Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[android] Add automation #87

Open
marcwrobel opened this issue Mar 30, 2023 · 4 comments
Open

[android] Add automation #87

marcwrobel opened this issue Mar 30, 2023 · 4 comments
Labels
enhancement New feature or request

Comments

@marcwrobel
Copy link
Member

Android security bulletins can be found on https://source.android.com/docs/security/bulletin/2022. But it may be simpler to use tags on https://android.googlesource.com/platform/build/+refs.

This relates to endoflife-date/endoflife.date#2735 (comment).
@marcwrobel marcwrobel added the enhancement New feature or request label Mar 30, 2023
@marcwrobel
Copy link
Member Author

First thing to do : test if we can use https://android.googlesource.com/platform/build in the auto configuration of the Android product page. Maybe there is nothing specific to do for Android ?

@marcwrobel
Copy link
Member Author

Tried using :

auto:
-   git: "https://android.googlesource.com/platform/frameworks/base"
    regex: '^android(?<qualifier>-mainline|-platform|-security)?-(?<version>[\d\.]+_r\d+)$'
    template: '{{version}}{{qualifier}}'

Result :

diff --git c/products/android.md i/products/android.md
index d3dd9a54..e46af2d4 100644
--- c/products/android.md
+++ i/products/android.md
@@ -14,135 +14,176 @@ releaseColumn: false
 releaseDateColumn: true
 eolColumn: Security Support
 
+auto:
+-   git: "https://android.googlesource.com/platform/frameworks/base"
+    regex: '^android(?<qualifier>-mainline|-platform|-security)?-(?<version>[\d\.]+_r\d+)$'
+    template: '{{version}}{{qualifier}}'
+
 releases:
 -   releaseCycle: "13"
     codename: Tiramisu
-    eol: false
     releaseDate: 2022-08-15
+    eol: false
+    latest: '13.0.0_r37'
+    latestReleaseDate: 2023-03-20
 
 -   releaseCycle: "12.1"
     codename: Snow Cone v2
     releaseLabel: 12.1 'Snow Cone v2' (aka 12L)
-    eol: false
     releaseDate: 2022-03-07
+    eol: false
+    latest: '12.1.0_r13-platform'
+    latestReleaseDate: 2023-03-13
     link: https://developer.android.com/about/versions/12/12L
 
--   releaseCycle: "12"
+-   releaseCycle: "12.0"
     codename: Snow Cone
-    eol: false
     releaseDate: 2021-10-04
+    eol: false
+    latest: '12.0.0_r45'
+    latestReleaseDate: 2023-03-14
 
 -   releaseCycle: "11"
     codename: Red Velvet Cake
+    releaseDate: 2020-09-07
     eol: false
-    releaseDate: 2020-09-08
+    latest: '11.0.0_r65'
+    latestReleaseDate: 2023-03-13
 
 -   releaseCycle: "10"
     codename: Queen Cake
+    releaseDate: 2019-08-23
     eol: 2023-03-06
-    releaseDate: 2019-09-03
+    latest: '10.0.0_r75'
+    latestReleaseDate: 2023-02-06
 
 -   releaseCycle: "9"
     codename: Pie
+    releaseDate: 2018-07-24
     eol: true
-    releaseDate: 2018-08-06
+    latest: '9.0.0_r76'
+    latestReleaseDate: 2022-01-04
     link: https://developer.android.com/about/versions/pie
 
 -   releaseCycle: "8.1"
     codename: Oreo
-    eol: true
     releaseDate: 2017-12-05
+    eol: true
+    latest: '8.1.0_r93'
+    latestReleaseDate: 2021-10-04
     link: https://developer.android.com/about/versions/oreo/android-8.1
 
 -   releaseCycle: "8.0"
     codename: Oreo
     eol: true
     releaseDate: 2017-08-21
+    latest: '8.0.0_r54'
+    latestReleaseDate: 2021-01-04
     link: https://developer.android.com/about/versions/oreo
 
 -   releaseCycle: "7"
     codename: Nougat
-    eol: true
     releaseDate: 2016-08-22
+    eol: true
+    latest: '7.1.2_r39'
+    latestReleaseDate: 2019-10-04
     link: https://developer.android.com/about/versions/nougat
 
 -   releaseCycle: "6"
     codename: Marshmallow
+    releaseDate: 2015-10-02
     eol: true
-    releaseDate: 2015-10-05
+    latest: '6.0.1_r81'
+    latestReleaseDate: 2017-10-03
     link: https://developer.android.com/about/versions/marshmallow
 
 -   releaseCycle: "5"
     codename: Lollipop
+    releaseDate: 2014-11-03
     eol: true
-    releaseDate: 2014-11-12
+    latest: '5.1.1_r38'
+    latestReleaseDate: 2016-07-19
     link: https://developer.android.com/about/versions/lollipop
 
 -   releaseCycle: "4.4"
     codename: KitKat
+    releaseDate: 2013-12-05
     eol: true
-    releaseDate: 2013-10-31
+    latest: '4.4.4_r2'
+    latestReleaseDate: 2014-07-07
     link: https://developer.android.com/about/versions/kitkat
 
 -   releaseCycle: "4.1"
     codename: Jelly Bean
-    eol: true
     releaseDate: 2012-07-09
-    link: null
+    eol: true
+    latest: '4.1.2_r2'
+    latestReleaseDate: 2013-05-14
+    link:
 
--   releaseCycle: "4"
+-   releaseCycle: "4.0"
     codename: Ice Cream Sandwich
+    releaseDate: 2011-11-14
     eol: true
-    releaseDate: 2011-10-18
-    link: null
+    latest: '4.4.4_r2'
+    latestReleaseDate: 2014-07-07
+    link:
 
 -   releaseCycle: "3"
     codename: Honeycomb
+    releaseDate: 2011-12-02
     eol: true
-    releaseDate: 2011-02-22
-    link: null
+    latest: '3.2.4_r1'
+    latestReleaseDate: 2011-12-02
+    link:
 
 -   releaseCycle: "2.3"
     codename: Gingerbread
+    releaseDate: 2010-12-22
     eol: true
-    releaseDate: 2010-12-06
-    link: null
+    link:
+    latest: '2.3.7_r1'
+    latestReleaseDate: 2011-09-29
 
 -   releaseCycle: "2.2"
     codename: Froyo
+    releaseDate: 2010-09-27
     eol: true
-    releaseDate: 2010-05-20
-    link: null
+    latest: '2.2.3_r2'
+    latestReleaseDate: 2011-11-21
+    link:
 
 -   releaseCycle: "2.0"
     codename: Eclair
+    releaseDate: 2010-02-02
     eol: true
-    releaseDate: 2009-10-26
-    link: null
+    latest: '2.0.1_r1'
+    latestReleaseDate: 2010-02-02
+    link:
 
 -   releaseCycle: "1.6"
     codename: Donut
-    eol: true
     releaseDate: 2009-09-15
-    link: null
+    eol: true
+    link:
 
 -   releaseCycle: "1.5"
     codename: Cupcake
-    eol: true
     releaseDate: 2009-04-27
-    link: null
+    eol: true
+    link:
 
 -   releaseCycle: "1.1"
     codename: Petit Four
-    eol: true
     releaseDate: 2009-02-09
-    link: null
+    eol: true
+    link:
 
 -   releaseCycle: "1.0"
     releaseLabel: "__RELEASE_CYCLE__"
-    eol: true
     releaseDate: 2008-09-23
-    link: null
+    eol: true
+    link:
 
 ---

Note :

  • There are many repositories: which one to use ?
  • There may be multiple tags for the same date using different qualifiers: which use to use in this case ?
  • Strange, latest.py seems to drop qualifier when it is -security !?
  • The release date is updated for some versions, usually by only a few days but sometime more (for example for 4.4). We do not want that.
  • _r numbering restart at 1 for each qualifier.

I think using android security bulletin is the best solution, but :

  • we must prevent the releaseDate to be updated,
  • we must find a way to "name" those security patch.

@captn3m0
Copy link
Member

I looked at getting the source for source.android.com to get raw bulletin access.

But alas: https://android.googlesource.com/platform/docs/source.android.com/+/refs/heads/main/README.txt says:

As of July 2021, the source files for source.android.com are no longer mirrored here.

So we have to scrape the HTML.

@captn3m0
Copy link
Member

A few folks have written parsers for ASBs:

If we're only planning to cover ASBs, then a better source might be osv.dev, which offers a data-dump. A simple script:

wget "https://osv-vulnerabilities.storage.googleapis.com/Android/all.zip"
unzip all.zip -d Android
cat Android/*.json | jq '.affected[]|.ranges[]|.events[]|.fixed'|sort -u

gets us quite a lot of versions:

"10:2020-07-01"
"10:2020-08-01"
"10:2020-09-01"
"10:2020-10-01"
"10:2020-11-01"
"10:2020-12-01"
"10:2021-01-01"
"10:2021-02-01"
"10:2021-03-01"
"10:2021-04-01"
"10:2021-05-01"
"10:2021-06-01"
"10:2021-06-05"
"10:2021-07-01"
"10:2021-07-05"
"10:2021-08-01"
"10:2021-09-01"
"10:2021-10-01"
"10:2021-10-05"
"10:2021-11-01"
"10:2021-11-05"
"10:2021-12-01"
"10:2021-12-05"
"10:2022-01-01"
"10:2022-02-01"
"10:2022-02-05"
"10:2022-03-01"
"10:2022-04-01"
"10:2022-04-05"
"10:2022-05-01"
"10:2022-06-01"
"10:2022-07-01"
"10:2022-08-01"
"10:2022-09-01"
"10:2022-10-01"
"10:2022-11-01"
"10:2022-12-01"
"10:2023-01-01"
"10:2023-02-01"
"11:2020-10-01"
"11:2020-11-01"
"11:2020-12-01"
"11:2021-01-01"
"11:2021-02-01"
"11:2021-03-01"
"11:2021-04-01"
"11:2021-04-05"
"11:2021-05-01"
"11:2021-05-05"
"11:2021-06-01"
"11:2021-06-05"
"11:2021-07-01"
"11:2021-07-05"
"11:2021-08-01"
"11:2021-09-01"
"11:2021-10-01"
"11:2021-10-05"
"11:2021-11-01"
"11:2021-11-05"
"11:2021-12-01"
"11:2021-12-05"
"11:2022-01-01"
"11:2022-02-01"
"11:2022-02-05"
"11:2022-03-01"
"11:2022-04-01"
"11:2022-04-05"
"11:2022-05-01"
"11:2022-06-01"
"11:2022-07-01"
"11:2022-08-01"
"11:2022-09-01"
"11:2022-10-01"
"11:2022-11-01"
"11:2022-12-01"
"11:2023-01-01"
"11:2023-02-01"
"11:2023-03-01"
"11:2023-04-01"
"11:2023-05-01"
"11:2023-06-01"
"11:2023-07-01"
"12:2021-11-01"
"12:2021-11-05"
"12:2021-12-01"
"12:2021-12-05"
"12:2022-01-01"
"12:2022-01-05"
"12:2022-02-01"
"12:2022-02-05"
"12:2022-03-01"
"12:2022-04-01"
"12:2022-04-05"
"12:2022-05-01"
"12:2022-06-01"
"12:2022-07-01"
"12:2022-07-05"
"12:2022-08-01"
"12:2022-09-01"
"12:2022-10-01"
"12:2022-11-01"
"12:2022-12-01"
"12:2023-01-01"
"12:2023-02-01"
"12:2023-03-01"
"12:2023-04-01"
"12:2023-05-01"
"12:2023-06-01"
"12:2023-07-01"
"12L:2022-03-01"
"12L:2022-04-01"
"12L:2022-04-05"
"12L:2022-05-01"
"12L:2022-06-01"
"12L:2022-07-01"
"12L:2022-07-05"
"12L:2022-08-01"
"12L:2022-09-01"
"12L:2022-10-01"
"12L:2022-11-01"
"12L:2022-12-01"
"12L:2023-01-01"
"12L:2023-02-01"
"12L:2023-03-01"
"12L:2023-04-01"
"12L:2023-05-01"
"12L:2023-06-01"
"12L:2023-07-01"
"13:2022-09-01"
"13:2022-10-01"
"13:2022-11-01"
"13:2022-12-01"
"13:2023-01-01"
"13:2023-02-01"
"13:2023-03-01"
"13:2023-04-01"
"13:2023-05-01"
"13:2023-06-01"
"13:2023-07-01"
":2020-07-05"
":2020-08-05"
":2020-09-05"
":2020-10-05"
":2020-12-05"
":2021-01-05"
":2021-02-05"
":2021-03-05"
":2021-04-05"
":2021-05-05"
":2021-06-05"
":2021-08-05"
":2021-10-05"
":2021-11-05"
":2021-11-06"
":2021-12-05"
":2022-01-05"
":2022-03-05"
":2022-04-05"
":2022-05-05"
":2022-06-05"
":2022-07-05"
":2022-08-05"
":2022-09-05"
":2022-10-05"
":2022-12-05"
":2023-01-05"
":2023-02-05"
":2023-03-05"
":2023-04-05"
":2023-05-05"
":2023-07-05"
"8.0:2020-07-01"
"8.0:2020-08-01"
"8.0:2020-09-01"
"8.0:2020-10-01"
"8.0:2020-11-01"
"8.0:2020-12-01"
"8.0:2021-01-01"
"8.0:2021-02-01"
"8.1:2020-07-01"
"8.1:2020-08-01"
"8.1:2020-09-01"
"8.1:2020-10-01"
"8.1:2020-11-01"
"8.1:2020-12-01"
"8.1:2021-01-01"
"8.1:2021-02-01"
"8.1:2021-03-01"
"8.1:2021-04-01"
"8.1:2021-05-01"
"8.1:2021-06-01"
"8.1:2021-06-05"
"8.1:2021-07-01"
"8.1:2021-07-05"
"8.1:2021-08-01"
"8.1:2021-09-01"
"8.1:2021-10-01"
"8.1:2021-10-05"
"8.1:2021-11-05"
"9:2020-07-01"
"9:2020-08-01"
"9:2020-09-01"
"9:2020-10-01"
"9:2020-11-01"
"9:2020-12-01"
"9:2021-01-01"
"9:2021-02-01"
"9:2021-03-01"
"9:2021-04-01"
"9:2021-04-05"
"9:2021-05-01"
"9:2021-06-01"
"9:2021-06-05"
"9:2021-07-01"
"9:2021-07-05"
"9:2021-08-01"
"9:2021-09-01"
"9:2021-10-01"
"9:2021-10-05"
"9:2021-11-01"
"9:2021-11-05"
"9:2021-12-01"
"9:2021-12-05"
"9:2022-01-01"
null
"oc-mr1:2021-09-05"
"pi:2021-09-05"

There's some inaccurate ones as well, but we can figure that out. I'll go ahead with this approach, if it sounds good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@captn3m0 @marcwrobel