Introduce snapshots to distribute advisories

[blackheaven]

---

hsec-tools

• [x] Previous advisories are still valid

TBD

• [ ] Design review @frasertweedale
• [x] Rebase @blackheaven
• [ ] Setup empty branch @blackheaven
• [ ] Merge @blackheaven
• [ ] Enable tests @blackheaven

[blackheaven]

@frasertweedale I think the failure is expected as the file is oob (not tracked in Git history)

[blackheaven]

@frasertweedale FYI, I have revert back to toml-parser and properly tested FrontMatter rendering

[blackheaven]

@frasertweedale can you review it again, so I can move forward (see items in the description)

[blackheaven]

I won't lie, it was one of the most painful rebase I had to do.

@frasertweedale good luck :)

[frasertweedale]

Seven hour train ride on Wednesday. Should be enough time, I hope :)

[frasertweedale]

Why so much reformatting? :sob:

@blackheaven did you reformat using some formatter? If so, it would be better to tackle that as the first commit, and keep the signal-to-noise ratio high for the subsequent commits.

Also, should we consolidate around a particular formatting tool? (I'm not really a fan, but I'm even more not a fan of what happened in e72abb5ac60f6b3230054c12b40433ecec648d28 ^_^)

[Kleidukos]

(I would advise fourmolu, as it is diff-friendly and reduces the noise of each commit)

[frasertweedale]

@blackheaven some of the error formatting undoes Mango's Exception instance work. I can fix it up if you like.

[blackheaven]

Actually it was a mistake, @TristanCacqueray enforced fourmolu, but hls does not take le configuration file in account when formatting.

I'm afraid that fixing reformatting during rebase might be a nightmare.

@frasertweedale either you have some time to revert back Mango's work, or highlight where I have overwritten them.

[frasertweedale]

@frasertweedale either you have some time to revert back Mango's work, or highlight where I have overwritten them.

Yes, I'll make the changes and then we can compare and review. Expect it tomorrow. Apart from that, there was just one comment so far. I've read most of the diffs and the new code LGTM at a high level. Still need to test, also.

[frasertweedale]

@frasertweedale either you have some time to revert back Mango's work, or highlight where I have overwritten them.

Yes, I'll make the changes and then we can compare and review. Expect it tomorrow. Apart from that, there was just one comment so far. I've read most of the diffs and the new code LGTM at a high level. Still need to test, also.

I see that later commits in the series put everything back the way it was. The commit history is a winding road but all is well at the destination.

I will do some testing. Unless I find bugs / regressions, I will merge it :)

[blackheaven]

I have done the changes (fixings root directory and using etag), let me know what you think.

[frasertweedale]

@blackheaven thanks mate. I fly home to Australia tomorrow so I will have time to review it!

[blackheaven]

Have a nice flight back!

[frasertweedale]

uh @blackheaven, did you push your changes? I don't see them :confused:

[blackheaven]

I forgot and it conflicts everywhere, I'll rebase it (again)

[blackheaven]

Here we go

[frasertweedale]

I've reviewed and tested it. Works as expected. There are some improvements we can make but no show-stoppers. Sorry for the delay and thanks for your patience!

I pushed one new commit that adds more detail to the HTTP error messages. I'll merge when green.

[frasertweedale]

CI is busted. Dealing with it in PR https://github.com/haskell/security-advisories/pull/220.

[frasertweedale]

Finally merged. Thanks for implementing this feature, @blackheaven!