summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKhem Raj <raj.khem@gmail.com>2020-07-08 21:07:48 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-08-04 22:17:37 (GMT)
commit46809da0bb0221ab96bde218a9398d58da38a4c0 (patch)
treef0e1d4f5af51c259263797423de9f75926cd0e3b
parent923b91efb8bf298537a80faccbd78066ca68c07c (diff)
downloadpoky-46809da0bb0221ab96bde218a9398d58da38a4c0.tar.gz
cve-check: Run it after do_fetch
Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in metadata, this could fail cve_check ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001 This patch ensures that download is done before running CVE scan, even though these will be external patches and may not contain CVE tags as it expects, but it will fix the run failures as seen above (From OE-Core rev: dbf143d79476e54e8da93101fc16eaedeec88362) (From OE-Core rev: 4b65abc70e84187f666e2ea2ab4dcf6bf7216658) Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/cve-check.bbclass2
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 2a530a0..556ac6e 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -65,7 +65,7 @@ python do_cve_check () {
65 65
66} 66}
67 67
68addtask cve_check before do_build 68addtask cve_check before do_build after do_fetch
69do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db" 69do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db"
70do_cve_check[nostamp] = "1" 70do_cve_check[nostamp] = "1"
71 71