in foundation_security_advisories/check_advisories.py [0:0]
def check_file(file_name):
"""
Check the given file for parse errors.
:param file_name: file name to check
:return: str error message.
"""
if file_name.endswith('.md'):
parser = parse_md_file
schema = md_schema
elif file_name.endswith('.yml'):
parser = parse_yml_file
schema = yaml_schema
else:
return 'Unknown file type: %s' % file_name
try:
data = parser(file_name)
except Exception as e:
return str(e)
if HOF_FILENAME_RE.search(file_name):
return check_hof_data(data)
if 'mfsa_id' not in data:
return 'The MFSA ID must be in the filename or metadata.'
for f in data['fixed_in']:
if "ESR" in f and "ESR " not in f:
return "When ESR is specified, it must be of the form 'Firefox ESR XX', not 'Firefox ESRXX' (Found '" + f + "')"
if "," in f:
return f"When 'fixed_in' contains multiple products, they should be enumerated with YAML and not with commas in a string (Found '{f}')"
if 'announced' in data:
try:
date = parsedate(data['announced']).date()
except Exception:
return 'Failed to parse "{}" as a date'.format(data['announced'])
if not data['mfsa_id'].startswith(str(date.year)):
return 'Year mismatch between mfsa id ({}) and "announced" field ({})'.format(data['mfsa_id'], data['announced'])
try:
schema.validate(data)
except SchemaError as e:
return str(e)
if "advisories" in data:
for _, advisory in data["advisories"].items():
if advisory["title"] != None:
if "`" in advisory["title"]:
return "Advisory title should not contain any backticks"
if "<code>" in advisory["title"]:
return f"Advisory title should not contain any <code> tags"
match = UNWANTED_HTML_TAG_RE.match(advisory["description"])
if match:
return f"Advisory description should only contain basic html tags used for formatting, found {match.groups()[0]}. Consider escaping < with <"
if file_name.endswith('.yml'):
with open(file_name, "r") as f:
for i, line in enumerate(f):
if INVALID_COLON_TITLE_LINE.match(line):
return f"If title contains a colon, it should be surrounded by quotes (line {i+1})"
return None