Permalink
Browse files

Fix security advisory updater including wrong files.

The updater looked for all files with a '.md' extension
that had bee modified. This was looking at README.md in
error. This fixes the behavior to only look at files named
'mfsaYYYY-NN.md'.
  • Loading branch information...
pmac committed Jan 15, 2015
1 parent c6d0a3d commit ac8be2f8c6a96be5daac49d3f5e42e52be8e1f95
@@ -18,7 +18,7 @@
from dateutil.parser import parse as parsedate
from bedrock.security.models import Product, SecurityAdvisory
from bedrock.security.utils import chdir, parse_md_file
from bedrock.security.utils import FILENAME_RE, chdir, parse_md_file
ADVISORIES_REPO = settings.MOFO_SECURITY_ADVISORIES_REPO
@@ -54,6 +54,11 @@ def mkdir_p(path):
raise
def filter_advisory_filenames(filenames):
return [os.path.join(ADVISORIES_PATH, fn) for fn in filenames
if FILENAME_RE.search(fn)]
@chdir(ADVISORIES_PATH)
def git_pull():
old_hash = get_current_git_hash()
@@ -64,16 +69,12 @@ def git_pull():
@chdir(ADVISORIES_PATH)
def git_diff(old_hash, new_hash):
modified_files = []
if old_hash != new_hash:
proc = Popen((GIT, 'diff', '--name-only', old_hash, new_hash), stdout=PIPE)
git_out = proc.communicate()[0].split()
for mf in git_out:
if not mf.endswith('.md'):
continue
modified_files.append(os.path.join(ADVISORIES_PATH, mf))
return filter_advisory_filenames(git_out)
return modified_files
return []
@chdir(ADVISORIES_PATH)
@@ -2,21 +2,37 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
from django.conf import settings
from nose.tools import eq_
from bedrock.mozorg.tests import TestCase
from bedrock.security.management.commands import update_security_advisories
class TestUpdateSecurityAdvisories(TestCase):
def test_fix_product_name(self):
"""Should fix SeaMonkey and strip '.0' from names."""
eq_(update_security_advisories.fix_product_name('Seamonkey 2.2'),
'SeaMonkey 2.2')
eq_(update_security_advisories.fix_product_name('Firefox 2.2'),
'Firefox 2.2')
eq_(update_security_advisories.fix_product_name('fredflintstone 2.2'),
'fredflintstone 2.2')
eq_(update_security_advisories.fix_product_name('Firefox 32.0'),
'Firefox 32')
eq_(update_security_advisories.fix_product_name('Firefox 32.0.1'),
'Firefox 32.0.1')
def test_fix_product_name():
"""Should fix SeaMonkey and strip '.0' from names."""
eq_(update_security_advisories.fix_product_name('Seamonkey 2.2'),
'SeaMonkey 2.2')
eq_(update_security_advisories.fix_product_name('Firefox 2.2'),
'Firefox 2.2')
eq_(update_security_advisories.fix_product_name('fredflintstone 2.2'),
'fredflintstone 2.2')
eq_(update_security_advisories.fix_product_name('Firefox 32.0'),
'Firefox 32')
eq_(update_security_advisories.fix_product_name('Firefox 32.0.1'),
'Firefox 32.0.1')
def test_filter_advisory_names():
filenames = [
'README.md',
'LICENSE.txt',
'announce/2015/mfsa2015-01.md',
'stuff/whatnot.md',
'mfsa2015-02.md',
]
good_filenames = [
settings.MOFO_SECURITY_ADVISORIES_PATH + '/announce/2015/mfsa2015-01.md',
settings.MOFO_SECURITY_ADVISORIES_PATH + '/mfsa2015-02.md',
]
eq_(update_security_advisories.filter_advisory_filenames(filenames), good_filenames)

0 comments on commit ac8be2f

Please sign in to comment.