potiuk opened a new pull request, #275: URL: https://github.com/apache/airflow-steward/pull/275
## Summary Vulnogram's UI reads `CNA_private.emailed` to decide whether the advisory email has been sent. The generator was hard-coding it to `None` regardless of state, so even records pushed at `PUBLIC` state (post-archive-URL — the advisory has demonstrably shipped) showed up in the UI as not-yet-emailed. Wire `emailed` to the same signal that already drives the `PUBLIC` state: when `compute_cna_private_state()` returns `"PUBLIC"` (CNA is review-ready AND a `vendor-advisory` reference is present), set `emailed = "yes"`; otherwise leave it `None`. Touches one site only — `wrap_cve_record()` in `tools/vulnogram/generate-cve-json/src/generate_cve_json/cve_json.py`. The state machine itself is unchanged. ## Test plan - [x] 3 new tests in `TestWrapCveRecord` cover `emailed` in each workflow state (DRAFT / REVIEW / PUBLIC). - [x] Full `generate-cve-json` suite green locally (188 passed). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
