[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#47193] [PATCH 1/2] lint: Sort possible vulnerabilities.
|
From: |
Tobias Geerinckx-Rice |
|
Subject: |
[bug#47193] [PATCH 1/2] lint: Sort possible vulnerabilities. |
|
Date: |
Tue, 16 Mar 2021 17:06:52 +0100 |
* guix/lint.scm (check-vulnerabilities): Sort unpatched vulnerabilities
by ID.
---
guix/lint.scm | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/guix/lint.scm b/guix/lint.scm
index 5144fa139d..ed57e19fe2 100644
--- a/guix/lint.scm
+++ b/guix/lint.scm
@@ -1164,6 +1164,23 @@ the NIST server non-fatal."
package-vulnerabilities))
"Check for known vulnerabilities for PACKAGE. Obtain the list of
vulnerability records for PACKAGE by calling PACKAGE-VULNERABILITIES."
+
+ (define (vulnerability< v1 v2)
+ (define (string-list< list1 list2)
+ (match list1
+ ((head1 tail1 ...)
+ (match list2
+ ((head2 tail2 ...)
+ (if (string=? head1 head2)
+ (string-list< tail1 tail2)
+ (string<? head1 head2)))
+ (_ #f)))
+ (_ #f)))
+
+ (let ((separators (char-set-complement char-set:letter+digit)))
+ (string-list< (string-split (vulnerability-id v1) separators)
+ (string-split (vulnerability-id v2) separators))))
+
(let ((package (or (package-replacement package) package)))
(match (package-vulnerabilities package)
(()
@@ -1184,7 +1201,8 @@ vulnerability records for PACKAGE by calling
PACKAGE-VULNERABILITIES."
(make-warning
package
(G_ "probably vulnerable to ~a")
- (list (string-join (map vulnerability-id unpatched)
+ (list (string-join (map vulnerability-id
+ (sort unpatched vulnerability<))
", "))))))))))
(define (check-for-updates package)
--
2.30.1
[bug#47193] Fancify guix lint -c cve output, Léo Le Bouter, 2021/03/16