On Fri, Dec 15, 2017 at 3:01 AM, Doug Goldstein <car...@cardoe.com> wrote: > Hello all, > > Looking to see if there is interest from anyone in having machine > readable feeds for the XSA content (e.g. JSON). I mentioned it on IRC > but figured I should post this on the ML to get interest and see if > anyone has strong feelings about a format. I am currently converting the > HTML index to a JSON file of XSAs and then each XSA to its own JSON file.
FWIW I've been working on a tool to help the security team manage the complexity of making sure all combinations of the XSAs actually work before sending them out; we've started including some of the data from these as ".meta" files attached to XSAs. At the moment the content is Xen-security-team-focused: It assumes you have access to our private repository for XSAs and advisories; and the 'recipes' are designed to allow the team to maintain a patch which will apply to staging-XX without problems. But it could certainly be designed to work also from json files provided on the website (or elsewhere), and the 'recipe' could also include user-focused instructions for how to apply it and/or make sure it's been applied. If someone in the community wanted to step up and take a lead on developing what this looks like, it would probably happen faster. :-) The tool as it is is here: http://xenbits.xenproject.org/gitweb/?p=people/gdunlap/xsatool;a=summary It's still very much 'Experimental' -- interface will certainly change, reliability "here be dragons". -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
