mgaadvisories/tmpl, branch master Scripts to Help with Update Advisories More accurately classify reference links in the JSON output 2026-04-13T18:14:59+00:00 Dan Fandrich danf@mageia.org 2026-04-13T17:34:56+00:00 3b14ce55b5a2ee4865f6c84365cf1b67d37dab12 Use some simple heuristics to determine if each reference link is an advisory, a report or a generic link. Despite the simplicity, the classification ends up being surprisingly accurate, mostly because there are only a few sites generally used for advisories and reports, and errors are almost always harmless false negatives which end up in the generic "web" type. 
Use some simple heuristics to determine if each reference link is an
advisory, a report or a generic link. Despite the simplicity, the
classification ends up being surprisingly accurate, mostly because there
are only a few sites generally used for advisories and reports, and
errors are almost always harmless false negatives which end up in the
generic "web" type.
Move CVEs into the new "upstream" field in OSV output 2026-03-24T17:28:08+00:00 Dan Fandrich danf@mageia.org 2026-03-24T17:24:46+00:00 bcf7073c6da803ed3a9feda30936b585eba11087 This field is a better match for these than "related". 
This field is a better match for these than "related".
Change default CVE year in new advisories to 2026 2025-12-01T21:32:10+00:00 Dan Fandrich danf@mageia.org 2025-12-01T21:32:10+00:00 c4b640c3d1536ef3427873dc0e115523a678cb15 






Escape text when writing HTML (mga#17478)
2025-09-10T03:50:36+00:00

Dan Fandrich
danf@mageia.org

2025-09-10T03:50:36+00:00

a70d437f277731800f44ed241a0154fc6984a129












Include source=arch in the JSON purl parameter
2025-03-22T18:37:53+00:00

Dan Fandrich
danf@mageia.org

2025-03-20T07:11:54+00:00

d7762e525a9ba7bd62af6e2d6906a6ba03fb706b

This identifies the packages as source packages, which is the only type
we supply in advisories.  This is done in the same way as Debian, Ubuntu
and Alpine (at least) and indicates that the package is not the binary
package that is usually installed by users.





This identifies the packages as source packages, which is the only type
we supply in advisories.  This is done in the same way as Debian, Ubuntu
and Alpine (at least) and indicates that the package is not the binary
package that is usually installed by users.







Remove a couple of unneeded spaces in vulns.json
2025-02-25T22:12:38+00:00

Dan Fandrich
danf@mageia.org

2025-02-25T22:11:04+00:00

35e7b4f210e7a688be8af6868f14e7057b310f98

This file grows unbounded with all vulnerabilities so reducing its size
even by a little can be valuable.





This file grows unbounded with all vulnerabilities so reducing its size
even by a little can be valuable.







template: fix encoding i18n text in JSON advisories
2025-02-18T00:10:18+00:00

Dan Fandrich
danf@mageia.org

2025-02-18T00:09:21+00:00

ce9772e170adb496b6b3a14da8ee0b537c6010f8

The default JSON encoding assumed the input was Latin-1, not the UTF-8
it is.





The default JSON encoding assumed the input was Latin-1, not the UTF-8
it is.







Change default CVE year in new advisories to 2025
2024-12-06T22:38:27+00:00

Dan Fandrich
danf@mageia.org

2024-12-06T22:34:01+00:00

de99d3fd825cef502d237106a42eb990ed9a92d6












Sort all hash keys in templates
2024-12-06T22:38:27+00:00

Dan Fandrich
danf@mageia.org

2024-12-06T22:23:17+00:00

8c9932cc19a8fe9b29714ef81e15db96e6651d04

This results in deterministic output, so multiple runs will produce the
same output.





This results in deterministic output, so multiple runs will produce the
same output.







Show how to get the OSV format advisories on the infos page
2024-04-17T03:30:01+00:00

Dan Fandrich
danf@mageia.org

2024-04-17T03:28:01+00:00

f395e04543e3fe7e1d246500727c8de4cbf3c476