On Sun, 2015-02-22 at 19:00 +0100, Holger Levsen wrote: > On Sonntag, 22. Februar 2015, Paul Wise wrote: > > I see a bunch of urgency set to "high**" and "medium**", should it > > be "high" and "medium" instead? > > this comes directly from the database, so I don't think it should be modified.
Hmm, it appears that these are the default urgency from NVD and the ones without asterisks are ones set by SVN committers. That doesn't appear to be a distinction worth preserving but it is fine to do so. Please ensure that this json is linked to from the front page of the security tracker and from the security tracker documentation so that people building on it can find it easily. It is vastly more friendly to potential consumers than the current output consumed by the PTS and the current output consumed by debsecan. We've already had people looking for JSON and trying to use the debsecan data. I think for other consumers of the data (not distro-tracker), exposing fixed version numbers might be interesting. For instance, someone with 500 machines who aggregates host/package/version information and then correlates that with the list of security issues from the sectracker. I should stop bike-shedding though :) Anyway, the current JSON is good for the distro-tracker from a content perspective (so please deploy) but it doesn't load using the python JSON module so it is probably not valid JSON, I'd suggest using Python's json.dump instead of whatever method you are using now. >>> with open('json') as f: data = json.load(f) ... Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python2.7/json/__init__.py", line 290, in load **kw) File "/usr/lib/python2.7/json/__init__.py", line 338, in loads return _default_decoder.decode(s) File "/usr/lib/python2.7/json/decoder.py", line 369, in decode raise ValueError(errmsg("Extra data", s, end, len(s))) ValueError: Extra data: line 1 column 4 - line 428027 column 1 (char 3 - 10590028) -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part