[Reportbug-maint] Bug#878088: Bug#878088: reportbug: please inform security and lts teams about security update regressions
Markus Koschany
apo at debian.org
Mon Jan 29 12:29:59 UTC 2018
[sorry forgot to CC the rest]
Hello,
Am 29.01.2018 um 09:30 schrieb Guido Günther:
> Hi Markus,
> thanks for pursuing this! Some minor nitpicks:
>
> On Mon, Jan 29, 2018 at 12:11:03AM +0100, Markus Koschany wrote:
> [..snip..]
>> + if utils.is_security_update(package, pkgversion):
>> + if ui.yes_no('Do you want to report a regression
because of a security update? ',
>> + 'Yes, please inform the LTS and
security teams.',
>> + 'No or I am not sure.', True):
>> + regex = re.compile('(\+|~)deb(\d+)u(\d+)')
>> + secversion = regex.search(pkgversion)
>> + distnumber = secversion.group(2)
>> + support = 'none'
>
> Using
>
> support = None
>
> is a bit more pythonic.
support = None was part of the very first iterations of this patch but
the string 'none' is used in distributions.json nowadays. I initialize
the variable with the same value and then I compare the value in our
support key. None is not equal to 'none' and caused an error when
Salvatore changed this value in distributions.json.
>> + email_address = []
>> + try:
>> + r =
requests.get('https://security-tracker.debian.org/tracker/distributions.json',
>> + timeout=self.options.timeout)
>
> This will not catch 404 or similar http status codes. If you don't care
> about the type of error you can just do …
>
> r.raise_for_status()
>
> … ff you dont handle the error this …
>
>> + data = r.json()
>
> … will fail like:
>
[...]
>
> … The raise_for_status exception is caught here alreadyx since
> requests.exceptions.HTTPError is a subclass of
> requests.exceptions.RequestException):
[...]
I thought requests.exceptions.RequestException is the exception base
class of Python requests and catches all cases? If not, would
except (requests.exceptions.RequestException,
requests.exceptions.HTTPError):
suffice?
> It would also improve readability if this whole code block moved into
a get_security_contact()
> function.
Maybe.
Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/reportbug-maint/attachments/20180129/171f9d26/attachment.sig>
More information about the Reportbug-maint
mailing list