Re: script to add DSA's to tracker disabled
On Wed, December 22, 2010 21:35, Francesco Poli wrote: I ran a script that automatically added released DSA's to data/DSA/list. As this script uses bin/dsa2list and that tool cannot cope with the changed advisory format, it doesn't make sense to keep committing half parsed advisories. I am not sure I understand what you are proposing: are you saying that the automatic tracker update should be temporarily suspended, until dsa2list is fixed to parse the new advisory format? I hope dsa2list may be updated soon... If it was easily fixable I would have done that instead, but the problem is that dsa2list entirely depends on being able to download the .dsc. That is no longer listed in the advisory text due to DAK changes necessary for squeeze security support. As the advisory format is in flux for the upcoming time I don't think it's useful now to invest in a dsa2list rewrite, but rather await what we finally conclude to be the new format. May I go on reporting inconsistencies between DSAs and tracker data, whenever I notice any? Yes, the DSA's will be added as they used to be in the past: by hand. If one still isn't present after a while feel free to alert us. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/76b6e36dffbb00152e1caa326ace4c4f.squir...@wm.kinkhorst.nl
Re: script to add DSA's to tracker disabled
On Thu, 23 Dec 2010 11:25:53 +0100 Thijs Kinkhorst wrote: On Wed, December 22, 2010 21:35, Francesco Poli wrote: [...] I hope dsa2list may be updated soon... If it was easily fixable I would have done that instead, but the problem is that dsa2list entirely depends on being able to download the .dsc. That is no longer listed in the advisory text due to DAK changes necessary for squeeze security support. Ah, I see: now that's much more clear. Thanks for the explanation! As the advisory format is in flux for the upcoming time I don't think it's useful now to invest in a dsa2list rewrite, but rather await what we finally conclude to be the new format. It sounds reasonable... May I go on reporting inconsistencies between DSAs and tracker data, whenever I notice any? Yes, the DSA's will be added as they used to be in the past: by hand. If one still isn't present after a while feel free to alert us. OK, I'll do so. Thanks a lot for clarifying. Bye. -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! . Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE pgpUPtBBFYlol.pgp Description: PGP signature
script to add DSA's to tracker disabled
Hi, I ran a script that automatically added released DSA's to data/DSA/list. As this script uses bin/dsa2list and that tool cannot cope with the changed advisory format, it doesn't make sense to keep committing half parsed advisories. Cheers, Thijs signature.asc Description: This is a digitally signed message part.
Re: script to add DSA's to tracker disabled
On Wed, 22 Dec 2010 21:25:59 +0100, Thijs Kinkhorst wrote: Hi, I ran a script that automatically added released DSA's to data/DSA/list. As this script uses bin/dsa2list and that tool cannot cope with the changed advisory format, it doesn't make sense to keep committing half parsed advisories. Is there any way we could get the discussion on the subsequent changes to new format started. Hopefully the lost info that broke your script could be included in a more systematic manner to make it easier to automatically parse (maybe as a yaml attachment?). Mike -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101222153304.4a5c026b.michael.s.gilb...@gmail.com
Re: script to add DSA's to tracker disabled
On Wed, 22 Dec 2010 21:25:59 +0100 Thijs Kinkhorst wrote: Hi, Hi Thijs! I ran a script that automatically added released DSA's to data/DSA/list. As this script uses bin/dsa2list and that tool cannot cope with the changed advisory format, it doesn't make sense to keep committing half parsed advisories. I am not sure I understand what you are proposing: are you saying that the automatic tracker update should be temporarily suspended, until dsa2list is fixed to parse the new advisory format? I hope dsa2list may be updated soon... May I go on reporting inconsistencies between DSAs and tracker data, whenever I notice any? Please let me know. -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! . Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE pgpcq1t6cKJKG.pgp Description: PGP signature
Re: script to add DSA's to tracker disabled
On Wed, 22 Dec 2010 21:35:00 +0100, Francesco Poli wrote: On Wed, 22 Dec 2010 21:25:59 +0100 Thijs Kinkhorst wrote: Hi, Hi Thijs! I ran a script that automatically added released DSA's to data/DSA/list. As this script uses bin/dsa2list and that tool cannot cope with the changed advisory format, it doesn't make sense to keep committing half parsed advisories. I am not sure I understand what you are proposing: are you saying that the automatic tracker update should be temporarily suspended, until dsa2list is fixed to parse the new advisory format? I hope dsa2list may be updated soon... May I go on reporting inconsistencies between DSAs and tracker data, whenever I notice any? Since the script is disabled, the tracker won't be getting any new DSA pages automatically. We'll need to do that manual. If you see that hasn't been done after a couple days, just send a reminder. Thanks, Mike -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101222155601.c965b3a2.michael.s.gilb...@gmail.com
