This is an automated email from the ASF dual-hosted git repository.
potiuk pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow-steward.git
The following commit(s) were added to refs/heads/main by this push:
new 900cb0d generate-cve-json: update default config path to
.apache-steward-overrides/ (#132)
900cb0d is described below
commit 900cb0d5c0b52f11b27f2bc2dd3545a0cab8a1ec
Author: Jarek Potiuk <[email protected]>
AuthorDate: Tue May 12 05:06:59 2026 +0200
generate-cve-json: update default config path to .apache-steward-overrides/
(#132)
* generate-cve-json: update default config path to
.apache-steward-overrides/
PR #392 moved the project's `cve-json-config.toml` from
`.apache-steward/tools/vulnogram/` to
`.apache-steward-overrides/tools/vulnogram/` (the snapshot directory
is read-only; per-project config lives in the overrides directory),
but the generator's `_DEFAULT_CONFIG_RELPATH` constant still pointed
at the old snapshot path. Adopters running `generate-cve-json` from
the tracker repo without a `CVE_JSON_CONFIG` env var or `--config`
flag get a "config file not found" error.
Update the default lookup to match the post-#392 layout. The
`--config` flag and `CVE_JSON_CONFIG` env var paths are unchanged.
Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
* ci(gmail-threading): add language tag to fenced example block (MD040)
Markdownlint MD040 — fenced code blocks must declare a language. Surfaces
on this PR's CI because #131 merged with the prek failure unresolved.
---------
Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
---
.../generate-cve-json/src/generate_cve_json/cve_json.py | 9 +++++----
tools/vulnogram/generate-cve-json/tests/conftest.py | 2 +-
2 files changed, 6 insertions(+), 5 deletions(-)
diff --git
a/tools/vulnogram/generate-cve-json/src/generate_cve_json/cve_json.py
b/tools/vulnogram/generate-cve-json/src/generate_cve_json/cve_json.py
index 6dfa247..339a644 100644
--- a/tools/vulnogram/generate-cve-json/src/generate_cve_json/cve_json.py
+++ b/tools/vulnogram/generate-cve-json/src/generate_cve_json/cve_json.py
@@ -108,21 +108,22 @@ import tempfile
#
# <project-config>/tools/vulnogram/cve-json-config.toml
#
-# (where `<project-config>` is the adopting project's `.apache-steward/`
-# directory, per the apache/airflow-steward placeholder convention).
+# (where `<project-config>` is the adopting project's
+# `.apache-steward-overrides/` directory, per the apache/airflow-steward
+# placeholder convention).
#
# Resolution order for the config path:
# 1. The `--config <path>` CLI flag (or the `config_path=` argument to
# `_load_config()`).
# 2. The `CVE_JSON_CONFIG` environment variable.
-# 3. `<cwd>/.apache-steward/tools/vulnogram/cve-json-config.toml`.
+# 3. `<cwd>/.apache-steward-overrides/tools/vulnogram/cve-json-config.toml`.
#
# Schema: see the README in this package.
import tomllib
import urllib.parse
from pathlib import Path
-_DEFAULT_CONFIG_RELPATH =
".apache-steward/tools/vulnogram/cve-json-config.toml"
+_DEFAULT_CONFIG_RELPATH =
".apache-steward-overrides/tools/vulnogram/cve-json-config.toml"
_CONFIG_PATH_ENV = "CVE_JSON_CONFIG"
# Cached, lazily-loaded config. `_populate_constants()` reads this and
diff --git a/tools/vulnogram/generate-cve-json/tests/conftest.py
b/tools/vulnogram/generate-cve-json/tests/conftest.py
index e40c8d7..6cb8612 100644
--- a/tools/vulnogram/generate-cve-json/tests/conftest.py
+++ b/tools/vulnogram/generate-cve-json/tests/conftest.py
@@ -19,7 +19,7 @@
The Python tool loads all project-specific values from a TOML config
the adopting project ships at:
- <adopter-tracker>/.apache-steward/tools/vulnogram/cve-json-config.toml
+
<adopter-tracker>/.apache-steward-overrides/tools/vulnogram/cve-json-config.toml
The tool reads that config relative to ``cwd`` (or via the
``CVE_JSON_CONFIG`` environment variable / the ``--config`` CLI flag).
