Update patch set 2

Patch Set 2: Code-Review+1 (2 comments) Patch-set: 2 Reviewer: Gerrit User 28739 <28739@4a232e18-c5a9-48ee-94c0-e04e7cca6543> Label: Code-Review=+1, ca2e180b9d798f00fa3ec473cbbde12306142c2a Attention: {"person_ident":"Gerrit User 32753 \u003c32753@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_28739\u003e replied on the change"} Attention: {"person_ident":"Gerrit User 28739 \u003c28739@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"REMOVE","reason":"\u003cGERRIT_ACCOUNT_28739\u003e replied on the change"}
2024-04-22 13:39:43 +00:00 · 2024-04-22 13:39:43 +00:00 · 0532ce530a
parent 1016f620e0
commit 0532ce530a
2 changed files with 51 additions and 0 deletions
--- a/24
+++ b/24
@ -140,6 +140,30 @@
      },
      "revId": "13039cef23df11684a4042049d5e2c90ab85bac5",
      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    },
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "ecdc1b3c_0923db81",
+        "filename": "cve_support/lp.py",
+        "patchSetId": 1
+      },
+      "lineNbr": 71,
+      "author": {
+        "id": 28739
+      },
+      "writtenOn": "2024-04-22T13:39:43Z",
+      "side": 1,
+      "message": "Using the full URL is an improvement, in so far as it is less likely to be present in a bug description.  If you can influence the authors of the bug reports, then please feel free to make that assertion.\n\nI looked at an example from the recent Starlingx report.  This format is what I see in bug https://bugs.launchpad.net/starlingx/+bug/2058868:\n\n    CVE-2022-2127: https://nvd.nist.gov/vuln/detail/CVE-2022-2127\n    CVE-2022-3437: https://nvd.nist.gov/vuln/detail/CVE-2022-3437\n    CVE-2023-4091: https://nvd.nist.gov/vuln/detail/CVE-2023-4091\n    CVE-2023-34966: https://nvd.nist.gov/vuln/detail/CVE-2023-34966\n    CVE-2023-34967: https://nvd.nist.gov/vuln/detail/CVE-2023-34967\n    CVE-2023-34968: https://nvd.nist.gov/vuln/detail/CVE-2023-34968\n\nIf you can assert with the security team members that this format will be used as deliberate CVE reference to be recognized by this reporting script, then this script can search for the specific format.\n\n    pattern \u003d cve_id + \": \" + path.join(NVD_URL, cve_id)",
+      "parentUuid": "d84687fd_c10f0e99",
+      "range": {
+        "startLine": 70,
+        "startChar": 0,
+        "endLine": 71,
+        "endChar": 22
+      },
+      "revId": "13039cef23df11684a4042049d5e2c90ab85bac5",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
    }
  ]
 }
--- a/27
+++ b/27
@ -0,0 +1,27 @@
+{
+  "comments": [
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "bc49a107_fb986898",
+        "filename": "cve_support/cve_policy_filter.py",
+        "patchSetId": 2
+      },
+      "lineNbr": 15,
+      "author": {
+        "id": 28739
+      },
+      "writtenOn": "2024-04-22T13:39:43Z",
+      "side": 1,
+      "message": "I was reviewing the launchpad API for bug example https://bugs.launchpad.net/starlingx/+bug/2058868\n\nThere\u0027s a cves_collection_link\n\n    \u003e\u003e\u003e print(bug)\n    https://api.launchpad.net/devel/bugs/1910130\n    \u003e\u003e\u003e print(bug.cves_collection_link)\n    \u0027https://api.launchpad.net/devel/bugs/1910130/cves\u0027\n\n\nBut I can\u0027t figure out how get at it. Maybe bug 2058868 is a bad example(?)\n\n    {\"start\": 0, \"total_size\": 6, \"entries\": [], \"resource_type_link\" : \"https://api.launchpad.net/devel/#cve-page-resource\"}",
+      "range": {
+        "startLine": 15,
+        "startChar": 0,
+        "endLine": 15,
+        "endChar": 31
+      },
+      "revId": "d9c10bd47ca89e86d1f4d2c16dd2b257cbc1e160",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    }
+  ]
+}