diff options
| author | Emilio Pozuelo Monfort <pochu@debian.org> | 2021-02-03 12:53:03 +0100 |
|---|---|---|
| committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2021-02-03 12:53:35 +0100 |
| commit | 1efd83d53a64db67e071e0a4aa54536405d2cb39 (patch) | |
| tree | d01e9ed0370d9e1541837374b986c76879bc1c60 /bin | |
| parent | dc0b8070d26f0f9f8bb399192cbf9e3dd5db4314 (diff) | |
merge-cve-files: support replacing main (sid) annotations
Diffstat (limited to 'bin')
| -rwxr-xr-x | bin/merge-cve-files | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/bin/merge-cve-files b/bin/merge-cve-files index a36e4c7b6b..b980cfbdbc 100755 --- a/bin/merge-cve-files +++ b/bin/merge-cve-files @@ -12,30 +12,37 @@ import setup_paths # noqa from debian_support import internRelease from sectracker.parsers import cvelist, writecvelist, PackageAnnotation -def merge_annotations(old_annotations, new_annotation): +def merge_annotations(annotations, new_annotation): if not isinstance(new_annotation, PackageAnnotation): raise NotImplementedError(f"unsupported annotation of type {type(annotation)}") - # filter out the current annotation, if any - annotations = [ann for ann in old_annotations - if not isinstance(ann, PackageAnnotation) - or ann.package != new_annotation.package - or ann.release != new_annotation.release] + annotations = list(annotations) - # append the new one at the right place + # append/substitute the new one at the right place for idx, annotation in enumerate(annotations): if not isinstance(annotation, PackageAnnotation) \ or annotation.package != new_annotation.package: continue + # if the annotation is for the same package/release, replace it + if annotation.package == new_annotation.package \ + and annotation.release == new_annotation.release: + annotations[idx] = new_annotation + break + + # if the next annotation's release is the same, we continue to replace + # it in the next iteration. otherwise if we found the right place, we + # insert the new annotation next_annotation = annotations[idx + 1] if len(annotations) > (idx + 1) else None if next_annotation and isinstance(next_annotation, PackageAnnotation) \ and next_annotation.package == new_annotation.package \ - and internRelease(new_annotation.release) < internRelease(next_annotation.release): + and internRelease(new_annotation.release) <= internRelease(next_annotation.release): continue annotations.insert(idx + 1, new_annotation) - return annotations + break + + return annotations def parse_list(path): data, messages = cvelist(path) |