a35f51cee1
The NVD files that are used to build the list of CVEs affecting Buildroot packages are quite large (a few hundreds MB of json), and cause the pkg-stats scripts to have a huge memory footprint (a few GB with Python 2.7). However, because we only need to iterate on CVE items one by one, we can process them in streaming (ie decoding one CVE at a time from the JSON representation). Because the json module from the python standard library does not support such a mode of operation, we switch to the third-party package ijson, which is compatible with both Python 2 and Python3. To run the script with these modifications, one should install the ijson python package. This can be done with pip: `pip install ijson`. On Debian based distributions, this can also be done with the apt package manager: `apt install python-ijson`. Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu> Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
---|---|---|
.. | ||
config-fragments | ||
dependencies | ||
docker | ||
download | ||
gnuconfig | ||
kconfig | ||
legal-info | ||
libtool | ||
misc | ||
scripts | ||
testing |