Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Exit if any of the parallel processes return an error | Dan Fandrich | 2024-03-21 | 1 | -1/+10 |
| | |||||
* | Cross-check that at least one SRPM is listed in the advisory | Dan Fandrich | 2024-03-21 | 1 | -0/+4 |
| | | | | An advisory must come with at least one fixed package. | ||||
* | Use multiprocessing in mksite for improved speed | Dan Fandrich | 2024-03-19 | 1 | -20/+68 |
| | | | | | | | | | | This generates templated files using some parallelism, reducing the total mksite time to less than half in my tests. Increasing parallelism even further is possible, but would make the code harder to understand. The obvious technique of generating each templated file in its own process is actually far slower because the overhead of process creation dwarfs the time spent processing the template, which is on average very small and quick. | ||||
* | Write JSON index files for advisories | Dan Fandrich | 2024-03-14 | 1 | -0/+2 |
| | | | | | | The JSON schema is simple and compatible with the one published in the Go Vulnerability Database. Security advisories and bugfix advisories each have their own index. | ||||
* | Write JSON output files in mksite | Dan Fandrich | 2024-03-08 | 1 | -0/+2 |
| | |||||
* | Add 'showjson' command to output an advisory in OSV JSON | Dan Fandrich | 2024-03-08 | 1 | -0/+23 |
| | | | | | | Open Source Vulnerability format is a standard for publishing vulnerabilities in Open Source projects and is defined at https://ossf.github.io/osv-schema/ | ||||
* | Report the broken file rather than exploding when an advisory is invalid | Pascal Terjan | 2020-11-08 | 1 | -1/+9 |
| | |||||
* | Reset 'advisory' keyword instead of 'validated_update' for invalid advisories | Rémi Verschelde | 2017-09-20 | 1 | -2/+2 |
| | | | | | This is now possible since 'advisory' was made a keyword, while it used to be written in the Whiteboard field. | ||||
* | use https in links to advisories | Thomas Backlund | 2016-04-08 | 1 | -1/+1 |
| | |||||
* | Add URL to descriptions | Pascal Terjan | 2016-02-29 | 1 | -0/+1 |
| | |||||
* | Add missing 'the' article | Shlomi Fish | 2015-04-24 | 1 | -1/+1 |
| | |||||
* | Add functions useful to generate update descriptions | Pascal Terjan | 2015-03-15 | 1 | -0/+27 |
| | |||||
* | Add [name] argument to mgaadv to prefill the template | Rémi Verschelde | 2014-11-30 | 1 | -1/+2 |
| | |||||
* | Print out the bug link when processing advisories. | Colin Guthrie | 2014-11-25 | 1 | -1/+1 |
| | | | | | I'm forever missing this information and having to manually find which advisory I'm actually looking at, let's just print it out. | ||||
* | Ensure we're in the advisory dir before running svn commands. | Colin Guthrie | 2014-11-25 | 1 | -2/+4 |
| | |||||
* | Add option to post to bugzilla during ID assignment. | Colin Guthrie | 2014-11-25 | 1 | -2/+21 |
| | | | | | | Allow the operator to optionally post to Bugzilla (and remove the validated_update keyword) if the id assignment fails during cross checks. | ||||
* | Add support for authenticated bugzilla in QA mode. | Colin Guthrie | 2014-11-25 | 1 | -4/+33 |
| | | | | | | This will allow QA team to post automated messages to BZ when trying to assign IDs and the cross check fails for whatever reason (typically deependent bugs or SRPM check failures). | ||||
* | Buffer up our checklist text so we can use it later. | Colin Guthrie | 2014-11-25 | 1 | -17/+31 |
| | | | | The intention is to post this to bugzilla. | ||||
* | Add a 'publishall' option to attempt to publish all pending advisories. | Colin Guthrie | 2014-11-25 | 1 | -0/+24 |
| | |||||
* | Allow overriding of dependent bug check. | Colin Guthrie | 2014-10-07 | 1 | -1/+19 |
| | | | | | | | | | | | | | | | | | Sometimes a batch of updates will contain some updates dependent on other updates to be pushed at the same time. Until the update is actually pushed, the bug will not be closed. Thus a chicken and egg scenario. While we could evaluate which bugs are in the update queue to be processed and make sure we process them first and add them to an internal whitelist, this would require talking to bugzilla for all bugs first, then processing them. This approach is definitely possible and desirable and when a 'process-all' verb is added, this will likely be done. But in the short term, deferring to the user is easier! | ||||
* | Fix bugnum regexp for '12345.mga4' type advisory names | Colin Guthrie | 2014-08-21 | 1 | -3/+2 |
| | |||||
* | Add check to highlight that the first reference must be the MGA advisory bug | Colin Guthrie | 2014-08-21 | 1 | -0/+4 |
| | |||||
* | Check that SRPMs exist when publishing updates. | Colin Guthrie | 2014-08-12 | 1 | -1/+23 |
| | | | | This is thanks to a small, but simple API available via http://repository.mageia.org/ | ||||
* | Remove redundant text from report log message. | Colin Guthrie | 2014-08-12 | 1 | -1/+1 |
| | |||||
* | Close bugs in order. | Colin Guthrie | 2014-08-06 | 1 | -1/+1 |
| | | | | | Very minor issue but we may as well close the bugs in order of advisory. | ||||
* | Add support for automatically committing advisories after assigning ID. | Colin Guthrie | 2014-08-06 | 1 | -0/+50 |
| | | | | | This currently integrates with subversion, but it will be trivial to switch it to git. | ||||
* | Attempt to force ordering of emails when delivering several | Colin Guthrie | 2014-08-06 | 1 | -0/+2 |
| | |||||
* | Close bugs automatically when processing advisories | Colin Guthrie | 2014-08-06 | 1 | -0/+33 |
| | | | | mga#13859 | ||||
* | When assigning an advisory ID, make sure the first reference is to advisory bug. | Colin Guthrie | 2014-08-06 | 1 | -3/+12 |
| | | | | mga#13859 | ||||
* | Drop cookie support for bugzilla. | Colin Guthrie | 2014-08-06 | 1 | -22/+9 |
| | | | | | | | | | | | | | Apparently this no longer works with BZ 4.4 and it now relies on a token to authenticate future requests. We now maintain this token and ensure we pass it in with future requests. Also strip of the xmlrpc.cgi part of the BZ URL so we can use it to validate bug URLs in the future. mga#13859 | ||||
* | Perform some cross checks via bugzilla when publishing advisories | Colin Guthrie | 2014-08-05 | 1 | -5/+170 |
| | |||||
* | Add a log entry when moving packages. | Colin Guthrie | 2014-08-05 | 1 | -0/+1 |
| | |||||
* | Fix trailing whitespace | Colin Guthrie | 2014-08-05 | 1 | -1/+1 |
| | |||||
* | Add a new command to move the packages. | Colin Guthrie | 2014-08-03 | 1 | -0/+30 |
| | | | | | This shells out to a separate command that actually implements this. Such a tool exists already in mgatools called 'mga-move-pkg' | ||||
* | Publish and Email advisories in order. | Colin Guthrie | 2014-08-03 | 1 | -2/+2 |
| | | | | This should mean that emails are sent out in sequential order | ||||
* | Fix perl warning when invalid SRPM name is found. | Colin Guthrie | 2014-08-03 | 1 | -3/+6 |
| | |||||
* | Rename index.html to infos.html and advisories.html to index.html | Nicolas Vigier | 2013-09-09 | 1 | -0/+1 |
| | |||||
* | Set ENCODING when creating templates | Nicolas Vigier | 2013-07-21 | 1 | -0/+5 |
| | |||||
* | Allow specifying .adv extension with the publish command | Nicolas Vigier | 2013-07-21 | 1 | -0/+1 |
| | |||||
* | Set template output to utf8 | Nicolas Vigier | 2013-07-16 | 1 | -1/+3 |
| | |||||
* | Split long line | Nicolas Vigier | 2013-06-26 | 1 | -1/+2 |
| | |||||
* | next_id: sort IDs numerically | Nicolas Vigier | 2013-06-26 | 1 | -1/+1 |
| | |||||
* | Add support for filters on list command | Nicolas Vigier | 2013-06-17 | 1 | -3/+12 |
| | | | | | | | | | Possible filters are : - advisory type - distribution release - package name - CVE - media | ||||
* | Don't save status for unpublished advisories | Nicolas Vigier | 2013-06-17 | 1 | -0/+3 |
| | |||||
* | Add 'no_mail' option in advisory file to disable advisory mail | Nicolas Vigier | 2013-06-17 | 1 | -0/+1 |
| | |||||
* | List unpublished advisories when mode is set to 'qa' | Nicolas Vigier | 2013-06-17 | 1 | -1/+4 |
| | |||||
* | Display report on STDERR in case of error | Nicolas Vigier | 2013-06-17 | 1 | -1/+1 |
| | |||||
* | Check type when assigning new ID | Nicolas Vigier | 2013-06-17 | 1 | -2/+6 |
| | |||||
* | get_advisories_from_dir(): Check advisory type | Nicolas Vigier | 2013-06-17 | 1 | -0/+2 |
| | |||||
* | Rename send_report_mail sub to send_report | Nicolas Vigier | 2013-06-17 | 1 | -15/+17 |
| | | | | | And display report logs to stdout if not configured to send report email. |