Re: Dealing with renamed source packages during CVE triaging
Hi,
On Fri, Jun 15, 2018 at 10:23:15AM +0200, Moritz Muehlenhoff wrote:
> On Fri, Jun 15, 2018 at 05:21:55PM +1000, Brian May wrote:
> > Brian May <bam@debian.org> writes:
> >
> > > So we could write a script, lets say:
> > > bin/list-potential-packages-affected-by-code-copies
> >
> > In investigating the possibility of this, I noticed the scripts in
> > lib/python/sectracker use legacy python coding standards.
> >
> > I have updated these files on my local box to work with Python 3, but
> > refraining from pushing for now, because of the possibilty I might break
> > something important.
>
> When the Debian Security Tracker was created, Python 3 didn't even exist
> yet :-)
>
> Feel free to make a pull request, I don't think we have a specific dependency
> on Python 2 modules anywhere. But it might take a bit to get reviewed/deployed
> as it's not a high priority issue.
To be kept in mind: whatever change is proposed for the code part of
the security tracker needs potentially to be able to run on the
security-tracker host soriano (running on stretch), preferably without
introducing new dependencies if they are not needed. Merge/pull requests
for those parts are preferred.
Regards,
Salvatore
Reply to: