On Fri, 1 Dec 2017 09:28:26 +0100 Guido =?iso-8859-1?Q?G=FCnther?= <a...@sigxcpu.org> wrote: [...] > I would rather not make psql connections from reportbug. http is > ubiquitous and can be proxied. That's why I mentioned the security > tracker. The nice thing about the security tracker is that we can change > what's stable, oldstable or lts without involving anybody else.
Hi Guido, I have updated the patch according to your suggestions. It's a bit strange that we can't match release numbers and code name already. I think it would be best to implement this feature somewhere else but for the sake of moving forward the code will just fetch this json file now. At the moment I don't know the exact location at https://security-tracker.debian.org/ where I should put this information. Suggestions are welcome. Please find attached the debdiff against the latest version in unstable and the json file. Regards, Markus
diff -Nru reportbug-7.1.7/bin/reportbug reportbug-7.1.7/bin/reportbug --- reportbug-7.1.7/bin/reportbug 2017-05-29 22:00:17.000000000 +0200 +++ reportbug-7.1.7/bin/reportbug 2017-05-29 22:00:17.000000000 +0200 @@ -32,6 +32,8 @@ import optparse import re import locale +import requests +import json import subprocess import shlex import email @@ -1926,6 +1928,33 @@ listcc += ui.get_multiline( 'Enter any additional addresses this report should be sent to; press ENTER after each address.') + # If the bug is reported against a package with a version that + # indicates a security update add the security or lts team to CC + # after user confirmation + is_security_update = False + if pkgversion: + regex = re.compile('(\+|~)deb(\d+)u(\d+)') + secversion = regex.search(pkgversion) + if secversion: + if ui.yes_no('Do you want to report a regression because of a security update? ', + 'Yes, please inform the LTS and security teams.', + 'No or I am not sure.', True): + is_security_update = True + distnumber = secversion[2] + r = requests.get('https://security-tracker.debian.org/distribution.json') + data = r.json() + distribution = None + for key, value in data.items(): + if distnumber in key: + distribution = value + + if is_security_update and distribution is not None: + if distribution == 'lts': + email_address = ['debian-...@lists.debian.org'] + else: + email_address = ['t...@security.debian.org'] + listcc.extend(email_address) + if severity and rtype: severity = debbugs.convert_severity(severity, rtype)
distribution.json
Description: application/json
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Reportbug-maint mailing list Reportbug-maint@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reportbug-maint