Skip to content

Make Beuc's git-blame helper for the security tracker available in a convenient way

As discussed in a thread on the debian-lts mailing list, @beuc has created a helper for running git-blame on the security tracker (particularly on data/CVE/list), which for a long time has been a very painful operation.

This helper utility should be made available in a convenient form for LTS contributors.

Various possible deployment strategies should be considered, along with their pros and cons. Some possibilities include, but are not limited to:

  • as part of the internal tool collection available only to paid LTS contributors
  • as part of the tools included in the security tracker (e.g., under bin/)
  • as part of an existing Debian package which collects together useful utilities (e.g., devscripts)
  • some other approach

The analysis should be discussed with the LTS coordinators prior to beginning implementation.

Based on the selected deployment strategy, additional steps will need to be determined, including potential changes to the code and architecture in order to fit better with a given deployment approach, documentation, and potentially other concerns.

This issue was written specifically with the intent of including it as part of the plan for the DebCamp 25 security tracker sprint. However, that in no way precludes work being done on this by any interested party, whether before, during, or after the sprint.

CC: @santiago