Skip to content

[review] os: implement build-deps #4024

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 16 commits into
base: main
Choose a base branch
from
Draft

[review] os: implement build-deps #4024

wants to merge 16 commits into from

Conversation

mcgov
Copy link
Collaborator

@mcgov mcgov commented Sep 30, 2025

Implements apt-get build-dep, dnf/yum build-dep, and zypper si -d to install source package build dependencies using the package manager source package metadata.

@mcgov
Copy link
Collaborator Author

mcgov commented Oct 1, 2025

Oh wow I realized we aren't actually confirming to the apt sources standard. We parse the output of apt update instead for some reason. I might go ahead and fix that as well.

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 2, 2025
View reviewed changes
lisa/operating_system.py
r"URIs:\s*(?P<uri>\S+)\s*"
r"Suites:\s*(?P<suite>.*)\n"
r"Components:\s*(?P<components>.+?)\s*"
r"(?P<options>((?:\S+:\s*.+)\n?)*)$"

Check failure

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with 'Types:\tURIs:!Suites:\nComponents:a' and containing many repetitions of '!:!'.
lisa/operating_system.py
r"URIs:\s*(?P<uri>\S+)\s*"
r"Suites:\s*(?P<suite>.*)\n"
r"Components:\s*(?P<components>.+?)\s*"
r"(?P<options>((?:\S+:\s*.+)\n?)*)$"

Check failure

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with 'Types:\tURIs:!Suites:\nComponents:a!:' and containing many repetitions of 'a!:'.
lisa/operating_system.py
r"(?P<status>\S+):(?P<id>\d+)\s+(?P<uri>\S+)\s+(?P<name>\S+)"
r"\s+(?P<metadata>.*)\s*"
r"^(?P<type>deb(?:-src)?)\s+" # deb or deb-src
r"(?P<options>(?:\w+=\w+\s?)*)\s" # [option1=value1 ...]

Check failure

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with 'deb\t0=' and containing many repetitions of '000='.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@squirrelsc squirrelsc Awaiting requested review from squirrelsc squirrelsc will be requested when the pull request is marked ready for review squirrelsc is a code owner

@LiliDeng LiliDeng Awaiting requested review from LiliDeng LiliDeng will be requested when the pull request is marked ready for review LiliDeng is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mcgov