Ross Burton

No, The `cve-exclusion_[version].inc` files are generated by `generate-cve-exclusions`, which pulls data from https://www.linuxkernelcves.com. We're not really a source of data regarding kernel CVEs, if that's what you're after.

> I also saw this repo https://github.com/yoctoproject/cve-cna-open-letter so there is some obvious problem: what data do you need exactly in Yocto/OpenEmbedded ? > > I see in https://github.com/yoctoproject/poky/blob/master/meta/classes/cve-check.bbclass that the...

Imagine I'm writing a new project in Python which wants to install manpages (`/usr/share/man/man8/foo.8`), init scripts (`/etc/init.d/foo`), and systemd units (`/lib/systemd/system/foo.service`). How would I do that using the modern packaging...

Sorry, I should have been clear. distutils is deprecated already and will be removed in 3.12, and setuptool's `install` command is deprecated too. What is the modern way to install...

Interesting, thanks. FWIW, there's plenty of software out there which subclasses the `install` command to write arbitrary files. https://weblog.christoph-egger.org/Installing_a_python_systemd_service_.html is an example from 2016.

Packaging RPM/DEB is orthogonal to this issue. How would one generate the rpm/deb in the first place? The typical process is: 1. `setup.py install --root=staging` 2. `dpkg-deb --build staging` If...

To clarify about the root thing: in distribution-land the packager runs `setup.py` as a normal user, but to a staging directory. This directory is then packaged by the packaging tools....

Note that this is in violation of PEP517. https://peps.python.org/pep-0517/#build-wheel says: >The source directory may be read-only. Backends should therefore be prepared to build without creating or modifying any files in...

I'm still not the maintainer but "fix yaml output" doesn't really explain _what_ or _why_ the changes are happening. Please explain in the commit log what the intention of the...

Feel free to work on it Oleg, I haven't done anything on this.