diff options
author | Noe Galea <ngalea@thegoodpenguin.co.uk> | 2024-05-17 20:27:24 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-05-29 20:58:49 +0100 |
commit | 66aac2588d7b28b28694af48eac6d9b368098ba2 (patch) | |
tree | eac4a41a33fb0ab5d0efbe7f9476d7ae59b7343b /documentation | |
parent | b392401b4628a0881071c0758c2565f77b92b0d3 (diff) | |
download | poky-66aac2588d7b28b28694af48eac6d9b368098ba2.tar.gz |
manuals: document NVDCVE_API_KEY variable
Add brief documentation of NVDCVE_API_KEY variable, that was added
in 4.2.3, and emphasize that its use results in lower NVD API request
times.
(From yocto-docs rev: 9c7b452441bad2d7c929383d4665dfddb8f7ea72)
Signed-off-by: Noe Galea <ngalea@thegoodpenguin.co.uk>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reviewed-by: Andrew Murray <amurray@thegoodpenguin.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'documentation')
-rw-r--r-- | documentation/dev-manual/vulnerabilities.rst | 4 | ||||
-rw-r--r-- | documentation/ref-manual/variables.rst | 15 |
2 files changed, 19 insertions, 0 deletions
diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst index 1bc2a85929..983d4ad3c6 100644 --- a/documentation/dev-manual/vulnerabilities.rst +++ b/documentation/dev-manual/vulnerabilities.rst | |||
@@ -57,6 +57,10 @@ applied and that the issue needs to be investigated. ``Ignored`` means that afte | |||
57 | analysis, it has been deemed to ignore the issue as it for example affects | 57 | analysis, it has been deemed to ignore the issue as it for example affects |
58 | the software component on a different operating system platform. | 58 | the software component on a different operating system platform. |
59 | 59 | ||
60 | By default, no NVD API key is used to retrieve data from the CVE database, which | ||
61 | results in larger delays between NVD API requests. See the :term:`NVDCVE_API_KEY` | ||
62 | documentation on how to request and set a NVD API key. | ||
63 | |||
60 | After a build with CVE check enabled, reports for each compiled source recipe will be | 64 | After a build with CVE check enabled, reports for each compiled source recipe will be |
61 | found in ``build/tmp/deploy/cve``. | 65 | found in ``build/tmp/deploy/cve``. |
62 | 66 | ||
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst index 3f37f42f21..6b5b5c0762 100644 --- a/documentation/ref-manual/variables.rst +++ b/documentation/ref-manual/variables.rst | |||
@@ -5585,6 +5585,21 @@ system and gives an overview of their function and contents. | |||
5585 | 5585 | ||
5586 | NON_MULTILIB_RECIPES = "grub grub-efi make-mod-scripts ovmf u-boot" | 5586 | NON_MULTILIB_RECIPES = "grub grub-efi make-mod-scripts ovmf u-boot" |
5587 | 5587 | ||
5588 | :term:`NVDCVE_API_KEY` | ||
5589 | The NVD API key used to retrieve data from the CVE database when | ||
5590 | using :ref:`ref-classes-cve-check`. | ||
5591 | |||
5592 | By default, no API key is used, which results in larger delays between API | ||
5593 | requests and limits the number of queries to the public rate limits posted | ||
5594 | at the `NVD developer's page <https://nvd.nist.gov/developers/start-here>`__. | ||
5595 | |||
5596 | NVD API keys can be requested through the | ||
5597 | `Request an API Key <https://nvd.nist.gov/developers/request-an-api-key>`__ | ||
5598 | page. You can set this variable to the NVD API key in your ``local.conf`` file. | ||
5599 | Example:: | ||
5600 | |||
5601 | NVDCVE_API_KEY = "fe753&7a2-1427-347d-23ff-b2e2b7ca5f3" | ||
5602 | |||
5588 | :term:`OBJCOPY` | 5603 | :term:`OBJCOPY` |
5589 | The minimal command and arguments to run ``objcopy``. | 5604 | The minimal command and arguments to run ``objcopy``. |
5590 | 5605 | ||