| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Exit if any of the parallel processes return an error | Dan Fandrich | 2024-03-21 | 1 | -1/+10 |
| | | |||||
| * | Cross-check that at least one SRPM is listed in the advisory | Dan Fandrich | 2024-03-21 | 2 | -0/+5 |
| | | | | | An advisory must come with at least one fixed package. | ||||
| * | Use multiprocessing in mksite for improved speed | Dan Fandrich | 2024-03-19 | 2 | -20/+69 |
| | | | | | | | | | | | This generates templated files using some parallelism, reducing the total mksite time to less than half in my tests. Increasing parallelism even further is possible, but would make the code harder to understand. The obvious technique of generating each templated file in its own process is actually far slower because the overhead of process creation dwarfs the time spent processing the template, which is on average very small and quick. | ||||
| * | Write JSON index files for advisories | Dan Fandrich | 2024-03-14 | 3 | -0/+22 |
| | | | | | | | The JSON schema is simple and compatible with the one published in the Go Vulnerability Database. Security advisories and bugfix advisories each have their own index. | ||||
| * | Write JSON output files in mksite | Dan Fandrich | 2024-03-08 | 2 | -0/+3 |
| | | |||||
| * | Add 'showjson' command to output an advisory in OSV JSON | Dan Fandrich | 2024-03-08 | 4 | -0/+135 |
| | | | | | | | Open Source Vulnerability format is a standard for publishing vulnerabilities in Open Source projects and is defined at https://ossf.github.io/osv-schema/ | ||||
| * | Fix indentation in the new advisory template | Dan Fandrich | 2024-02-14 | 1 | -4/+4 |
| | | | | | | While the old indentation works, the new one passes yamllint, making it easier to automatically check for problems. | ||||
| * | template: change default CVE year to 2024 | Dan Fandrich | 2024-01-20 | 2 | -1/+6 |
| | | |||||
| * | Use https: links where possible | Dan Fandrich | 2024-01-20 | 4 | -6/+6 |
| | | |||||
| * | 0.270.27 | Thomas Backlund | 2023-07-02 | 2 | -1/+3 |
| | | |||||
| * | template: change default CVE year to 2023 | Thomas Backlund | 2023-07-02 | 2 | -1/+2 |
| | | |||||
| * | template: change default dist and dist-suffix for Mageia 9 | Thomas Backlund | 2023-07-02 | 2 | -2/+4 |
| | | |||||
| * | 0.260.26 | Thomas Backlund | 2021-01-14 | 2 | -1/+3 |
| | | |||||
| * | add missing NEWS entry | Thomas Backlund | 2021-01-14 | 1 | -0/+1 |
| | | |||||
| * | - template: change default dist and dist-suffix for Mageia 8 | Thomas Backlund | 2021-01-14 | 2 | -3/+6 |
| | | | | | - template: change default CVE year to 2021 | ||||
| * | Report the broken file rather than exploding when an advisory is invalid | Pascal Terjan | 2020-11-08 | 1 | -1/+9 |
| | | |||||
| * | fix typo | Thomas Backlund | 2019-05-20 | 1 | -1/+1 |
| | | |||||
| * | 0.250.25 | Thomas Backlund | 2019-05-20 | 2 | -1/+3 |
| | | |||||
| * | - template: change default dist and dist-suffix for Mageia | Thomas Backlund | 2019-05-20 | 2 | -3/+6 |
| | | | | | - template: change default CVE year to 2019 | ||||
| * | Rename 'make tar' tarball to match gitweb snapshot name | Rémi Verschelde | 2017-09-20 | 1 | -2/+2 |
| | | |||||
| * | 0.240.24 | Rémi Verschelde | 2017-09-20 | 2 | -1/+3 |
| | | |||||
| * | template: change default dist and dist-suffix for Mageia 6 | Rémi Verschelde | 2017-09-20 | 2 | -3/+5 |
| | | |||||
| * | Reset 'advisory' keyword instead of 'validated_update' for invalid advisories | Rémi Verschelde | 2017-09-20 | 2 | -2/+5 |
| | | | | | | This is now possible since 'advisory' was made a keyword, while it used to be written in the Whiteboard field. | ||||
| * | its 2016 now | Thomas Backlund | 2016-04-08 | 1 | -1/+1 |
| | | |||||
| * | use https in links to advisories | Thomas Backlund | 2016-04-08 | 2 | -3/+3 |
| | | |||||
| * | use https in mitre cve links | Thomas Backlund | 2016-04-08 | 4 | -4/+4 |
| | | |||||
| * | Add URL to descriptions | Pascal Terjan | 2016-02-29 | 1 | -0/+1 |
| | | |||||
| * | Version 0.230.23 | Rémi Verschelde | 2015-09-27 | 2 | -1/+3 |
| | | |||||
| * | template: also change dist-suffix from mga4 to mga5 | Rémi Verschelde | 2015-09-27 | 2 | -1/+3 |
| | | |||||
| * | Update NEWS for previous commit by pterjan | Rémi Verschelde | 2015-09-27 | 1 | -0/+1 |
| | | |||||
| * | Version 0.220.22 | Rémi Verschelde | 2015-09-27 | 2 | -1/+3 |
| | | |||||
| * | template: change default release to Mageia 5 now that Mageia 4 is EOL (+ ↵ | Rémi Verschelde | 2015-09-27 | 2 | -3/+7 |
| | | | | | plural in title) | ||||
| * | Add missing 'the' article | Shlomi Fish | 2015-04-24 | 1 | -1/+1 |
| | | |||||
| * | Add functions useful to generate update descriptions | Pascal Terjan | 2015-03-15 | 1 | -0/+27 |
| | | |||||
| * | Version 0.210.21 | Rémi Verschelde | 2014-11-30 | 1 | -0/+2 |
| | | |||||
| * | Add [name] argument to mgaadv to prefill the template | Rémi Verschelde | 2014-11-30 | 4 | -11/+14 |
| | | |||||
| * | Drop mga3 template | Rémi Verschelde | 2014-11-30 | 1 | -3/+0 |
| | | |||||
| * | Pre-fill subject for security adv | Rémi Verschelde | 2014-11-30 | 1 | -3/+4 |
| | | |||||
| * | Version 0.200.20 | Colin Guthrie | 2014-11-25 | 2 | -1/+3 |
| | | |||||
| * | Print out the bug link when processing advisories. | Colin Guthrie | 2014-11-25 | 2 | -1/+2 |
| | | | | | | I'm forever missing this information and having to manually find which advisory I'm actually looking at, let's just print it out. | ||||
| * | Ensure we're in the advisory dir before running svn commands. | Colin Guthrie | 2014-11-25 | 1 | -2/+4 |
| | | |||||
| * | Add option to post to bugzilla during ID assignment. | Colin Guthrie | 2014-11-25 | 2 | -2/+22 |
| | | | | | | | Allow the operator to optionally post to Bugzilla (and remove the validated_update keyword) if the id assignment fails during cross checks. | ||||
| * | Add support for authenticated bugzilla in QA mode. | Colin Guthrie | 2014-11-25 | 2 | -4/+34 |
| | | | | | | | This will allow QA team to post automated messages to BZ when trying to assign IDs and the cross check fails for whatever reason (typically deependent bugs or SRPM check failures). | ||||
| * | Buffer up our checklist text so we can use it later. | Colin Guthrie | 2014-11-25 | 1 | -17/+31 |
| | | | | | The intention is to post this to bugzilla. | ||||
| * | Add a 'publishall' option to attempt to publish all pending advisories. | Colin Guthrie | 2014-11-25 | 3 | -0/+39 |
| | | |||||
| * | Allow overriding of dependent bug check. | Colin Guthrie | 2014-10-07 | 1 | -1/+19 |
| | | | | | | | | | | | | | | | | | | Sometimes a batch of updates will contain some updates dependent on other updates to be pushed at the same time. Until the update is actually pushed, the bug will not be closed. Thus a chicken and egg scenario. While we could evaluate which bugs are in the update queue to be processed and make sure we process them first and add them to an internal whitelist, this would require talking to bugzilla for all bugs first, then processing them. This approach is definitely possible and desirable and when a 'process-all' verb is added, this will likely be done. But in the short term, deferring to the user is easier! | ||||
| * | Fix bugnum regexp for '12345.mga4' type advisory names | Colin Guthrie | 2014-08-21 | 2 | -3/+3 |
| | | |||||
| * | Add check to highlight that the first reference must be the MGA advisory bug | Colin Guthrie | 2014-08-21 | 2 | -0/+6 |
| | | |||||
| * | Version 0.190.19 | Colin Guthrie | 2014-08-13 | 2 | -1/+4 |
| | | |||||
| * | Check that SRPMs exist when publishing updates. | Colin Guthrie | 2014-08-12 | 2 | -1/+24 |
| | | | | | This is thanks to a small, but simple API available via http://repository.mageia.org/ | ||||
 |
index : mgaadvisories | |
| Scripts to Help with Update Advisories | Nicolas Vigier [boklm] |
| aboutsummaryrefslogtreecommitdiffstats |