From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1673992-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id 13E3D158090
for <garchives@archives.gentoo.org>; Fri, 27 Sep 2024 00:52:28 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id A06862BC043;
Fri, 27 Sep 2024 00:52:26 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 899552BC043
for <gentoo-commits@lists.gentoo.org>; Fri, 27 Sep 2024 00:52:26 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id 89475343479
for <gentoo-commits@lists.gentoo.org>; Fri, 27 Sep 2024 00:52:25 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id D291D1EF3
for <gentoo-commits@lists.gentoo.org>; Fri, 27 Sep 2024 00:52:23 +0000 (UTC)
From: "Matt Jolly" <kangie@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Matt Jolly" <kangie@gentoo.org>
Message-ID: <1727398331.9e4fee2f5fa978bfd98367e78bfc0fb87e3548f9.kangie@gentoo>
Subject: [gentoo-commits] proj/chromium-tools:master commit in: /
X-VCS-Repository: proj/chromium-tools
X-VCS-Files: .flake8 get-edge-cves.py get-opera-version-mapping.py opera-bump
X-VCS-Directories: /
X-VCS-Committer: kangie
X-VCS-Committer-Name: Matt Jolly
X-VCS-Revision: 9e4fee2f5fa978bfd98367e78bfc0fb87e3548f9
X-VCS-Branch: master
Date: Fri, 27 Sep 2024 00:52:23 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: e54dab77-1d71-49ca-8097-471ee856f0eb
X-Archives-Hash: 4ead1dc4a740e1f744034d7abaa8715d
commit: 9e4fee2f5fa978bfd98367e78bfc0fb87e3548f9
Author: Matt Jolly <kangie <AT> gentoo <DOT> org>
AuthorDate: Thu Sep 26 23:19:37 2024 +0000
Commit: Matt Jolly <kangie <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 00:52:11 2024 +0000
URL: https://gitweb.gentoo.org/proj/chromium-tools.git/commit/?id=9e4fee2f
flake8: Add config and do some trivial style changes
Signed-off-by: Matt Jolly <kangie <AT> gentoo.org>
.flake8 | 4 ++++
get-edge-cves.py | 20 ++++++++++++++++++--
get-opera-version-mapping.py | 3 ++-
opera-bump | 1 +
4 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/.flake8 b/.flake8
new file mode 100644
index 0000000..cb2f802
--- /dev/null
+++ b/.flake8
@@ -0,0 +1,4 @@
+[flake8]
+ignore = E401
+max-line-length = 120
+max-complexity = 15
diff --git a/get-edge-cves.py b/get-edge-cves.py
index 515c986..44b2eef 100755
--- a/get-edge-cves.py
+++ b/get-edge-cves.py
@@ -70,6 +70,18 @@ class EdgeCVE:
def get_edge_cves(year, month) -> list[EdgeCVE]:
+ """
+ Queries the Microsoft Security Response Center (MSRC) API for the Common Vulnerability Reporting Framework (CVRF)
+ for a given month and extracts the Chromium version mapping for Microsoft Edge (Chromium-based) from the CVRF.
+
+ Args:
+ year: The year to query.
+ month: The month to query.
+
+ Returns:
+ list[EdgeCVE]: A list of EdgeCVE objects.
+ """
+
msrcapi = f"https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/{year}-{month}"
# Get the CVRF for the specified month
@@ -106,7 +118,7 @@ def get_edge_cves(year, month) -> list[EdgeCVE]:
# Fall back to parsing that horrible, horrible table in the notes
notes = vulnerability.find(".//{http://www.icasi.org/CVRF/schema/vuln/1.1}Notes")
# There appear to be multiple notes, but only one has content that we want:
- # <vuln:Note Title="FAQ" Type="FAQ" Ordinal="10"><p><strong>What is the version information for this release?</strong></p>
+ # <vuln:Note Title="FAQ" Type="FAQ" Ordinal="10"><p><strong>What is the version information for this release?</strong></p> # noqa: E501
found = False
for note in notes:
if note.attrib['Title'] == "FAQ" and note.attrib['Type'] == "FAQ":
@@ -121,7 +133,7 @@ def get_edge_cves(year, month) -> list[EdgeCVE]:
if len(rows) > 1:
cells = rows[1].find_all('td')
if len(cells) > 1:
- # We want the second cell (The first is the channel, the third the chromium version it's based on)
+ # We want the second cell (1st is channel, 3rd is chromium version)
edge_version = cells[1].text
if portage_versions.ververify(edge_version):
found = True
@@ -197,11 +209,14 @@ def parse_arguments():
def main():
args = parse_arguments()
+ # If we have a CVE to query (bugs contain them in the Alias field) we can query the API directly
+ # and work out which CVRF(s) to query.
if not args.bug and not args.cve:
month = calendar.month_name[args.month][0:3]
for cve in get_edge_cves(args.year, month):
print(cve)
+ # If we have a bug, we can query the bugzilla API to get the CVEs associated with it
elif args.bug:
for bug in args.bug:
cves = get_cve_from_bug_alias(bug)
@@ -218,6 +233,7 @@ def main():
if cve.cve in cves:
print(cve)
+ # If we have a CVE (or list of CVEs), we can query the API directly to identify the CVRFs to query
elif args.cve:
msrcs = []
cves = []
diff --git a/get-opera-version-mapping.py b/get-opera-version-mapping.py
index ef60683..6d6f3de 100755
--- a/get-opera-version-mapping.py
+++ b/get-opera-version-mapping.py
@@ -9,7 +9,8 @@ def get_opera_chromium_versions(base_url, start_version, end_version):
parsing content sections for versions from start_version to end_version (inclusive).
Args:
- base_url: The base URL for Opera changelogs with a version placeholder (e.g., "https://blogs.opera.com/desktop/changelog-for-{version}/").
+ base_url: The base URL for Opera changelogs with a version placeholder (e.g.,
+ "https://blogs.opera.com/desktop/changelog-for-{version}/").
start_version: The starting version to extract information for (inclusive).
end_version: The ending version to extract information for (inclusive).
diff --git a/opera-bump b/opera-bump
index c1e3c46..9f6a964 100755
--- a/opera-bump
+++ b/opera-bump
@@ -393,5 +393,6 @@ def main():
f"www-client/{pkg}: remove old",
"-s", "-S")
+
if __name__ == "__main__":
main()