Diff comments:
> diff --git a/lib/lp/bugs/interfaces/cve.py b/lib/lp/bugs/interfaces/cve.py
> index 4efd60c..7f50341 100644
> --- a/lib/lp/bugs/interfaces/cve.py
> +++ b/lib/lp/bugs/interfaces/cve.py
> @@ -180,6 +180,18 @@ class ICve(Interface):
> as_of="devel",
> )
>
> + metadata = exported(
> + Dict(
> + title=_("metadata"),
> + description=_("CVE metadata."),
> + key_type=Text(),
> + value_type=Text(),
> + required=False,
> + readonly=False,
Do we want users to update these fields though? Seems like the sort of details
that shouldn't be updated by hand - i.e., anyone could read as long as the CVE
is public, but only admins could write.
Indeed description is not readonly, but I find that odd... Afaik there is no
restrictions on CVEs, so is it that any person would be able to change this
field? I'm not comfortable with that. Can you investigate what restrictions
there are that would make it OK to make this not be readonly?
> + ),
> + as_of="devel",
> + )
> +
> def createReference(source, content, url=None):
> """Create a new CveReference for this CVE."""
>
--
https://code.launchpad.net/~enriqueesanchz/launchpad/+git/launchpad/+merge/493451
Your team Launchpad code reviewers is requested to review the proposed merge of
~enriqueesanchz/launchpad:add-metadata-cve-model into launchpad:master.
_______________________________________________
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : [email protected]
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help : https://help.launchpad.net/ListHelp
