Hi, On Thu, Feb 18, 2016 at 06:02:12PM +0100, Holger Levsen wrote: > Hi Guido, > > On Mittwoch, 17. Februar 2016, Guido Günther wrote: > > When triaging LTS issues I always have to look up what we still support > > and what not. Attached script simplifies this a bit: > > > > $ bin/support-ended.py --lists /path/to/debian-security-support/ iceape > > Package unsupported in wheezy > > Package unsupported in squeeze > > very nice! > > > I didn't find a place in Debian where we canonically map release names > > to release numbers (i.e. squeeze -> 6.x, jessie -> 7.x). I'm sure there > > is such a thing so I'm happy about any pointers. > > apt-cache show distro-info
Ahhh...great and there's python-distro-info as well. I'm not using it yet since there's no support for LTS EOL dates yet (bug to be filed in a second). It's needed for the new (attached) version that also validates the packages individual EOL date. Cheers, -- Guido
>From 2318cfc52ecbeaed5fee47c8c6d665377e4d4646 Mon Sep 17 00:00:00 2001 Message-Id: <2318cfc52ecbeaed5fee47c8c6d665377e4d4646.1459185378.git....@sigxcpu.org> From: =?UTF-8?q?Guido=20G=C3=BCnther?= <a...@sigxcpu.org> Date: Wed, 17 Feb 2016 18:04:39 +0100 Subject: [PATCH] Given a package allow to check in which releases security support has ended To: debian-lts@lists.debian.org By default we check if the package will be supported until the release goes EOL: $ bin/support-ended.py --lists debian-security-support/ tomcat6 Package unsupported in stretch Package unsupported in wheezy Package unsupported in jessie but we can also check if it support ends within the next N days: # tomcat6 is marked as EOL for 2016-12-31 $ bin/support-ended.py --lists debian-security-support/ tomcat6 --days 100 <empty> $ bin/support-ended.py --lists debian-security-support/ tomcat6 --days 300 Package unsupported in stretch Package unsupported in wheezy Package unsupported in jessie --- bin/support-ended.py | 99 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100755 bin/support-ended.py diff --git a/bin/support-ended.py b/bin/support-ended.py new file mode 100755 index 0000000..9a248a8 --- /dev/null +++ b/bin/support-ended.py @@ -0,0 +1,99 @@ +#!/usr/bin/python +# vim: set fileencoding=utf-8 : +# +# Copyright 2016 Guido Günther <a...@sigxcpu.org> +# +# This file is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# This file is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this file. If not, see <https://www.gnu.org/licenses/>. + +"""Check if and when support ended for a given package""" + +import argparse +import datetime +import glob +import os +import re +import sys + + +release_mapping = { + 'deb6': ('squeeze', '2016-02-29'), + 'deb7': ('wheezy', '2018-05-31'), + # End date not yet fixed + 'deb8': ('jessie', '2020-04-30'), + # Not even released yet + 'deb9': ('stretch', None), +} + + +SUPPORT_ENDED = 0 # security support ended in at least one suite +SUPPORT_FULL = 2 # fully supported in all known suites + + +def relnum_to_relname(relnum): + return release_mapping[relnum][0] + + +def release_eol(relnum): + eolstr = release_mapping[relnum][1] + return iso8601date_to_datetime(eolstr) if eolstr else None + + +def iso8601date_to_datetime(datestr): + return datetime.datetime.strptime(datestr, "%Y-%m-%d") + + +def find_releases(pkg, dir, days): + rels = [] + pkg_re = re.compile(r"(?P<PKG>%s)\s+[^\s]+\s+(?P<EOL>[0-9]{4}-[0-9]{2}-[0-9]{2})" % pkg) + pattern = "security-support-ended.deb*" + lists = glob.glob(os.path.join(dir, pattern)) + if not lists: + raise Exception("No lists matching %s found in %s", (pattern, dir)) + + end = datetime.datetime.today() + datetime.timedelta(days=days) if days else None + + for fn in lists: + _, ext = os.path.splitext(fn) + rel = ext[1:] + sup_needed_til = end or release_eol(rel) + with open(fn) as f: + for line in f: + m = pkg_re.match(line) + if m: + pkgeol = iso8601date_to_datetime(m.group("EOL")) + if not sup_needed_til or pkgeol < sup_needed_til: + rels.append(relnum_to_relname(rel)) + break + return rels + + +def main(): + parser = argparse.ArgumentParser( + description='Check if and when security support ended for a given package') + parser.add_argument('--lists', help='Directory that contains the lists of unsupported packages ', default='.') + parser.add_argument('--days', help='days of security support left, 0 == LTS Release end', type=int, default=0) + parser.add_argument('package', nargs=1, help='package to check') + + args = parser.parse_args() + + rels = find_releases(args.package[0], args.lists, args.days) + if rels: + for rel in rels: + print("Package unsupported in %s" % rel) + else: + return SUPPORT_FULL + return SUPPORT_ENDED + +if __name__ == '__main__': + sys.exit(main()) -- 2.8.0.rc3