Author: agx Date: 2016-04-09 18:44:35 +0000 (Sat, 09 Apr 2016) New Revision: 40843
Added: bin/support-ended.py Log: Given a package allow to check in which releases security support has ended By default we check if the package will be supported until the release goes EOL: $ bin/support-ended.py --lists debian-security-support/ tomcat6 Package unsupported in stretch Package unsupported in wheezy Package unsupported in jessie but we can also check if it support ends within the next N days: # tomcat6 is marked as EOL for 2016-12-31 $ bin/support-ended.py --lists debian-security-support/ tomcat6 --days 100 <empty> $ bin/support-ended.py --lists debian-security-support/ tomcat6 --days 300 Package unsupported in stretch Package unsupported in wheezy Package unsupported in jessie Signed-off-by: Guido G?\195?\188nther <a...@sigxcpu.org> Added: bin/support-ended.py =================================================================== --- bin/support-ended.py (rev 0) +++ bin/support-ended.py 2016-04-09 18:44:35 UTC (rev 40843) @@ -0,0 +1,99 @@ +#!/usr/bin/python +# vim: set fileencoding=utf-8 : +# +# Copyright 2016 Guido G�nther <a...@sigxcpu.org> +# +# This file is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# This file is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this file. If not, see <https://www.gnu.org/licenses/>. + +"""Check if and when support ended for a given package""" + +import argparse +import datetime +import glob +import os +import re +import sys + + +release_mapping = { + 'deb6': ('squeeze', '2016-02-29'), + 'deb7': ('wheezy', '2018-05-31'), + # End date not yet fixed + 'deb8': ('jessie', '2020-04-30'), + # Not even released yet + 'deb9': ('stretch', None), +} + + +SUPPORT_ENDED = 0 # security support ended in at least one suite +SUPPORT_FULL = 2 # fully supported in all known suites + + +def relnum_to_relname(relnum): + return release_mapping[relnum][0] + + +def release_eol(relnum): + eolstr = release_mapping[relnum][1] + return iso8601date_to_datetime(eolstr) if eolstr else None + + +def iso8601date_to_datetime(datestr): + return datetime.datetime.strptime(datestr, "%Y-%m-%d") + + +def find_releases(pkg, dir, days): + rels = [] + pkg_re = re.compile(r"(?P<PKG>%s)\s+[^\s]+\s+(?P<EOL>[0-9]{4}-[0-9]{2}-[0-9]{2})" % pkg) + pattern = "security-support-ended.deb*" + lists = glob.glob(os.path.join(dir, pattern)) + if not lists: + raise Exception("No lists matching %s found in %s", (pattern, dir)) + + end = datetime.datetime.today() + datetime.timedelta(days=days) if days else None + + for fn in lists: + _, ext = os.path.splitext(fn) + rel = ext[1:] + sup_needed_til = end or release_eol(rel) + with open(fn) as f: + for line in f: + m = pkg_re.match(line) + if m: + pkgeol = iso8601date_to_datetime(m.group("EOL")) + if not sup_needed_til or pkgeol < sup_needed_til: + rels.append(relnum_to_relname(rel)) + break + return rels + + +def main(): + parser = argparse.ArgumentParser( + description='Check if and when security support ended for a given package') + parser.add_argument('--lists', help='Directory that contains the lists of unsupported packages ', default='.') + parser.add_argument('--days', help='days of security support left, 0 == LTS Release end', type=int, default=0) + parser.add_argument('package', nargs=1, help='package to check') + + args = parser.parse_args() + + rels = find_releases(args.package[0], args.lists, args.days) + if rels: + for rel in rels: + print("Package unsupported in %s" % rel) + else: + return SUPPORT_FULL + return SUPPORT_ENDED + +if __name__ == '__main__': + sys.exit(main()) Property changes on: bin/support-ended.py ___________________________________________________________________ Added: svn:executable + *
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
