Created attachment 8803165 [details] mfsa2016-87.yml I have a mfsa-2016-87.md in bedrock as an advisory. This was processed and went live on the website. I later replaced it with mfsa-2016-87.yml, which I was told should replace the existing markdown advisory with the yaml one once it is processed. Instead, it just deleted mfsa-2016-87, removing it from the index, and giving me a 404 on the URL. https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/ Attached are the two files used.
The advisory looks live to me.
Here's what happened: 1) the library saw that a file with the same base name (minus extension) was both added and removed. It then removed the entry in the db, and also tried to load the new file. Because the YAML file contained an empty record for "description" the processor got None for that key, but expected a string. So it failed to import the new file, leaving nothing in the DB for that MFSA ID. Since the .md file has since been restored, I was able to manually reimport all of the advisories and it is now back. I need to do the following to make sure this doesn't happen again: 1) Ensure that if a file changes extension that it is seen only as modified, not removed and added. 2) Ensure that a valid YAML key doesn't break things if the value is None. 3) Add a check for None values to the linter to try to keep the files clean.
Assignee: nobody → pmac
Status: NEW → ASSIGNED
Commits pushed to master at https://github.com/mozilla/bedrock https://github.com/mozilla/bedrock/commit/dae549b82c2de5ebd460c07956e07e8f03460314 Fix bug 1311863: Do not delete updated MFSA files This can occur when a file extension changes. The MFSA ID will be seen as updated and deleted. We now filter IDs that are modified from those we'll delete so that even if the import of the new file fails, it won't delete the old one. https://github.com/mozilla/bedrock/commit/3d2661a72738f5bd61feb71c1080cd4be9197967 Merge pull request #4428 from pmac/mfsa-ensure-updated-not-deleted-1311863 Fix bug 1311863: Do not delete updated MFSA files
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.