From 4141629bb2fd72551cc0228b2884c6598b61c53a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Tue, 10 May 2022 11:18:26 +0200
Subject: [PATCH] Don't report Debian updates if they already have been
 imported in Apertis
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

using the debian-security repository before being available
in the main Debian repository through a point release.

Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
 bin/packaging-updates | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/bin/packaging-updates b/bin/packaging-updates
index 5af7b42..274d3db 100755
--- a/bin/packaging-updates
+++ b/bin/packaging-updates
@@ -97,6 +97,20 @@ def compute_updates(data):
                         f"Skip update from {branch.version} to {branch.name}/{upstream['version']}, superseded by {base.name}/{base.version}"
                     )
                     continue
+                # Don't report Debian updates if they already have been imported in Apertis
+                # using the debian-security repository before being available
+                # in the main Debian repository through a point release.
+                branch_sec = branch.name + "-security"
+                base_sec = git.branches.get(branch_sec)
+                if base_sec:
+                    base_sec = types.SimpleNamespace(**base_sec)
+                    if upstream["version"] <= debian.debian_support.Version(
+                        base_sec.version
+                    ):
+                        logging.debug(
+                            f"Skip update from {branch.version} to {branch.name}/{upstream['version']}, already imported in {base_sec.name}/{base_sec.version}"
+                        )
+                        continue
             updatable(package, base, branch, upstream)
 
     return ret
-- 
GitLab