Bug#761859: prototype ready

To: Holger Levsen <holger@layer-acht.org>
Cc: 761859@bugs.debian.org, Raphael Hertzog <hertzog@debian.org>
Subject: Bug#761859: prototype ready
From: Paul Wise <pabs@debian.org>
Date: Mon, 23 Feb 2015 07:45:15 +0800
Message-id: <[🔎] 1424648715.21361.83.camel@debian.org>
Reply-to: Paul Wise <pabs@debian.org>, 761859@bugs.debian.org
In-reply-to: <201502221900.40315.holger@layer-acht.org>
References: <201502220037.57041.holger@layer-acht.org> <[🔎] 1424611053.21361.69.camel@debian.org> <201502221900.40315.holger@layer-acht.org>

On Sun, 2015-02-22 at 19:00 +0100, Holger Levsen wrote:
> On Sonntag, 22. Februar 2015, Paul Wise wrote:
> > I see a bunch of urgency set to "high**" and "medium**", should it
> > be "high" and "medium" instead?
> 
> this comes directly from the database, so I don't think it should be modified.

Hmm, it appears that these are the default urgency from NVD and the ones
without asterisks are ones set by SVN committers. That doesn't appear to
be a distinction worth preserving but it is fine to do so.

Please ensure that this json is linked to from the front page of the
security tracker and from the security tracker documentation so that
people building on it can find it easily. It is vastly more friendly to
potential consumers than the current output consumed by the PTS and the
current output consumed by debsecan. We've already had people looking
for JSON and trying to use the debsecan data.

I think for other consumers of the data (not distro-tracker), exposing
fixed version numbers might be interesting. For instance, someone with
500 machines who aggregates host/package/version information and then
correlates that with the list of security issues from the sectracker.
I should stop bike-shedding though :)

Anyway, the current JSON is good for the distro-tracker from a content
perspective (so please deploy) but it doesn't load using the python JSON
module so it is probably not valid JSON, I'd suggest using Python's
json.dump instead of whatever method you are using now.

>>> with open('json') as f: data = json.load(f)
... 
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/json/__init__.py", line 290, in load
    **kw)
  File "/usr/lib/python2.7/json/__init__.py", line 338, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python2.7/json/decoder.py", line 369, in decode
    raise ValueError(errmsg("Extra data", s, end, len(s)))
ValueError: Extra data: line 1 column 4 - line 428027 column 1 (char 3 - 10590028)

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Bug#761859: prototype ready
  - From: Holger Levsen <holger@layer-acht.org>

References:
- Bug#761859: prototype ready
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Bug#761859: yaml...
Next by Date: Bug#761859: prototype ready
Previous by thread: Bug#761859: prototype ready
Next by thread: Bug#761859: prototype ready
Index(es):
- Date
- Thread