GNU bug report logs - #53721
[PATCH] lint: Perform fuzzy search on package names for CVE checker.

Previous Next

Package: guix-patches;

Reported by: Efraim Flashner <efraim <at> flashner.co.il>

Date: Wed, 2 Feb 2022 14:17:02 UTC

Severity: normal

Tags: patch

Full log

Message #8 received at 53721 <at> debbugs.gnu.org (full text, mbox):

From: Maxime Devos <maximedevos <at> telenet.be>
To: Efraim Flashner <efraim <at> flashner.co.il>, 53721 <at> debbugs.gnu.org
Subject: Re: [bug#53721] [PATCH] lint: Perform fuzzy search on package names
 for CVE checker.
Date: Wed, 02 Feb 2022 15:54:38 +0100

[Message part 1 (text/plain, inline)]
Efraim Flashner schreef op wo 02-02-2022 om 16:15 [+0200]:
> +                   (false-if-exception
> +                     (first
> +                       (filter string?
> +                               (map (lambda (prefix)
> +                                      (when (string-prefix? prefix pkg-name)
> +                                        (string-drop pkg-name (string-length prefix))))
> +                                    '("java-" "perl-" "python-" "python2-" "ruby-")))))
> +                   pkg-name)))

When can an exception happen here?

Also, the following seems simpler and equivalent:

(any (lambda (prefix)
       (and (string-prefix? prefix)
            (string-drop pkg-name (string-length prefix))))
     '("java-" "perl-" "python-" "python2-" "ruby-"))

It would be nice to test the code for guessing the CPE name of a
package in a few unit tests.

Greetings,
Maxime

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 3 years and 132 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.