diff options
| author | Marta Rybczynska <rybczynska@gmail.com> | 2022-03-29 14:54:32 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-06-11 10:06:09 +0100 |
| commit | 9868f9914901210e4586194750905e93256fb372 (patch) | |
| tree | 228923bd0697fb75a5b3fa532faa536242af6c7c /meta-yocto-bsp | |
| parent | f2d12bc50bc744afee0a9f9f393335ae6b44dbcc (diff) | |
| download | poky-9868f9914901210e4586194750905e93256fb372.tar.gz | |
cve-check: add coverage statistics on recipes with/without CVEs
Until now the CVE checker was giving information about CVEs found for
a product (or more products) contained in a recipe. However, there was
no easy way to find out which products or recipes have no CVEs. Having
no reported CVEs might mean there are simply none, but can also mean
a product name (CPE) mismatch.
This patch adds CVE_CHECK_COVERAGE option enabling a new type of
statistics. Then we use the new JSON format to report the information.
The legacy text mode report does not contain it.
This option is expected to help with an identification of recipes with
mismatched CPEs, issues in the database and more.
This work is based on [1], but adding the JSON format makes it easier
to implement, without additional result files.
[1] https://lists.openembedded.org/g/openembedded-core/message/159873
(From OE-Core rev: c63d06becc340270573bdef2630749db1f5230d4)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d1849a1facd64fa0bcf8336a0ed5fbf71b2e3cb5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta-yocto-bsp')
0 files changed, 0 insertions, 0 deletions