstable" > 10: "stable" > > > More information is not required. The code looks like that: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=878088;filename=reportbug.debdiff;msg=45 > > > Of course I can also use the new json file. If I don't hear any further > objections I am going to use > > https://security-tracker.debian.org/tracker/distributions.json > > from now on. I intend to release an update of reportbug for Wheezy next > week. Please contact me if you are interested in an upgrade for Jessie > and Stretch as well.
I have made the above change now live/commited. The file is still thus extensible and for futher (and future use). Thanks for your work on that! (as a personal note on my side, would have prefered to get less pressure). For jessie and stretch: such an update should go in via a point release (like for the debian-security-support package updates). We have not heard anything yet on the implementation side from the maintainer, Sandro, did you got Markus updates/proposals? Your input would be very appreciated :) Regards, Salvatore
