Freedom Issue #3264
[vulscan] Blacklisted package still in the repos
0%
Description
We have a chronic problem of imported packages not being filtered through the blacklist.
History
Updated by bill-auger about 2 years ago
- Status changed from unconfirmed to not-a-bug
thanks for noticing - there is no problem though - there are several steps involved
- change the blacklist.txt in git
- build the 'your-freedom' package
- upgrade the 'your-freedom' package on the repo server
- wait until the next repo sync period
- magic happens
i did not upgrade the your-freedom package until today - those should all disappear soon - vulscan x86_64 is already gone
Updated by gap about 2 years ago
Can this be more automated than it already is?
Aside from the initial change and subsequent commit which are both manual, are the other steps automated?
Also, should the sync frequency be increased?
Updated by bill-auger about 2 years ago
yes to all three questions - too much automation can be bad
though - the blacklisting procedure has just the right amount of
automation now - the only step that is not automated is
upgrading packages on the server - it would not be good to
automate that