pkgs/applications/networking/browsers/chromium/get-commit-message.py at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / applications / networking / browsers / chromium / get-commit-message.py

at devShellTools-shell 54 lines 2.2 kB view raw

 1#!/usr/bin/env nix-shell
 2#!nix-shell -i python3 -p python3Packages.feedparser python3Packages.requests
 3
 4# This script prints the Git commit message for stable channel updates.
 5# Usage: ./get-commit-message.py [version]
 6
 7import re
 8import sys
 9import textwrap
10
11from collections import OrderedDict
12
13import feedparser
14import requests
15
16# Official rss/atom feed taken from <https://chromereleases.googleblog.com/>'s html source (<link type="application/atom+xml">)
17feed = feedparser.parse('https://www.blogger.com/feeds/8982037438137564684/posts/default')
18html_tags = re.compile(r'<[^>]+>')
19target_version = sys.argv[1] if len(sys.argv) == 2 else None
20
21for entry in feed.entries:
22    url = requests.get(entry.link).url.split('?')[0]
23    if entry.title.lower() != 'Stable Channel Update for Desktop'.lower():
24        if target_version and entry.title == '':
25            # Workaround for a special case (Chrome Releases bug?):
26            if not 'the-stable-channel-has-been-updated-to' in url:
27                continue
28        else:
29            continue
30    content = entry.content[0].value
31    content = html_tags.sub('', content)  # Remove any HTML tags
32    if re.search(r'Linux', content) is None:
33        continue
34    #print(url)  # For debugging purposes
35    version = re.search(r'\d+(\.\d+){3}', content).group(0)
36    if target_version:
37        if version != target_version:
38            continue
39    else:
40        print('chromium: TODO -> ' + version + '\n')
41    print(url)
42    if fixes := re.search(r'This update includes .+ security fix(es)?\.', content):
43        fixes = fixes.group(0)
44        if zero_days := re.search(r'Google is aware( of reports)? th(e|at) .+ in the wild\.', content):
45            fixes += " " + zero_days.group(0)
46        print('\n' + '\n'.join(textwrap.wrap(fixes, width=72)))
47    if cve_list := re.findall(r'CVE-[^: ]+', content):
48        cve_list = list(OrderedDict.fromkeys(cve_list))  # Remove duplicates but preserve the order
49        cve_string = ' '.join(cve_list)
50        print("\nCVEs:\n" + '\n'.join(textwrap.wrap(cve_string, width=72)))
51    sys.exit(0)  # We only care about the most recent stable channel update
52
53print("Error: No match.")
54sys.exit(1)