[Buildroot] [PATCH 0/5] Extend pkg-stats to replace cve-checker
Gregory CLEMENT
gregory.clement at bootlin.com
Fri Nov 6 14:59:35 UTC 2020
Hello Thomas,
> Hello,
>
> We recently introduced cve-checker (commit
> fafa3e4e293faabc0d38a714eb88a25252936a99). But thinking more about it,
> what it does is in fact very similar to pkg-stats. It even largely
> borrows from pkg-stats structure and logic.
>
> The main difference is that pkg-stats was originally written as a
> Buildroot maintainer-oriented tool, where the goal is to keep an eye
> on the entire set of Buildroot packages. On the other hand,
> cve-checker was written as a tool mainly for a Buildroot user, to keep
> an eye on the CVEs affecting just the packages currently enabled in
> the current configuration.
>
> So, what this patch series does is extend pkg-stats so that instead of
> producing its output only for all Buildroot packages, it can be done
> just for the set of packages enabled in the current configuration.
Your series looks good and I think it is a good things to finally remove
cve-checker. I introduced cve.py in order to share code between
cve-checker and pkg-stats but in the end there was sill a lot of
duplicate code, and each evolution was really painful, as it was needed
to duplicate it in each script but with very few difference.
Gregory
>
> Here is how it goes:
>
> - PATCH 1 makes pkg-stats usable outside of the Buildroot top-level
> directory. This will be useful to be able to run it from any output
> directory.
>
> - PATCH 2 really allows pkg-satts to generate its details based on
> the set of currently configured packages. This mode is enabled
> using the new -c option.
>
> - PATCH 3 drops cve-checker
>
> - PATCH 4 promotes the pkg-stats functionality as a Makefile
> target. Note that only the "pkg-stats -c" mode is used here: we
> target the use of pkg-stats by Buildroot users, who want results
> based on their configuration. The use of pkg-stats as a maintainer
> tool is different, and we assume maintainers will know how to run
> pkg-stats.
>
> - PATCH 5 adds some mentions of "make show-info" and "make pkg-stats"
> in the Buildroot manual.
>
> Note: I think this series should be merged in master, not in
> next. Indeed, cve-checker is new in 2020.11-rc1, so it would probably
> be a bit silly to release 2020.11 with cve-checker and remove it right
> after.
>
> Thanks,
>
> Thomas
>
> Thomas Petazzoni (5):
> support/scripts/pkg-stats: allow to run script outside of the
> top-level directory
> support/scripts/pkg-stats: support generating stats based on
> configured packages
> support/scripts/cve-checker: remove script
> Makefile: add pkg-stats target
> docs/manual: add some minimal documentation about show-info and
> pkg-stats
>
> Makefile | 9 ++
> docs/manual/common-usage.txt | 23 ++++
> support/scripts/cve-checker | 196 -----------------------------------
> support/scripts/pkg-stats | 48 ++++++---
> 4 files changed, 63 insertions(+), 213 deletions(-)
> delete mode 100755 support/scripts/cve-checker
>
> --
> 2.26.2
>
--
Gregory Clement, Bootlin
Embedded Linux and Kernel engineering
http://bootlin.com
More information about the buildroot
mailing list