Code Review / puppet-modules / puppetlabs-apt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (from parent 1: e9b2b12)
debian-updates is not security updates
authorKolbjørn Barmen <kolbjorn.barmen@uninett.no>
Fri, 3 Nov 2017 10:14:35 +0000 (11:14 +0100)
committerKolbjørn Barmen <kolbjorn.barmen@uninett.no>
Fri, 3 Nov 2017 10:14:35 +0000 (11:14 +0100)
Debian-updates are pending packages between dot-releases,
they are not security updates. When Debian has a dot-release,
for example 8.7, debian-updates is empty. Between 8.7 and 8.8,
updates packages go to debian-updates, and on 8.8, all packages
in debian-updates are moved (or replaced) by packages in the main
repo, leaving debian-updates empty again. Security updates are
managed outside of this.

lib/facter/apt_updates.rb patch | blob | history

diff --git a/lib/facter/apt_updates.rb b/lib/facter/apt_updates.rb
index f0fa3026918073ac2598d351dae9b85460b26064..89bc37e20ba4d497b805e4940252f10c6afdd17e 100644 (file)
--- a/lib/facter/apt_updates.rb
+++ b/lib/facter/apt_updates.rb
@@ -10,7 +10,6 @@ Facter.add('apt_has_updates') do
         package = line.gsub(%r{^Inst\s([^\s]+)\s.*}, '\1').strip
         apt_package_updates[0].push(package)
         security_matches = [
-          %r{ Debian[^\s]+-updates[, ]},
           %r{ Debian-Security:},
           %r{ Ubuntu[^\s]+-security[, ]},
           %r{ gNewSense[^\s]+-security[, ]},