feat: Add JSON output for updateinfo

[walkerever]

This is a backporting for the feature introduced to dnf5 by the following pull requests:

• Add JSON output to advisory list dnf5#1531
• Add --json output to advisory info dnf5#1970

The feature enables JSON format output for updateinfo command.

[pep8speaks]

Hello @walkerever! Thanks for updating this PR. We checked the lines you've touched for PEP 8 issues, and found:

• In the file dnf/cli/commands/updateinfo.py:

Line 416:62: E502 the backslash is redundant between brackets
Line 417:65: E502 the backslash is redundant between brackets

Comment last updated at 2025-01-28 01:22:39 UTC

[walkerever]

for pep8 check, seems always switching between W50x;) Pls advise if that's a hard blocker for the project. thanks.

A test about copr, enable/disable project failed, it can hardly be related to this change. But it seems I don't have permission just to rerun the test.

[walkerever]

Known limit as best effort without introducing significant code changes:

• status/vendor field not available as they're not present in the advisory object . Chose to live without them considering the cost to bring them in.

bash-5.2# dnf updateinfo --list --all ALAS2023-2024-518  --json
[
  {
    "name": "ALAS2023-2024-518",
    "type": "security",
    "severity": "Medium",
    "nevra": "vim-common-2:9.0.2153-1.amzn2023.x86_64",
    "buildtime": "2024-02-29 10:29:00"
  },
  {
    "name": "ALAS2023-2024-518",
    "type": "security",
    "severity": "Medium",
    "nevra": "vim-data-2:9.0.2153-1.amzn2023.noarch",
    "buildtime": "2024-02-29 10:29:00"
  },
  {
    "name": "ALAS2023-2024-518",
    "type": "security",
    "severity": "Medium",
    "nevra": "vim-enhanced-2:9.0.2153-1.amzn2023.x86_64",
    "buildtime": "2024-02-29 10:29:00"
  },
  {
    "name": "ALAS2023-2024-518",
    "type": "security",
    "severity": "Medium",
    "nevra": "vim-filesystem-2:9.0.2153-1.amzn2023.noarch",
    "buildtime": "2024-02-29 10:29:00"
  },
  {
    "name": "ALAS2023-2024-518",
    "type": "security",
    "severity": "Medium",
    "nevra": "vim-minimal-2:9.0.2153-1.amzn2023.x86_64",
    "buildtime": "2024-02-29 10:29:00"
  },
  {
    "name": "ALAS2023-2024-518",
    "type": "security",
    "severity": "Medium",
    "nevra": "xxd-2:9.0.2153-1.amzn2023.x86_64",
    "buildtime": "2024-02-29 10:29:00"
  }
]
bash-5.2# dnf updateinfo --info --all ALAS2023-2024-518  --json
{
  "ALAS2023-2024-518": {
    "Name": "ALAS2023-2024-518",
    "Title": "Amazon Linux 2023 - ALAS2023-2024-518: Medium priority package update for vim",
    "Severity": "Medium",
    "Type": "security",
    "Status": null,
    "Vendor": null,
    "Issued": "2024-02-29 10:29:00",
    "Description": "Package updates are available for Amazon Linux 2023 that fix the following vulnerabilities:\nCVE-2024-22667:\n\tVim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.\n\nCVE-2023-48706:\n\tVim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue.\n",
    "Message": "",
    "Rights": null,
    "references": [
      {
        "Title": "",
        "Id": "CVE-2023-48706",
        "Type": "cve",
        "Url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48706"
      },
      {
        "Title": "",
        "Id": "CVE-2024-22667",
        "Type": "cve",
        "Url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22667"
      }
    ],
    "collections": {
      "packages": [
        "vim-enhanced-debuginfo-2:9.0.2153-1.amzn2023.x86_64",
        "xxd-2:9.0.2153-1.amzn2023.x86_64",
        "vim-default-editor-2:9.0.2153-1.amzn2023.noarch",
        "vim-minimal-2:9.0.2153-1.amzn2023.x86_64",
        "xxd-debuginfo-2:9.0.2153-1.amzn2023.x86_64",
        "vim-filesystem-2:9.0.2153-1.amzn2023.noarch",
        "vim-debuginfo-2:9.0.2153-1.amzn2023.x86_64",
        "vim-enhanced-2:9.0.2153-1.amzn2023.x86_64",
        "vim-data-2:9.0.2153-1.amzn2023.noarch",
        "vim-minimal-debuginfo-2:9.0.2153-1.amzn2023.x86_64",
        "vim-debugsource-2:9.0.2153-1.amzn2023.x86_64",
        "vim-common-2:9.0.2153-1.amzn2023.x86_64",
        "vim-enhanced-debuginfo-2:9.0.2153-1.amzn2023.aarch64",
        "vim-minimal-2:9.0.2153-1.amzn2023.aarch64",
        "xxd-2:9.0.2153-1.amzn2023.aarch64",
        "vim-enhanced-2:9.0.2153-1.amzn2023.aarch64",
        "vim-debuginfo-2:9.0.2153-1.amzn2023.aarch64",
        "vim-minimal-debuginfo-2:9.0.2153-1.amzn2023.aarch64",
        "xxd-debuginfo-2:9.0.2153-1.amzn2023.aarch64",
        "vim-debugsource-2:9.0.2153-1.amzn2023.aarch64",
        "vim-common-2:9.0.2153-1.amzn2023.aarch64"
      ]
    }
  }
}