From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <gentoo-commits+bounces-1299578-garchives=archives.gentoo.org@lists.gentoo.org> Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 3FF3F13933E for <garchives@archives.gentoo.org>; Tue, 6 Jul 2021 02:03:57 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7C673E0AD0; Tue, 6 Jul 2021 02:03:56 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 5174FE0AD0 for <gentoo-commits@lists.gentoo.org>; Tue, 6 Jul 2021 02:03:56 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 43A1C33BE3B for <gentoo-commits@lists.gentoo.org>; Tue, 6 Jul 2021 02:03:55 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id D5B787BA for <gentoo-commits@lists.gentoo.org>; Tue, 6 Jul 2021 02:03:53 +0000 (UTC) From: "John Helmert III" <ajak@gentoo.org> To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "John Helmert III" <ajak@gentoo.org> Message-ID: <1625516881.be4a8b7e8023688a31e931b46fc3ef8651a290a5.ajak@gentoo> Subject: [gentoo-commits] proj/security:ajak-cvetool commit in: bin/ X-VCS-Repository: proj/security X-VCS-Files: bin/glsatool X-VCS-Directories: bin/ X-VCS-Committer: ajak X-VCS-Committer-Name: John Helmert III X-VCS-Revision: be4a8b7e8023688a31e931b46fc3ef8651a290a5 X-VCS-Branch: ajak-cvetool Date: Tue, 6 Jul 2021 02:03:53 +0000 (UTC) Precedence: bulk List-Post: <mailto:gentoo-commits@lists.gentoo.org> List-Help: <mailto:gentoo-commits+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org> X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 73b1e7bc-0eba-4e19-b846-7b32b70704b5 X-Archives-Hash: 2de349807499b5b830e8d3f53200d80c commit: be4a8b7e8023688a31e931b46fc3ef8651a290a5 Author: John Helmert III <ajak <AT> gentoo <DOT> org> AuthorDate: Mon Jul 5 20:27:13 2021 +0000 Commit: John Helmert III <ajak <AT> gentoo <DOT> org> CommitDate: Mon Jul 5 20:28:01 2021 +0000 URL: https://gitweb.gentoo.org/proj/security.git/commit/?id=be4a8b7e glsatool: drop, accidentally added, not ready yet Signed-off-by: John Helmert III <ajak <AT> gentoo.org> bin/glsatool | 74 ------------------------------------------------------------ 1 file changed, 74 deletions(-) diff --git a/bin/glsatool b/bin/glsatool deleted file mode 100755 index 4582a40..0000000 --- a/bin/glsatool +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env python - -import argparse -import os -import re -import typing - -import bugzilla -import bracex -import pkgcore.config -from pkgcore.ebuild import atom -import requests - -from cvetool import CVETool - -PKG_SEPARATORS = re.compile(r':\s|[\s,;(){}[\]]') -GLSAMAKER_URI = 'https://glsamaker.gentoo.org' -bgo = bugzilla.Bugzilla('https://bugs.gentoo.org') -repo = pkgcore.config.load_config().repo['gentoo'] - - -class GLSATool: - """ Utility to ease GLSA handling in GLSAMaker """ - - def __init__(self, auth): - self.auth = auth - - # https://github.com/mgorny/kuroneko/blob/master/kuroneko/scraper.py#L80 - def find_package_specs(s: str) -> typing.Iterable[atom.atom]: - """Find potentially valid package specifications in given string.""" - words = set() - # consider all possible expansions - for exp in bracex.iexpand(s): - words.update(PKG_SEPARATORS.split(exp)) - for w in words: - # skip anything that couldn't be cat/pkg early - if '/' not in w: - continue - try: - yield atom.atom(w) - except MalformedAtom: - continue - - def new_glsa(auth, title, bugs): - post = requests.post(GLSAMAKER_URI + '/glsas', - data={'title': title + ' [DRAFT]', - 'bugs': ','.join(bugs), - 'access': 'public', - 'import_references': '1', - 'what': 'request', # ??? - 'authenticity_token': 'k75YYdGlcL+dlZS7RKXSVxKaKl2tiiMvwWlReFtKzt3NCKDE2AeskkrZ851xJB7uCBRUTpstV+/aqUTEx3MfIQ=='}, - headers={'Authorization': 'Basic ' + auth}) - if not post.ok: - import pdb; pdb.set_trace() - - -def get_auth(): - authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth') - if 'CVETOOL_AUTH' in os.environ: - return os.environ['CVETOOL_AUTH'] - elif os.path.isfile(authpath): - with open(authpath, 'r') as authfile: - return authfile.readlines()[0] - - -if __name__ == '__main__': - parser = argparse.ArgumentParser() - parser.add_argument('-b', '--bugs', required=True, nargs='+') - parser.add_argument('-t', '--title', required=True) - args = parser.parse_args() - auth = get_auth() - for bug in args.bugs: - CVETool(auth, 'dobug', [bug]) - new_glsa(auth, args.title, args.bugs)