From a4067d9c21bd66aa76e6c48050851504c4c965f1 Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Thu, 31 Dec 2015 00:23:22 +0000 Subject: Change maintainer lookup in contact-maintainers to use PTS The current implementation depends on apt-cache and may use stale information depending on the local APT configuration. If squeeze source packages are enabled in order to work on squeeze-lts, this may pick up the maintainers from those packages. Use rdflib to parse the maintainer names and addresses from the PTS. As a fallback, if rdflib is not available, use the PTS alias for the package maintainers. The PTS does not separate Maintainer and Uploaders, so remove this distinction from the script and templates. git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@38613 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- bin/contact-maintainers | 50 +++++++++++++++++++++++++++++----------- templates/lts-no-dsa.txt | 4 ---- templates/lts-update-planned.txt | 4 ---- 3 files changed, 36 insertions(+), 22 deletions(-) diff --git a/bin/contact-maintainers b/bin/contact-maintainers index 152665ada8..19ece28d3b 100755 --- a/bin/contact-maintainers +++ b/bin/contact-maintainers @@ -6,6 +6,7 @@ import pwd import subprocess import sys import tempfile +import warnings from jinja2 import Template @@ -17,22 +18,43 @@ def get_full_name(): return pwd.getpwuid(os.getuid()).pw_gecos.split(',')[0].decode('utf-8') -def get_source_field(pkg, name): - # XXX: retrieve data in a more reliable way - cmd = 'apt-cache showsrc {}|grep ^{}:|tail -n 1'.format( - pkg, name.capitalize()) - output = subprocess.check_output(cmd, shell=True).strip() - if output: - return output.decode('utf-8').split(': ')[1] - return '' +try: + import rdflib +except ImportError: + warnings.warn('python-rdflib not installed; will fall back to PTS email address') + def get_maintainers(pkg): + return u'{}@packages.debian.org'.format(pkg) -def get_maintainer(pkg): - return get_source_field(pkg, 'Maintainer') +else: + def get_maintainers(pkg): + import re, urllib + # RDF object and predicate references used on PTS + project = rdflib.term.URIRef(u'http://packages.qa.debian.org/{}#project'.format(pkg)) + has_contributor = rdflib.term.URIRef(u'http://schema.org/contributor') + is_named = rdflib.term.URIRef(u'http://xmlns.com/foaf/0.1/name') + is_same_as = rdflib.term.URIRef(u'http://www.w3.org/2002/07/owl#sameAs') -def get_uploaders(pkg): - return get_source_field(pkg, 'Uploaders') + maint = [] + + graph = rdflib.Graph() + graph.parse('https://packages.qa.debian.org/{}/{}.rdf'.format(pkg[0], pkg)) + for contrib in graph[project : has_contributor]: + names = [n for n in graph[contrib : is_named]] + addresses = [urllib.unquote(m.group(1)) for m in + map(re.compile(r'http://webid\.debian\.net/maintainers/(.*)#agent$').match, + graph[contrib : is_same_as]) + if m] + if not names or not addresses: + warnings.warn('found contributor missing name and/or address') + continue + address = addresses[0] + if '@' not in address: + address += '@debian.org' + maint.append(u'"{}" <{}>'.format(names[0], address)) + + return u', '.join(maint) # Parse command line @@ -75,9 +97,9 @@ context = { 'package': args.package, 'sender': get_full_name(), 'cve': args.cve, - 'to': get_maintainer(args.package), + 'to': get_maintainers(args.package), 'cc': cc, - 'uploaders': get_uploaders(args.package), + 'uploaders': '' } # Generate the mail diff --git a/templates/lts-no-dsa.txt b/templates/lts-no-dsa.txt index 4ca8ebfd9e..d9ee6b50d0 100644 --- a/templates/lts-no-dsa.txt +++ b/templates/lts-no-dsa.txt @@ -2,10 +2,6 @@ To: {{ to }} Cc: {{ cc }} Subject: About the security issues affecting {{ package }} in Squeeze -# XXX: Decide whether you want to put some of those persons in copy and -# then drop this comment -# Uploaders: {{ uploaders}} - Hello dear maintainer(s), the Debian LTS team recently reviewed the security issue(s) affecting your diff --git a/templates/lts-update-planned.txt b/templates/lts-update-planned.txt index 2fba69f3fc..6ccd37688f 100644 --- a/templates/lts-update-planned.txt +++ b/templates/lts-update-planned.txt @@ -2,10 +2,6 @@ To: {{ to }} Cc: {{ cc }} Subject: squeeze update of {{ package }}? -# XXX: Decide whether you want to put some of those persons in copy and -# then drop this comment -# Uploaders: {{ uploaders}} - Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are -- cgit v1.2.3