[Buildroot] [PATCH 1/1] support/scripts/pkg-stats: iterate over CVEs in streaming

Peter Korsgaard peter at korsgaard.com
Thu Feb 20 20:31:59 UTC 2020

>>>>> "Thomas" == Thomas De Schampheleire <patrickdepinguin+buildroot at gmail.com> writes:

 > Hi Titouan,
 > El jue., 20 feb. 2020 a las 19:27, Titouan Christophe
 > (<titouan.christophe at railnova.eu>) escribió:
 >> The NVD files that are used to build the list of CVEs affecting
 >> Buildroot packages are quite large (a few hundreds MB of json),
 >> and cause the pkg-stats scripts to have a huge memory footprint
 >> (a few GB with Python 2.7).
 >> However, because we only need to iterate on CVE items one by one,
 >> we can process them in streaming (ie decoding one CVE at a time
 >> from the JSON representation). Because the json module from the
 >> python standard library does not support such a mode of operation,
 >> we switch to the third-party package ijson, which is compatible
 >> with both Python 2 and Python3.
 >> To run the script with these modifications, one should install
 >> the ijson python package. This can be done with pip:
 >> `pip install ijson`. On Debian based distributions, this can
 >> also be done with the apt package manager:
 >> `apt install python-ijson`.
 >> Signed-off-by: Titouan Christophe <titouan.christophe at railnova.eu>

 > This is _way_ better. In my test run observing top output, resident
 > memory stayed around 50 MB.


 > Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire at nokia.com>
 > Tested-by: Thomas De Schampheleire <thomas.de_schampheleire at nokia.com>

Committed, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list