| Message ID | 4430b025-a805-3efa-3bc0-58089c47e8f2@lineo.co.jp |
|---|---|
| State | Accepted, archived |
| Headers | show |
| Series | [kirkstone,dunfell] cve-update-nvd2-native: always pass str for json.loads() | expand |
Will this change also work on master and mickledore? If so, please submit for master and I will cherry-pick to the other branches. I've been trying to keep the cve checking in the stable branches in sync with master as much as possible. Thanks! Steve On Wed, Jul 26, 2023 at 10:56 PM Yuta Hayama <hayama@lineo.co.jp> wrote: > Currently json.loads() accepts one of the types str, bytes, or bytearray > as an argument, but bytes and bytearrays have only been allowed since > python 3.6. The version of Python3 provided by default on Ubuntu 16.04 > and Debian 9.x is 3.5, so make raw_data type str to work correctly on > these build hosts. > > Signed-off-by: Yuta Hayama <hayama@lineo.co.jp> > --- > meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb > b/meta/recipes-core/meta/cve-update-nvd2-native.bb > index 2f7dad7e82..67d76f75dd 100644 > --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb > +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb > @@ -136,7 +136,7 @@ def nvd_request_next(url, api_key, args): > > if (r.headers['content-encoding'] == 'gzip'): > buf = r.read() > - raw_data = gzip.decompress(buf) > + raw_data = gzip.decompress(buf).decode("utf-8") > else: > raw_data = r.read().decode("utf-8") > > -- > 2.25.1 > >
Hi Steve, On 2023/07/28 4:01, Steve Sakoman wrote: > Will this change also work on master and mickledore? If so, please submit > for master and I will cherry-pick to the other branches. > > I've been trying to keep the cve checking in the stable branches in sync > with master as much as possible. This patch can be applied to master and mickledore, but this patch is actually only needed for build environments where the build host Python3 is earlier than 3.6. I referred to the Yocto Project Reference Manual to find out which Linux distributions are supported by each version of Yocto (OE-Core). The Linux distributions supported by mickledore are listed below, but I think that none of them will install Python3 earlier than 3.6 by default. This should be the same for master. * Ubuntu 18.04, 20.04, 22.04 * Fedora 36, 37 * AlmaLinux 8.7, 9.1 * Debian GNU/Linux 11.x * OpenSUSE Leap 15.3, 15.4 On the other hand, kirkstone supports Debian 9.x (with python 3.5 installed by default) and dunfell supports Debian 9.x and Ubuntu 16.04 (also with python 3.5 installed by default). Therefore, I think strictly speaking only kirkstone and dunfell need this patch. For other branches (i.e., those that are clearly intended to run on Python 3.6 or later), there is no difference in behavior whether this patch is applied or not. Rather, it may be better performance-wise to not apply this patch, since it eliminates unnecessary decode() calls. Yes, of course it is important to sync each stable branch with master. What should we do in such a case... Regards, Yuta Hayama > > Thanks! > > Steve > > On Wed, Jul 26, 2023 at 10:56 PM Yuta Hayama <hayama@lineo.co.jp> wrote: > >> Currently json.loads() accepts one of the types str, bytes, or bytearray >> as an argument, but bytes and bytearrays have only been allowed since >> python 3.6. The version of Python3 provided by default on Ubuntu 16.04 >> and Debian 9.x is 3.5, so make raw_data type str to work correctly on >> these build hosts. >> >> Signed-off-by: Yuta Hayama <hayama@lineo.co.jp> >> --- >> meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb >> b/meta/recipes-core/meta/cve-update-nvd2-native.bb >> index 2f7dad7e82..67d76f75dd 100644 >> --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb >> +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb >> @@ -136,7 +136,7 @@ def nvd_request_next(url, api_key, args): >> >> if (r.headers['content-encoding'] == 'gzip'): >> buf = r.read() >> - raw_data = gzip.decompress(buf) >> + raw_data = gzip.decompress(buf).decode("utf-8") >> else: >> raw_data = r.read().decode("utf-8") >> >> -- >> 2.25.1 >> >> >
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 2f7dad7e82..67d76f75dd 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -136,7 +136,7 @@ def nvd_request_next(url, api_key, args): if (r.headers['content-encoding'] == 'gzip'): buf = r.read() - raw_data = gzip.decompress(buf) + raw_data = gzip.decompress(buf).decode("utf-8") else: raw_data = r.read().decode("utf-8")
Currently json.loads() accepts one of the types str, bytes, or bytearray as an argument, but bytes and bytearrays have only been allowed since python 3.6. The version of Python3 provided by default on Ubuntu 16.04 and Debian 9.x is 3.5, so make raw_data type str to work correctly on these build hosts. Signed-off-by: Yuta Hayama <hayama@lineo.co.jp> --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)