Don't report Debian updates if they already have been imported in Apertis

using the debian-security repository before being available in the main Debian repository through a point release. Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>

Don't report Debian updates if they already have been imported in Apertis
using the debian-security repository before being available in the main Debian repository through a point release. Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
4141629b · Dylan Aïssi · 17ca61a5 · 4141629b
Commit 4141629b authored 2 years ago by Dylan Aïssi
--- a/bin/packaging-updates
+++ b/bin/packaging-updates
@@ -97,6 +97,20 @@ def compute_updates(data):
                        f"Skip update from {branch.version} to {branch.name}/{upstream['version']}, superseded by {base.name}/{base.version}"
                    )
                    continue
+                # Don't report Debian updates if they already have been imported in Apertis
+                # using the debian-security repository before being available
+                # in the main Debian repository through a point release.
+                branch_sec = branch.name + "-security"
+                base_sec = git.branches.get(branch_sec)
+                if base_sec:
+                    base_sec = types.SimpleNamespace(**base_sec)
+                    if upstream["version"] <= debian.debian_support.Version(
+                        base_sec.version
+                    ):
+                        logging.debug(
+                            f"Skip update from {branch.version} to {branch.name}/{upstream['version']}, already imported in {base_sec.name}/{base_sec.version}"
+                        )
+                        continue
            updatable(package, base, branch, upstream)

    return ret