On Thu, 26 Feb 2015 17:08:57 +0100 Holger Levsen wrote:
> so I've deployed my patches now and you can get json at
> https://security-tracker.debian.org/tracker/data/json now.
Cool!
I noticed the description fields are truncated, is that intentional?
Personally I would suggest to keep those at full length.
What about making the structure like this? I'm guessing the code only
produces one instance of each package.
{
"package1": {...},
"package2": {...},
}
> I haven't tested the output against a json validator yet... so feedback
> welcome and I do expect some more work to do...
Not a helpful error but the Python json loader tracebacks, try:
>>> import json
>>> with open('json') as f: data = json.load(f)
> - should the output include description fields if the value is "null"?
> - should the output include nodsa fields if the value is "null"?
> - should the output include remote fields if the value is "null"?
Probably not.
> - for the releases with issue status != "resolved", should the version be
> ommitted? (as its rather meaningless then... also the repositories fields also
> contain those versions. (and those should be kept IMO)
Hmm, I wouldn't have thought there would be a version present for
unfixed issues? The raw data in the CVE list certainly doesn't have
version numbers for unfixed issues. I'm thinking omit such versions.
--
bye,
pabs
https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part