subject:"\[OE\-core\] \[kirkstone\]\[dunfell\]\[PATCH\] cve\-update\-nvd2\-native\: always pass str for json.loads\(\)"

Re: [OE-core] [kirkstone][dunfell][PATCH] cve-update-nvd2-native: always pass str for json.loads()

2023-07-27 Thread Yuta Hayama

Hi Steve,

On 2023/07/28 4:01, Steve Sakoman wrote:
> Will this change also work on master and mickledore?  If so, please submit
> for master and I will cherry-pick to the other branches.
> 
> I've been trying to keep the cve checking in the stable branches in sync
> with master as much as possible.

This patch can be applied to master and mickledore, but this patch is
actually only needed for build environments where the build host Python3
is earlier than 3.6.

I referred to the Yocto Project Reference Manual to find out which Linux
distributions are supported by each version of Yocto (OE-Core). 
The Linux distributions supported by mickledore are listed below, but I
think that none of them will install Python3 earlier than 3.6 by default.
This should be the same for master.

* Ubuntu 18.04, 20.04, 22.04
* Fedora 36, 37
* AlmaLinux 8.7, 9.1
* Debian GNU/Linux 11.x
* OpenSUSE Leap 15.3, 15.4

On the other hand, kirkstone supports Debian 9.x (with python 3.5 installed
by default) and dunfell supports Debian 9.x and Ubuntu 16.04 (also with
python 3.5 installed by default).

Therefore, I think strictly speaking only kirkstone and dunfell need this
patch. For other branches (i.e., those that are clearly intended to run on
Python 3.6 or later), there is no difference in behavior whether this patch
is applied or not. Rather, it may be better performance-wise to not apply
this patch, since it eliminates unnecessary decode() calls.

Yes, of course it is important to sync each stable branch with master. What
should we do in such a case...

Regards,

Yuta Hayama

> 
> Thanks!
> 
> Steve
> 
> On Wed, Jul 26, 2023 at 10:56 PM Yuta Hayama  wrote:
> 
>> Currently json.loads() accepts one of the types str, bytes, or bytearray
>> as an argument, but bytes and bytearrays have only been allowed since
>> python 3.6. The version of Python3 provided by default on Ubuntu 16.04
>> and Debian 9.x is 3.5, so make raw_data type str to work correctly on
>> these build hosts.
>>
>> Signed-off-by: Yuta Hayama 
>> ---
>>  meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb
>> b/meta/recipes-core/meta/cve-update-nvd2-native.bb
>> index 2f7dad7e82..67d76f75dd 100644
>> --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
>> +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
>> @@ -136,7 +136,7 @@ def nvd_request_next(url, api_key, args):
>>
>>  if (r.headers['content-encoding'] == 'gzip'):
>>  buf = r.read()
>> -raw_data = gzip.decompress(buf)
>> +raw_data = gzip.decompress(buf).decode("utf-8")
>>  else:
>>  raw_data = r.read().decode("utf-8")
>>
>> --
>> 2.25.1
>>
>>
> 

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#185006): 
https://lists.openembedded.org/g/openembedded-core/message/185006
Mute This Topic: https://lists.openembedded.org/mt/100387035/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][dunfell][PATCH] cve-update-nvd2-native: always pass str for json.loads()

2023-07-27 Thread Steve Sakoman

Will this change also work on master and mickledore?  If so, please submit
for master and I will cherry-pick to the other branches.

I've been trying to keep the cve checking in the stable branches in sync
with master as much as possible.

Thanks!

Steve

On Wed, Jul 26, 2023 at 10:56 PM Yuta Hayama  wrote:

> Currently json.loads() accepts one of the types str, bytes, or bytearray
> as an argument, but bytes and bytearrays have only been allowed since
> python 3.6. The version of Python3 provided by default on Ubuntu 16.04
> and Debian 9.x is 3.5, so make raw_data type str to work correctly on
> these build hosts.
>
> Signed-off-by: Yuta Hayama 
> ---
>  meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb
> b/meta/recipes-core/meta/cve-update-nvd2-native.bb
> index 2f7dad7e82..67d76f75dd 100644
> --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
> +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
> @@ -136,7 +136,7 @@ def nvd_request_next(url, api_key, args):
>
>  if (r.headers['content-encoding'] == 'gzip'):
>  buf = r.read()
> -raw_data = gzip.decompress(buf)
> +raw_data = gzip.decompress(buf).decode("utf-8")
>  else:
>  raw_data = r.read().decode("utf-8")
>
> --
> 2.25.1
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#184971): 
https://lists.openembedded.org/g/openembedded-core/message/184971
Mute This Topic: https://lists.openembedded.org/mt/100387035/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][dunfell][PATCH] cve-update-nvd2-native: always pass str for json.loads()

2023-07-27 Thread Yuta Hayama

Currently json.loads() accepts one of the types str, bytes, or bytearray
as an argument, but bytes and bytearrays have only been allowed since
python 3.6. The version of Python3 provided by default on Ubuntu 16.04
and Debian 9.x is 3.5, so make raw_data type str to work correctly on
these build hosts.

Signed-off-by: Yuta Hayama 
---
 meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb 
b/meta/recipes-core/meta/cve-update-nvd2-native.bb
index 2f7dad7e82..67d76f75dd 100644
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -136,7 +136,7 @@ def nvd_request_next(url, api_key, args):
 
 if (r.headers['content-encoding'] == 'gzip'):
 buf = r.read()
-raw_data = gzip.decompress(buf)
+raw_data = gzip.decompress(buf).decode("utf-8")
 else:
 raw_data = r.read().decode("utf-8")
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#184924): 
https://lists.openembedded.org/g/openembedded-core/message/184924
Mute This Topic: https://lists.openembedded.org/mt/100387035/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][dunfell][PATCH] cve-update-nvd2-native: always pass str for json.loads()

Re: [OE-core] [kirkstone][dunfell][PATCH] cve-update-nvd2-native: always pass str for json.loads()

[OE-core] [kirkstone][dunfell][PATCH] cve-update-nvd2-native: always pass str for json.loads()

3 matches

Site Navigation

Mail list logo

Footer information