2018-03-31 06:07:46 +03:00
|
|
|
{-# LANGUAGE ExtendedDefaultRules #-}
|
2019-01-18 11:20:47 +03:00
|
|
|
{-# LANGUAGE NamedFieldPuns #-}
|
2018-04-04 12:24:55 +03:00
|
|
|
{-# LANGUAGE OverloadedStrings #-}
|
2018-03-31 06:07:46 +03:00
|
|
|
{-# OPTIONS_GHC -fno-warn-type-defaults #-}
|
2018-04-04 12:24:55 +03:00
|
|
|
|
2018-12-24 02:02:54 +03:00
|
|
|
module Main where
|
|
|
|
|
|
|
|
import Control.Applicative ((<**>))
|
2018-03-31 06:07:46 +03:00
|
|
|
import qualified Data.Text as T
|
2018-07-11 05:30:34 +03:00
|
|
|
import qualified Data.Text.IO as T
|
2018-09-06 16:47:09 +03:00
|
|
|
import DeleteMerged (deleteDone)
|
2019-10-07 02:17:08 +03:00
|
|
|
import NVD (withVulnDB)
|
2019-09-08 02:48:10 +03:00
|
|
|
import qualified Nix
|
|
|
|
import qualified Options.Applicative as O
|
2020-01-20 02:13:28 +03:00
|
|
|
import OurPrelude
|
|
|
|
import qualified Repology
|
|
|
|
import System.IO (BufferMode (..), hSetBuffering, stderr, stdout)
|
2020-02-09 02:24:37 +03:00
|
|
|
import qualified System.Posix.Env as P
|
2020-04-06 07:20:08 +03:00
|
|
|
import Update (cveAll, cveReport, sourceGithubAll, updateAll, updatePackage)
|
2020-04-05 01:50:00 +03:00
|
|
|
import Utils (Options (..), UpdateEnv (..), getGithubToken, setupNixpkgs)
|
2018-04-04 02:03:46 +03:00
|
|
|
|
2018-03-31 06:07:46 +03:00
|
|
|
default (T.Text)
|
|
|
|
|
2020-02-09 20:13:46 +03:00
|
|
|
data UpdateOptions
|
2020-01-20 02:13:28 +03:00
|
|
|
= UpdateOptions
|
2020-04-06 03:23:12 +03:00
|
|
|
{ pr :: Bool,
|
2020-02-18 08:40:04 +03:00
|
|
|
cachix :: Bool,
|
2020-02-22 09:18:14 +03:00
|
|
|
outpaths :: Bool
|
2020-01-20 02:13:28 +03:00
|
|
|
}
|
2019-01-18 11:20:47 +03:00
|
|
|
|
2019-09-08 02:48:10 +03:00
|
|
|
data Command
|
2020-01-26 01:37:29 +03:00
|
|
|
= UpdateList UpdateOptions
|
2020-04-06 03:23:12 +03:00
|
|
|
| Update UpdateOptions Text
|
2019-09-08 02:48:10 +03:00
|
|
|
| DeleteDone
|
|
|
|
| Version
|
2019-09-08 02:53:01 +03:00
|
|
|
| UpdateVulnDB
|
2019-10-07 02:17:08 +03:00
|
|
|
| CheckAllVulnerable
|
2019-10-13 00:37:34 +03:00
|
|
|
| SourceGithub
|
2020-01-20 02:13:28 +03:00
|
|
|
| FetchRepology
|
2019-10-07 02:17:08 +03:00
|
|
|
| CheckVulnerable Text Text Text
|
2018-04-04 02:03:46 +03:00
|
|
|
|
2020-02-09 20:13:46 +03:00
|
|
|
updateOptionsParser :: O.Parser UpdateOptions
|
2019-09-08 02:48:10 +03:00
|
|
|
updateOptionsParser =
|
2020-02-09 20:13:46 +03:00
|
|
|
UpdateOptions
|
2020-04-06 03:23:12 +03:00
|
|
|
<$> O.flag False True (O.long "pr" <> O.help "Make a pull request using Hub.")
|
2020-02-22 09:18:14 +03:00
|
|
|
<*> O.flag False True (O.long "cachix" <> O.help "Push changes to Cachix")
|
|
|
|
<*> O.flag False True (O.long "outpaths" <> O.help "Calculate outpaths to determine the branch to target")
|
2019-01-18 11:20:47 +03:00
|
|
|
|
2020-04-06 03:23:12 +03:00
|
|
|
updateParser :: O.Parser Command
|
|
|
|
updateParser =
|
|
|
|
Update
|
|
|
|
<$> updateOptionsParser
|
|
|
|
<*> O.strArgument (O.metavar "UPDATE_INFO" <> O.help "update string of the form: 'pkg oldVer newVer update-page'\n\n example: 'tflint 0.15.0 0.15.1 repology.org'")
|
|
|
|
|
2019-09-08 02:48:10 +03:00
|
|
|
commandParser :: O.Parser Command
|
|
|
|
commandParser =
|
|
|
|
O.hsubparser
|
2020-01-20 02:13:28 +03:00
|
|
|
( O.command
|
2020-01-26 01:37:29 +03:00
|
|
|
"update-list"
|
2020-02-09 20:13:46 +03:00
|
|
|
(O.info (UpdateList <$> updateOptionsParser) (O.progDesc "Update a list of packages"))
|
2020-02-09 20:29:32 +03:00
|
|
|
<> O.command
|
|
|
|
"update"
|
2020-04-06 03:23:12 +03:00
|
|
|
(O.info (updateParser) (O.progDesc "Update one package"))
|
2020-01-20 02:13:28 +03:00
|
|
|
<> O.command
|
|
|
|
"delete-done"
|
|
|
|
( O.info
|
|
|
|
(pure DeleteDone)
|
|
|
|
(O.progDesc "Deletes branches from PRs that were merged or closed")
|
|
|
|
)
|
|
|
|
<> O.command
|
|
|
|
"version"
|
|
|
|
( O.info
|
|
|
|
(pure Version)
|
|
|
|
( O.progDesc
|
|
|
|
"Displays version information for nixpkgs-update and dependencies"
|
|
|
|
)
|
|
|
|
)
|
|
|
|
<> O.command
|
|
|
|
"update-vulnerability-db"
|
|
|
|
( O.info
|
|
|
|
(pure UpdateVulnDB)
|
|
|
|
(O.progDesc "Updates the vulnerability database")
|
|
|
|
)
|
|
|
|
<> O.command
|
|
|
|
"check-vulnerable"
|
|
|
|
(O.info checkVulnerable (O.progDesc "checks if something is vulnerable"))
|
|
|
|
<> O.command
|
|
|
|
"check-all-vulnerable"
|
|
|
|
( O.info
|
|
|
|
(pure CheckAllVulnerable)
|
|
|
|
(O.progDesc "checks all packages to update for vulnerabilities")
|
|
|
|
)
|
|
|
|
<> O.command
|
|
|
|
"source-github"
|
|
|
|
(O.info (pure SourceGithub) (O.progDesc "looks for updates on GitHub"))
|
|
|
|
<> O.command
|
|
|
|
"fetch-repology"
|
|
|
|
(O.info (pure FetchRepology) (O.progDesc "fetches update from Repology and prints them to stdout"))
|
|
|
|
)
|
2019-10-07 00:16:35 +03:00
|
|
|
|
|
|
|
checkVulnerable :: O.Parser Command
|
|
|
|
checkVulnerable =
|
2020-01-20 02:13:28 +03:00
|
|
|
CheckVulnerable <$> O.strArgument (O.metavar "PRODUCT_ID")
|
|
|
|
<*> O.strArgument (O.metavar "OLD_VERSION")
|
|
|
|
<*> O.strArgument (O.metavar "NEW_VERSION")
|
2019-09-08 02:48:10 +03:00
|
|
|
|
|
|
|
programInfo :: O.ParserInfo Command
|
2018-04-06 18:17:22 +03:00
|
|
|
programInfo =
|
2019-09-08 02:48:10 +03:00
|
|
|
O.info
|
|
|
|
(commandParser <**> O.helper)
|
2020-01-20 02:13:28 +03:00
|
|
|
( O.fullDesc
|
|
|
|
<> O.progDesc "Update packages in the Nixpkgs repository"
|
|
|
|
<> O.header "nixpkgs-update"
|
|
|
|
)
|
2018-03-31 06:07:46 +03:00
|
|
|
|
|
|
|
main :: IO ()
|
2018-07-11 05:30:34 +03:00
|
|
|
main = do
|
2020-01-13 18:52:39 +03:00
|
|
|
hSetBuffering stdout LineBuffering
|
|
|
|
hSetBuffering stderr LineBuffering
|
2019-09-08 02:48:10 +03:00
|
|
|
command <- O.execParser programInfo
|
|
|
|
case command of
|
|
|
|
DeleteDone -> do
|
|
|
|
token <- getGithubToken
|
|
|
|
setupNixpkgs token
|
2020-02-09 02:24:37 +03:00
|
|
|
P.setEnv "GITHUB_TOKEN" (T.unpack token) True
|
2019-09-08 02:48:10 +03:00
|
|
|
deleteDone token
|
2020-04-06 03:23:12 +03:00
|
|
|
UpdateList UpdateOptions {pr, cachix, outpaths} -> do
|
2019-09-08 02:48:10 +03:00
|
|
|
token <- getGithubToken
|
|
|
|
updates <- T.readFile "packages-to-update.txt"
|
|
|
|
setupNixpkgs token
|
2020-02-09 02:24:37 +03:00
|
|
|
P.setEnv "PAGER" "" True
|
|
|
|
P.setEnv "GITHUB_TOKEN" (T.unpack token) True
|
2020-04-06 03:23:12 +03:00
|
|
|
updateAll (Options pr True token cachix outpaths) updates
|
2020-04-06 07:20:08 +03:00
|
|
|
Update UpdateOptions {pr, cachix} update -> do
|
2020-02-09 20:13:46 +03:00
|
|
|
token <- getGithubToken
|
|
|
|
setupNixpkgs token
|
|
|
|
P.setEnv "PAGER" "" True
|
|
|
|
P.setEnv "GITHUB_TOKEN" (T.unpack token) True
|
2020-04-06 07:20:08 +03:00
|
|
|
result <- updatePackage (Options pr False token cachix False) update
|
|
|
|
case result of
|
|
|
|
Left e -> T.putStrLn e
|
|
|
|
Right () -> T.putStrLn "Done."
|
2019-09-08 02:48:10 +03:00
|
|
|
Version -> do
|
2019-09-26 16:56:49 +03:00
|
|
|
v <- runExceptT Nix.version
|
2019-09-08 02:48:10 +03:00
|
|
|
case v of
|
|
|
|
Left t -> T.putStrLn ("error:" <> t)
|
|
|
|
Right t -> T.putStrLn t
|
2019-10-01 13:49:24 +03:00
|
|
|
UpdateVulnDB -> withVulnDB $ \_conn -> pure ()
|
2019-10-07 02:17:08 +03:00
|
|
|
CheckAllVulnerable -> do
|
2019-10-28 17:41:45 +03:00
|
|
|
setupNixpkgs undefined
|
2019-10-07 02:17:08 +03:00
|
|
|
updates <- T.readFile "packages-to-update.txt"
|
2020-04-06 03:23:12 +03:00
|
|
|
cveAll (Options undefined undefined undefined undefined undefined) updates
|
2019-10-07 02:17:08 +03:00
|
|
|
CheckVulnerable productID oldVersion newVersion -> do
|
2019-10-28 17:41:45 +03:00
|
|
|
setupNixpkgs undefined
|
2019-10-07 02:17:08 +03:00
|
|
|
report <-
|
|
|
|
cveReport
|
2020-04-06 03:23:12 +03:00
|
|
|
(UpdateEnv productID oldVersion newVersion Nothing (Options False False undefined False False))
|
2019-10-07 02:17:08 +03:00
|
|
|
T.putStrLn report
|
2019-10-13 00:37:34 +03:00
|
|
|
SourceGithub -> do
|
|
|
|
token <- getGithubToken
|
|
|
|
updates <- T.readFile "packages-to-update.txt"
|
|
|
|
setupNixpkgs token
|
2020-02-09 02:24:37 +03:00
|
|
|
P.setEnv "GITHUB_TOKEN" (T.unpack token) True
|
2020-04-06 03:23:12 +03:00
|
|
|
sourceGithubAll (Options False False token False False) updates
|
2020-01-20 02:13:28 +03:00
|
|
|
FetchRepology -> Repology.fetch
|