On Fri, 1 Dec 2017 09:28:26 +0100 Guido =?iso-8859-1?Q?G=FCnther?= <[email protected]> wrote: [...] > I would rather not make psql connections from reportbug. http is > ubiquitous and can be proxied. That's why I mentioned the security > tracker. The nice thing about the security tracker is that we can change > what's stable, oldstable or lts without involving anybody else.
Hi Guido, I have updated the patch according to your suggestions. It's a bit strange that we can't match release numbers and code name already. I think it would be best to implement this feature somewhere else but for the sake of moving forward the code will just fetch this json file now. At the moment I don't know the exact location at https://security-tracker.debian.org/ where I should put this information. Suggestions are welcome. Please find attached the debdiff against the latest version in unstable and the json file. Regards, Markus
diff -Nru reportbug-7.1.7/bin/reportbug reportbug-7.1.7/bin/reportbug
--- reportbug-7.1.7/bin/reportbug 2017-05-29 22:00:17.000000000 +0200
+++ reportbug-7.1.7/bin/reportbug 2017-05-29 22:00:17.000000000 +0200
@@ -32,6 +32,8 @@
import optparse
import re
import locale
+import requests
+import json
import subprocess
import shlex
import email
@@ -1926,6 +1928,33 @@
listcc += ui.get_multiline(
'Enter any additional addresses this report should be sent to;
press ENTER after each address.')
+ # If the bug is reported against a package with a version that
+ # indicates a security update add the security or lts team to CC
+ # after user confirmation
+ is_security_update = False
+ if pkgversion:
+ regex = re.compile('(\+|~)deb(\d+)u(\d+)')
+ secversion = regex.search(pkgversion)
+ if secversion:
+ if ui.yes_no('Do you want to report a regression because of a
security update? ',
+ 'Yes, please inform the LTS and security teams.',
+ 'No or I am not sure.', True):
+ is_security_update = True
+ distnumber = secversion[2]
+ r =
requests.get('https://security-tracker.debian.org/distribution.json')
+ data = r.json()
+ distribution = None
+ for key, value in data.items():
+ if distnumber in key:
+ distribution = value
+
+ if is_security_update and distribution is not None:
+ if distribution == 'lts':
+ email_address = ['[email protected]']
+ else:
+ email_address = ['[email protected]']
+ listcc.extend(email_address)
+
if severity and rtype:
severity = debbugs.convert_severity(severity, rtype)
distribution.json
Description: application/json
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Reportbug-maint mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reportbug-maint
