Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-05 09:08:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix detection of security commit

Browse Source
This commit is contained in:
Laurent Destailleur
2025-12-04 12:42:02 +01:00
parent 11787eb4ff
commit c635f5f9c5
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
dev/tools/apstats.php
View File

@@ -61,7 +61,7 @@ if (empty($argv[1])) {
$outputpath = $argv[1];
$outputdir = dirname($outputpath);
$outputfile = basename($outputpath);
$outputfilerss = preg_replace('/\.\w+$/i', '', $outputfile).'-security.rss';
$outputfilerss = preg_replace('/\.\w+$/i', '', $outputfile).'-security.rss'; // Replace the .html by -security.rss
if (!is_dir($outputdir)) {
print 'Error: dir '.$outputdir.' does not exists or is not writable'."\n";
@@ -271,7 +271,7 @@ $nbofmonth = 6;
$delay = (3600 * 24 * 30 * $nbofmonth);
$arrayofalerts = array();
$commandcheck = "git log --all --shortstat --no-renames --use-mailmap --pretty=".escapeshellarg('format:%cI;%H;%aN;%aE;%ce;%s')." --since=".escapeshellarg(dol_print_date(dol_now() - $delay, '%Y-%m-%d'))." | grep -i -E ".escapeshellarg("(#yogosha|CVE|Sec:|Sec |Sec$)");
$commandcheck = "git log --all --shortstat --no-renames --use-mailmap --pretty=".escapeshellarg('format:%cI;%H;%aN;%aE;%ce;%s')." --since=".escapeshellarg(dol_print_date(dol_now() - $delay, '%Y-%m-%d'))." | grep -i -E ".escapeshellarg("(#yogosha|CVE|Sec:|Sec |^Sec$)");
print 'Execute git log to get commits related to security: '.$commandcheck."\n";
$output_arrglpu = array();
$resexecglpu = 0;
@@ -280,7 +280,7 @@ foreach ($output_arrglpu as $valgitlog) { // The most recent lines are first.
// Parse the line to split interesting data
$tmpval = cleanVal2($valgitlog);
if (preg_match('/(#yogosha|CVE[\s\-]*\d|Sec:|Sec\s|Sec$)/i', $tmpval['title'])) { // Recommended git comment: "Sec: Fix #..."
if (preg_match('/(#yogosha|CVE[\s\-]*\d|Sec:|Sec\s|^Sec$)/i', $tmpval['title'])) { // Recommended git comment: "Sec: Fix #..."
$alreadyfound = '';
$alreadyfoundcommitid = '';
foreach ($arrayofalerts as $val) { // Loop on already found alerts
@@ -932,7 +932,7 @@ $html .= '</div>';
$html .= '</div>';
$html .= '<br>';
$html .= 'Note:Search is done in git repository on regex string "#yogosha|CVE[\s\-]*\d|Sec:|Sec\s" (not case sensitive)<br>';
$html .= 'Note:Search is done in git repository on regex string "#yogosha|CVE[\s\-]*\d|Sec:|Sec |^Sec\s" (not case sensitive)<br>';
$html .= 'You can use this URL for RSS notifications: <a href="/'.$outputfilerss.'">'.$outputfilerss.'</a><br><br>';
$html .= '</section>';