Mailing List Archive

Re: svn commit: r1890412 - /httpd/site/trunk/content/security/cvejsontohtml.py
Le 03/06/2021 à 08:31, jailletc36@apache.org a écrit :
> Author: jailletc36
> Date: Thu Jun 3 06:31:44 2021
> New Revision: 1890412
>
> URL: http://svn.apache.org/viewvc?rev=1890412&view=rev
> Log:
> Use natural order sorting, so that 2.4.9 is after 2.4.10
>
> (trick found on https://stackoverflow.com/questions/4836710/is-there-a-built-in-function-for-string-natural-sort)
>
> Modified:
> httpd/site/trunk/content/security/cvejsontohtml.py
>
> Modified: httpd/site/trunk/content/security/cvejsontohtml.py
> URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/cvejsontohtml.py?rev=1890412&r1=1890411&r2=1890412&view=diff
> ==============================================================================
> --- httpd/site/trunk/content/security/cvejsontohtml.py (original)
> +++ httpd/site/trunk/content/security/cvejsontohtml.py Thu Jun 3 06:31:44 2021
> @@ -66,7 +66,8 @@ for k,v in sorted(entries.items(), key=l
> else:
> # Otherwise maybe we started doing things like "<2.7.8"
> affects.append(ver["version_affected"]+ver["version_value"])
> - affects.sort(reverse=True)
> + # Make a natural order sort (i.e. revrite version like 0002.4.8 and 002.4.38)
> + affects.sort(reverse=True, key=lambda x: '{0:0>8}'.format(x).lower())
> e['affects'] = ", ".join(affects)
> e['timetable'] = [];
> for time in cve["timeline"]:
>
This works better, IMHO, but is still not perfect.

For example 2.0.30 is now before 2.2.0 (which was not the case previously)
Googling gives some other solution, either with 3rd party module or hand
writing a natural sort.

I'll leave it to anyone else better than me in python :)

So feel free to revert or improve.

CJ