FS#72083 - arch-audit: report per-package CVEs in stable order
Attached to Project:
Community Packages
Opened by gesh (gesh) - Thursday, 09 September 2021, 13:12 GMT
Last edited by Levente Polyak (anthraxx) - Sunday, 12 September 2021, 19:00 GMT
Opened by gesh (gesh) - Thursday, 09 September 2021, 13:12 GMT
Last edited by Levente Polyak (anthraxx) - Sunday, 12 September 2021, 19:00 GMT
|
Details
Description: `arch-audit` (as of version 0.1.20) doesn't
preserve CVE order
between invocations. This leads to annoyances -- eg one of my sources of security news is to keep a log of the current CVEs and diffing it against `arch-audit`'s output. Since the order isn't stable, I get spurious changes. (My script essentially outputs ``` git diff --no-index --word-diff "$cve_db" <(arch-audit --format '%t s %n: %c' | sort) ``` ) Steps to reproduce: Unclear. Noticed it in particular today with an update that just permuted the `linux` errors without changing them. |
This task depends upon
Closed by Levente Polyak (anthraxx)
Sunday, 12 September 2021, 19:00 GMT
Reason for closing: Upstream
Additional comments about closing: please report this bug in the upstream bug tracker. Thank you
Sunday, 12 September 2021, 19:00 GMT
Reason for closing: Upstream
Additional comments about closing: please report this bug in the upstream bug tracker. Thank you