Am 10.12.2017 um 13:35 schrieb Salvatore Bonaccorso: [...] >>> and beeing accessible under https://security-tracker.debian.org/tracker/distributions.json >> >> That makes as lot of sense! (I used YAML in the example for readability, >> output of the tracker should be JSON). The main reason why I'd prefer >> the tracker is that we can update the file ourselves when switching >> releases. > > Yes I can understand why you prefer the security-tracker itself. My > convern was (and still in back on my head), we add more mappings. But > with eabove, we do not need to take care of stable->oldstable, etc ... > just add the who-is-supporting field. > > A version of the above is live on the security-tracker, but I have not > yet commited the changes. I would first like to know: are you happy > with the 'major-version' nomenclature, otherwise we could change it to > 'version'. 'support' should maybe 'support-by'? Hi, IMO my version of distributions.json did the same thing. We only can deduce the version from the package, so the version was the key and the values were "lts", "oldstable", "stable". Everything else is not supported. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=2;bug=878088;filename=distribution.json;msg=45 For the next LTS this file would look like 8: "lts" 9: "stable" and then 8: "lts" 9: "oldstable" 10: "stable" More information is not required. The code looks like that: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=878088;filename=reportbug.debdiff;msg=45 Of course I can also use the new json file. If I don't hear any further objections I am going to use https://security-tracker.debian.org/tracker/distributions.json from now on. I intend to release an update of reportbug for Wheezy next week. Please contact me if you are interested in an upgrade for Jessie and Stretch as well. Regards, Markus
Attachment:
signature.asc
Description: OpenPGP digital signature