17 files changed, 427 insertions, 798 deletions
diff --git a/documentation/dev-manual/bblock.rst b/documentation/dev-manual/bblock.rst
new file mode 100644
index 0000000000..605bb75655
--- /dev/null
+++ b/documentation/dev-manual/bblock.rst
@@ -0,0 +1,129 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+Locking and Unlocking Recipes Using ``bblock``
+**********************************************
+By design, the OpenEmbedded build system builds everything from scratch
+unless BitBake determines that specific tasks do not require rebuilding.
+At startup, it computes a signature for all tasks, based on the task's input.
+Then, it compares these signatures with the ones from the sstate cache (if they
+exist). Any changes cause the task to rerun.
+During development, changes might trigger BitBake to rebuild certain
+recipes, even when we know they do not require rebuilding at that stage.
+For example, modifying a recipe can lead to rebuilding its native
+counterpart, which might prove unnecessary. Editing the ``python3`` recipe,
+for instance, can prompt BitBake to rebuild ``python3-native`` along with any
+recipes that depend on it.
+To prevent this, use ``bblock`` to lock specific tasks or recipes to
+specific signatures, forcing BitBake to use the sstate cache for them.
+.. warning::
+   Use ``bblock`` only during the development phase.
+   Forcing BitBake to use the sstate cache, regardless of input changes, means
+   the recipe metadata no longer directly reflect the output. Use this feature
+   with caution. If you do not understand why signatures change, see the section
+   on :yocto_wiki:`understanding what changed </TipsAndTricks/Understanding_what_changed_(diffsigs_etc)>`.
+Locking tasks and recipes
+-------------------------
+To lock a recipe, use::
+   $ bblock recipe
+You can also use a space-separated list of recipes to lock multiple recipes::
+   $ bblock recipe1 recipe2
+Locking a recipe means locking all tasks of the recipe. If you need to
+lock only particular tasks, use the `-t` option with a comma-separated
+list of tasks::
+  $ bblock -t task1,task2 recipe
+Unlocking tasks and recipes
+---------------------------
+To unlock a recipe, use the ``-r`` option::
+   $ bblock -r recipe
+You can also use a space-separated list of recipes to unlock multiple recipes::
+   $ bblock -r recipe1 recipe2
+Unlocking a recipe means unlocking all tasks of the recipe. If you need to
+unlock only particular tasks use the ``-t`` option with a comma-separated
+list of tasks::
+  $ bblock -r -t task1,task2 recipe
+To unlock all recipes, do not specify any recipe::
+  $ bblock -r
+Configuration file
+------------------
+``bblock`` will dump the signatures in the ``build/conf/bblock.conf`` file,
+included by default in :oe_git:`meta/conf/bitbake.conf </openembedded-core/tree/meta/conf/bitbake.conf>`.
+To dump the file, use the ``-d`` option::
+  $ bblock -d
+Locking mechanism
+-----------------
+``bblock`` computes the signature(s) of the task(s) and sets the 3 following
+variables: :term:`SIGGEN_LOCKEDSIGS`, :term:`SIGGEN_LOCKEDSIGS_TYPES`
+and :term:`SIGGEN_LOCKEDSIGS_TASKSIG_CHECK`.
+In particular, ``bblock`` sets::
+  SIGGEN_LOCKEDSIGS_TASKSIG_CHECK = "info"
+  SIGGEN_LOCKEDSIGS_TYPES += "${PACKAGE_ARCHS}"
+  SIGGEN_LOCKEDSIGS_<package_arch> += "<recipe>:<task>:<signature>"
+This produces architecture specific locks and reminds user that some tasks
+have locked signatures.
+Example
+-------
+When working on the ``python3`` recipe, we can lock ``python3-native`` with
+the following::
+  $ bblock python3-native
+  $ bblock -d
+  # Generated by bblock
+  SIGGEN_LOCKEDSIGS_TASKSIG_CHECK = "info"
+  SIGGEN_LOCKEDSIGS_TYPES += "${PACKAGE_ARCHS}"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_patch:865859c27e603ba42025b7bb766c3cd4c0f477e4962cfd39128c0619d695fce7"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_populate_sysroot:f8fa5d3194cef638416000252b959e86d0a19f6b7898e1f56b643c588cdd8605"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_prepare_recipe_sysroot:fe295ac505d9d1143313424b201c6f3f2a0a90da40a13a905b86b874705f226a"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_fetch:1b6e4728fee631bc7a8a7006855c5b8182a8224579e32e3d0a2db77c26459f25"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_unpack:2ad74d6f865ef75c35c0e6bbe3f9a90923a6b2c62c18a3ddef514ea31fbc588f"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_deploy_source_date_epoch:15f89b8483c1ad7507480f337619bb98c26e231227785eb3543db163593e7b42"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_configure:7960c13d23270fdb12b3a7c426ce1da0d2f5c7cf5e5d3f5bdce5fa330eb7d482"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_compile:012e1d4a63f1a78fc2143bd90d704dbcf5865c5257d6272aa7540ec1cd3063d9"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_install:d3401cc2afa4c996beb154beaad3e45fa0272b9c56fb86e9db14ec3544c68f9d"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_build:fa88bb7afb9046c0417c24a3fa98a058653805a8b00eda2c2d7fea68fc42f882"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_collect_spdx_deps:cc9c53ba7c495567e9a38ec4801830c425c0d1f895aa2fc66930a2edd510d9b4"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_create_spdx:766a1d09368438b7b5a1a8e2a8f823b2b731db44b57e67d8b3196de91966f9c5"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_create_package_spdx:46f80faeab25575e9977ba3bf14c819489c3d489432ae5145255635108c21020"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_recipe_qa:cb960cdb074e7944e894958db58f3dc2a0436ecf87c247feb3e095e214fec0e4"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_populate_lic:15657441621ee83f15c2e650e7edbb036870b56f55e72e046c6142da3c5783fd"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_create_manifest:24f0abbec221d27bbb2909b6e846288b12cab419f1faf9f5006ed80423d37e28"
+  SIGGEN_LOCKEDSIGS_x86_64 += "python3-native:do_addto_recipe_sysroot:bcb6a1905f113128de3f88d702b706befd6a786267c045ee82532759a7c214d7"
diff --git a/documentation/dev-manual/bmaptool.rst b/documentation/dev-manual/bmaptool.rst
index f6f0e6afaf..87162a49c9 100644
--- a/documentation/dev-manual/bmaptool.rst
+++ b/documentation/dev-manual/bmaptool.rst
@@ -1,13 +1,13 @@
 .. SPDX-License-Identifier: CC-BY-SA-2.0-UK
-Flashing Images Using ``bmaptool``
+Flashing Images Using `bmaptool`
-**********************************
+********************************
 A fast and easy way to flash an image to a bootable device is to use
-bmaptool, which is integrated into the OpenEmbedded build system.
+`bmaptool`, which is integrated into the OpenEmbedded build system.
-bmaptool is a generic tool that creates a file's block map (bmap) and
+`bmaptool` is a generic tool that creates a file's block map (bmap) and
 then uses that map to copy the file. As compared to traditional tools
-such as dd or cp, bmaptool can copy (or flash) large files like raw
+such as `dd` or `cp`, `bmaptool` can copy (or flash) large files like raw
 system image files much faster.
 .. note::
@@ -20,13 +20,13 @@ system image files much faster.
         $ sudo apt install bmap-tools
   -  If you are unable to install the ``bmap-tools`` package, you will
-      need to build bmaptool before using it. Use the following command::
+      need to build `bmaptool` before using it. Use the following command::
-         $ bitbake bmaptool-native
+         $ bitbake bmaptool-native -caddto_recipe_sysroot
 Following, is an example that shows how to flash a Wic image. Realize
-that while this example uses a Wic image, you can use bmaptool to flash
+that while this example uses a Wic image, you can use `bmaptool` to flash
-any type of image. Use these steps to flash an image using bmaptool:
+any type of image. Use these steps to flash an image using `bmaptool`:
 #. *Update your local.conf File:* You need to have the following set
   in your ``local.conf`` file before building your image::
@@ -39,18 +39,17 @@ any type of image. Use these steps to flash an image using bmaptool:
      $ bitbake image
-#. *Flash the Device:* Flash the device with the image by using bmaptool
+#. *Flash the Device:* Flash the device with the image by using `bmaptool`
   depending on your particular setup. The following commands assume the
   image resides in the :term:`Build Directory`'s ``deploy/images/`` area:
-   -  If you have write access to the media, use this command form::
+   -  If you installed the package for `bmaptool`, you can directly run::
-         $ oe-run-native bmaptool-native bmaptool copy build-directory/tmp/deploy/images/machine/image.wic /dev/sdX
+         $ sudo bmaptool copy build-directory/tmp/deploy/images/machine/image.wic /dev/sdX
-   -  If you do not have write access to the media, set your permissions
+   -  Otherwise, if you built `bmaptool` with BitBake, run::
-      first and then use the same command form::
-         $ sudo chmod 666 /dev/sdX
+         $ sudo chmod a+w /dev/sdX       # get write access to the media, needed only once after booting
         $ oe-run-native bmaptool-native bmaptool copy build-directory/tmp/deploy/images/machine/image.wic /dev/sdX
 For help on the ``bmaptool`` command, use the following command::
diff --git a/documentation/dev-manual/building.rst b/documentation/dev-manual/building.rst
index fe502690dd..4770a5a184 100644
--- a/documentation/dev-manual/building.rst
+++ b/documentation/dev-manual/building.rst
@@ -280,7 +280,9 @@ Follow these steps to create an :term:`Initramfs` image:
 #. *Create the Initramfs Image Recipe:* You can reference the
   ``core-image-minimal-initramfs.bb`` recipe found in the
   ``meta/recipes-core`` directory of the :term:`Source Directory`
-   as an example from which to work.
+   as an example from which to work. The ``core-image-minimal-initramfs`` recipe
+   is based on the :ref:`initramfs-framework <dev-manual/building:Customizing an
+   Initramfs using \`\`initramfs-framework\`\`>` recipe described below.
 #. *Decide if You Need to Bundle the Initramfs Image Into the Kernel
   Image:* If you want the :term:`Initramfs` image that is built to be bundled
@@ -308,6 +310,86 @@ Follow these steps to create an :term:`Initramfs` image:
   and bundled with the kernel image if you used the
   :term:`INITRAMFS_IMAGE_BUNDLE` variable described earlier.
+Customizing an Initramfs using ``initramfs-framework``
+------------------------------------------------------
+The ``core-image-minimal-initramfs.bb`` recipe found in
+:oe_git:`meta/recipes-core/images
+</openembedded-core/tree/meta/recipes-core/images>` uses the
+:oe_git:`initramfs-framework_1.0.bb
+</openembedded-core/tree/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb>`
+recipe as its base component. The goal of the ``initramfs-framework`` recipe is
+to provide the building blocks to build a customized :term:`Initramfs`.
+The ``initramfs-framework`` recipe relies on shell initialization scripts
+defined in :oe_git:`meta/recipes-core/initrdscripts/initramfs-framework
+</openembedded-core/tree/meta/recipes-core/initrdscripts/initramfs-framework>`. Since some of
+these scripts do not apply for all use cases, the ``initramfs-framework`` recipe
+defines different packages:
+-  ``initramfs-framework-base``: this package installs the basic components of
+   an :term:`Initramfs`, such as the ``init`` script or the ``/dev/console``
+   character special file. As this package is a runtime dependency of all
+   modules listed below, it is automatically pulled in when one of the modules
+   is installed in the image.
+-  ``initramfs-module-exec``: support for execution of applications.
+-  ``initramfs-module-mdev``: support for `mdev
+   <https://wiki.gentoo.org/wiki/Mdev>`__.
+-  ``initramfs-module-udev``: support for :wikipedia:`Udev <Udev>`.
+-  ``initramfs-module-e2fs``: support for :wikipedia:`ext4/ext3/ext2
+   <Extended_file_system>` filesystems.
+-  ``initramfs-module-nfsrootfs``: support for locating and mounting the root
+   partition via :wikipedia:`NFS <Network_File_System>`.
+-  ``initramfs-module-rootfs``: support for locating and mounting the root
+   partition.
+-  ``initramfs-module-debug``: dynamic debug support.
+-  ``initramfs-module-lvm``: :wikipedia:`LVM <Logical_volume_management>` rootfs support.
+-  ``initramfs-module-overlayroot``: support for mounting a read-write overlay
+   on top of a read-only root filesystem.
+In addition to the packages defined by the ``initramfs-framework`` recipe
+itself, the following packages are defined by the recipes present in
+:oe_git:`meta/recipes-core/initrdscripts </openembedded-core/tree/meta/recipes-core/initrdscripts>`:
+-  ``initramfs-module-install``: module to create and install a partition layout
+   on a selected block device.
+-  ``initramfs-module-install-efi``: module to create and install an EFI
+   partition layout on a selected block device.
+-  ``initramfs-module-setup-live``: module to start a shell in the
+   :term:`Initramfs` if ``root=/dev/ram0`` in passed in the `Kernel command-line
+   <https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html>`__
+   or the ``root=`` parameter was not passed.
+To customize the :term:`Initramfs`, you can add or remove packages listed
+earlier from the :term:`PACKAGE_INSTALL` variable with a :ref:`bbappend
+<dev-manual/layers:Appending Other Layers Metadata With Your Layer>` on the
+``core-image-minimal-initramfs`` recipe, or create a custom recipe for the
+:term:`Initramfs` taking ``core-image-minimal-initramfs`` as example.
+Custom scripts can be added to the :term:`Initramfs` by writing your own
+recipes. The recipes are conventionally named ``initramfs-module-<module name>``
+where ``<module name>`` is the name of the module. The recipe should set its
+:term:`RDEPENDS` package-specific variables to include
+``initramfs-framework-base`` and the other packages on which the module depends
+at runtime.
+The recipe must install shell initialization scripts in :term:`${D} <D>`\
+``/init.d`` and must follow the ``<number>-<script name>`` naming scheme where:
+-  ``<number>`` is a *two-digit* number that affects the execution order of the
+   script compared to others. For example, the script ``80-setup-live`` would be
+   executed after ``01-udev`` because 80 is greater than 01.
+   This number being two-digits is important here as the scripts are executed
+   alphabetically. For example, the script ``10-script`` would be executed
+   before the script ``8-script``, because ``1`` is inferior to ``8``.
+   Therefore, the script should be named ``08-script``.
+-  ``<script name>`` is the script name which you can choose freely.
+   If two script use the same ``<number>``, they are sorted alphabetically based
+   on ``<script name>``.
 Bundling an Initramfs Image From a Separate Multiconfig
 -------------------------------------------------------
diff --git a/documentation/dev-manual/customizing-images.rst b/documentation/dev-manual/customizing-images.rst
index 5b18958ade..53cad9c79c 100644
--- a/documentation/dev-manual/customizing-images.rst
+++ b/documentation/dev-manual/customizing-images.rst
@@ -80,15 +80,14 @@ recipe that are enabled with :term:`IMAGE_FEATURES`. The value of
 :term:`EXTRA_IMAGE_FEATURES` is added to :term:`IMAGE_FEATURES` within
 ``meta/conf/bitbake.conf``.
-To illustrate how you can use these variables to modify your image,
+To illustrate how you can use these variables to modify your image, consider an
-consider an example that selects the SSH server. The Yocto Project ships
+example that selects the SSH server. The Yocto Project ships with two SSH
-with two SSH servers you can use with your images: Dropbear and OpenSSH.
+servers you can use with your images: Dropbear and OpenSSH. Dropbear is a
-Dropbear is a minimal SSH server appropriate for resource-constrained
+minimal SSH server appropriate for resource-constrained environments, while
-environments, while OpenSSH is a well-known standard SSH server
+OpenSSH is a well-known standard SSH server implementation. By default, the
-implementation. By default, the ``core-image-sato`` image is configured
+``core-image-sato`` image is configured to use Dropbear. The
-to use Dropbear. The ``core-image-full-cmdline`` and ``core-image-lsb``
+``core-image-full-cmdline`` image includes OpenSSH. The ``core-image-minimal``
-images both include OpenSSH. The ``core-image-minimal`` image does not
+image does not contain an SSH server.
-contain an SSH server.
 You can customize your image and change these defaults. Edit the
 :term:`IMAGE_FEATURES` variable in your recipe or use the
diff --git a/documentation/dev-manual/debugging.rst b/documentation/dev-manual/debugging.rst
index 92458a0c37..8552b26aea 100644
--- a/documentation/dev-manual/debugging.rst
+++ b/documentation/dev-manual/debugging.rst
@@ -36,7 +36,7 @@ section:
   use the BitBake ``-e`` option to examine variable values after a
   recipe has been parsed.
-  ":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
+-  ":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
   describes how to use the ``oe-pkgdata-util`` utility to query
   :term:`PKGDATA_DIR` and
   display package-related information for built packages.
diff --git a/documentation/dev-manual/external-scm.rst b/documentation/dev-manual/external-scm.rst
index 97a7e63e36..896b1b5ac7 100644
--- a/documentation/dev-manual/external-scm.rst
+++ b/documentation/dev-manual/external-scm.rst
@@ -12,10 +12,13 @@ revision number for changes. Currently, you can do this with Apache
 Subversion (SVN), Git, and Bazaar (BZR) repositories.
 To enable this behavior, the :term:`PV` of
-the recipe needs to reference
+the recipe needs to include a ``+`` sign in its assignment.
-:term:`SRCPV`. Here is an example::
+Here is an example::
-   PV = "1.2.3+git${SRCPV}"
+   PV = "1.2.3+git"
+:term:`Bitbake` later includes the source control information in :term:`PKGV`
+during the packaging phase.
 Then, you can add the following to your
 ``local.conf``::
diff --git a/documentation/dev-manual/index.rst b/documentation/dev-manual/index.rst
index 9ccf60f701..8243c0f4cb 100644
--- a/documentation/dev-manual/index.rst
+++ b/documentation/dev-manual/index.rst
@@ -39,7 +39,6 @@ Yocto Project Development Tasks Manual
   external-scm
   read-only-rootfs
   build-quality
-   runtime-testing
   debugging
   licenses
   security-subjects
@@ -48,5 +47,6 @@ Yocto Project Development Tasks Manual
   error-reporting-tool
   wayland
   qemu
+   bblock
 .. include:: /boilerplate.rst
diff --git a/documentation/dev-manual/layers.rst b/documentation/dev-manual/layers.rst
index 91889bd0ae..89c8466933 100644
--- a/documentation/dev-manual/layers.rst
+++ b/documentation/dev-manual/layers.rst
@@ -644,6 +644,96 @@ variable and append the layer's root name::
   order of ``.conf`` or ``.bbclass`` files. Future versions of BitBake
   might address this.
+Providing Global-level Configurations With Your Layer
+-----------------------------------------------------
+When creating a layer, you may need to define configurations that should take
+effect globally in your build environment when the layer is part of the build.
+The ``layer.conf`` file is a :term:`configuration file` that affects the build
+system globally, so it is a candidate for this use-case.
+.. warning::
+   Providing unconditional global level configuration from the ``layer.conf``
+   file is *not* a good practice, and should be avoided. For this reason, the
+   section :ref:`ref-conditional-layer-confs` below shows how the ``layer.conf``
+   file can be used to provide configurations only if a certain condition is
+   met.
+For example, if your layer provides a Linux kernel recipe named
+``linux-custom``, you may want to make :term:`PREFERRED_PROVIDER_virtual/kernel
+<PREFERRED_PROVIDER>` point to ``linux-custom``::
+   PREFERRED_PROVIDER_virtual/kernel = "linux-custom"
+This can be defined in the ``layer.conf`` file. If your layer is at the last
+position in the :term:`BBLAYERS` list, it will take precedence over previous
+``PREFERRED_PROVIDER_virtual/kernel`` assignments (unless one is set from a
+:term:`configuration file` that is parsed later, such as machine or distro
+configuration files).
+.. _ref-conditional-layer-confs:
+Conditionally Provide Global-level Configurations With Your Layer
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+In some cases, your layer may provide global configurations only if some
+features it provides are enabled. Since the ``layer.conf`` file is parsed at an
+earlier stage in the parsing process, the :term:`DISTRO_FEATURES` and
+:term:`MACHINE_FEATURES` variables are not yet available to ``layer.conf``, and
+declaring conditional assignments based on these variables is not possible. The
+following technique shows a way to bypass this limitation by using the
+:term:`USER_CLASSES` variable and a conditional ``require`` command.
+In the following steps, let's assume our layer is named ``meta-mylayer`` and
+that this layer defines a custom :ref:`distro feature <ref-features-distro>`
+named ``mylayer-kernel``. We will set the :term:`PREFERRED_PROVIDER` variable
+for the kernel only if our feature ``mylayer-kernel`` is part of the
+:term:`DISTRO_FEATURES`:
+#. Create an include file in the directory
+   ``meta-mylayer/conf/distro/include/``, for example a file named
+   ``mylayer-kernel-provider.inc`` that sets the kernel provider to
+   ``linux-custom``::
+      PREFERRED_PROVIDER_virtual/kernel = "linux-custom"
+#. Provide a path to this include file in your ``layer.conf``::
+      META_MYLAYER_KERNEL_PROVIDER_PATH = "${LAYERDIR}/conf/distro/include/mylayer-kernel-provider.inc"
+#. Create a new class in ``meta-mylayer/classes-global/``, for example a class
+   ``meta-mylayer-cfg.bbclass``. Make it conditionally require the file
+   ``mylayer-kernel-provider.inc`` defined above, using the variable
+   ``META_MYLAYER_KERNEL_PROVIDER_PATH`` defined in ``layer.conf``::
+      require ${@bb.utils.contains('DISTRO_FEATURES', 'mylayer-kernel', '${META_MYLAYER_KERNEL_PROVIDER_PATH}', '', d)}
+   For details on the ``bb.utils.contains`` function, see its definition in
+   :bitbake_git:`lib/bb/utils.py </tree/lib/bb/utils.py>`.
+   .. note::
+      The ``require`` command is designed to not fail if the function
+      ``bb.utils.contains`` returns an empty string.
+#. Back to your ``layer.conf`` file, add the class ``meta-mylayer-cfg`` class to
+   the :term:`USER_CLASSES` variable::
+      USER_CLASSES:append = " meta-mylayer-cfg"
+   This will add the class ``meta-mylayer-cfg`` to the list of classes to
+   globally inherit. Since the ``require`` command is conditional in
+   ``meta-mylayer-cfg.bbclass``, even though inherited the class will have no
+   effect unless the feature ``mylayer-kernel`` is enabled through
+   :term:`DISTRO_FEATURES`.
+This technique can also be used for :ref:`Machine features
+<ref-features-machine>` by following the same steps. Though not mandatory, it is
+recommended to put include files for :term:`DISTRO_FEATURES` in your layer's
+``conf/distro/include`` and the ones for :term:`MACHINE_FEATURES` in your
+layer's ``conf/machine/include``.
 Managing Layers
 ===============
diff --git a/documentation/dev-manual/new-recipe.rst b/documentation/dev-manual/new-recipe.rst
index 61fc2eb122..af88db937b 100644
--- a/documentation/dev-manual/new-recipe.rst
+++ b/documentation/dev-manual/new-recipe.rst
@@ -56,7 +56,7 @@ necessary when adding a recipe to build a new piece of software to be
 included in a build.
 You can find a complete description of the ``devtool add`` command in
-the ":ref:`sdk-manual/extensible:a closer look at \`\`devtool add\`\``" section
+the ":ref:`sdk-manual/extensible:a closer look at ``devtool add```" section
 in the Yocto Project Application Development and the Extensible Software
 Development Kit (eSDK) manual.
@@ -291,13 +291,13 @@ another example that specifies these types of files, see the
 Another way of specifying source is from an SCM. For Git repositories,
 you must specify :term:`SRCREV` and you should specify :term:`PV` to include
-the revision with :term:`SRCPV`. Here is an example from the recipe
+a ``+`` sign in its definition. Here is an example from the recipe
-``meta/recipes-core/musl/gcompat_git.bb``::
+:oe_git:`meta/recipes-sato/l3afpad/l3afpad_git.bb </openembedded-core/tree/meta/recipes-sato/l3afpad/l3afpad_git.bb>`::
-   SRC_URI = "git://git.adelielinux.org/adelie/gcompat.git;protocol=https;branch=current"
+   SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git;branch=master;protocol=https"
-   PV = "1.0.0+1.1+git${SRCPV}"
+   PV = "0.8.18.1.11+git"
-   SRCREV = "af5a49e489fdc04b9cf02547650d7aeaccd43793"
+   SRCREV ="3cdccdc9505643e50f8208171d9eee5de11a42ff"
 If your :term:`SRC_URI` statement includes URLs pointing to individual files
 fetched from a remote server other than a version control system,
diff --git a/documentation/dev-manual/packages.rst b/documentation/dev-manual/packages.rst
index e5028fffdc..4ba2dcae3a 100644
--- a/documentation/dev-manual/packages.rst
+++ b/documentation/dev-manual/packages.rst
@@ -16,7 +16,7 @@ This section describes a few tasks that involve packages:
 -  :ref:`dev-manual/packages:generating and using signed packages`
 -  :ref:`Setting up and running package test
-   (ptest) <dev-manual/packages:testing packages with ptest>`
+   (ptest) <test-manual/ptest:testing packages with ptest>`
 -  :ref:`dev-manual/packages:creating node package manager (npm) packages`
@@ -84,10 +84,6 @@ the following:
 -  :term:`PR`: The recipe revision.
-  :term:`SRCPV`: The OpenEmbedded
-   build system uses this string to help define the value of :term:`PV` when
-   the source code revision needs to be included in it.
 -  :yocto_wiki:`PR Service </PR_Service>`: A
   network-based service that helps automate keeping package feeds
   compatible with existing package manager applications such as RPM,
@@ -256,15 +252,14 @@ the software::
   SRCREV = "${AUTOREV}"
-Furthermore, you need to reference :term:`SRCPV` in :term:`PV` in order to
+Furthermore, you need to include a ``+`` sign in :term:`PV` in order to
 automatically update the version whenever the revision of the source
 code changes. Here is an example::
-   PV = "1.0+git${SRCPV}"
+   PV = "1.0+git"
-The OpenEmbedded build system substitutes :term:`SRCPV` with the following:
-.. code-block:: none
+The OpenEmbedded build system will automatically add the source control
+information to the end of the variable :term:`PKGV`, in this format::
   AUTOINC+source_code_revision
@@ -887,114 +882,8 @@ related to signed package feeds are available:
 Testing Packages With ptest
 ===========================
-A Package Test (ptest) runs tests against packages built by the
+See the :ref:`test-manual/ptest:Testing Packages With ptest` section of the
-OpenEmbedded build system on the target machine. A ptest contains at
+Yocto Project Test Environment Manual.
-least two items: the actual test, and a shell script (``run-ptest``)
-that starts the test. The shell script that starts the test must not
-contain the actual test --- the script only starts the test. On the other
-hand, the test can be anything from a simple shell script that runs a
-binary and checks the output to an elaborate system of test binaries and
-data files.
-The test generates output in the format used by Automake::
-   result: testname
-where the result can be ``PASS``, ``FAIL``, or ``SKIP``, and
-the testname can be any identifying string.
-For a list of Yocto Project recipes that are already enabled with ptest,
-see the :yocto_wiki:`Ptest </Ptest>` wiki page.
-.. note::
-   A recipe is "ptest-enabled" if it inherits the :ref:`ref-classes-ptest`
-   class.
-Adding ptest to Your Build
--------------------------
-To add package testing to your build, add the :term:`DISTRO_FEATURES` and
-:term:`EXTRA_IMAGE_FEATURES` variables to your ``local.conf`` file, which
-is found in the :term:`Build Directory`::
-   DISTRO_FEATURES:append = " ptest"
-   EXTRA_IMAGE_FEATURES += "ptest-pkgs"
-Once your build is complete, the ptest files are installed into the
-``/usr/lib/package/ptest`` directory within the image, where ``package``
-is the name of the package.
-Running ptest
-------------
-The ``ptest-runner`` package installs a shell script that loops through
-all installed ptest test suites and runs them in sequence. Consequently,
-you might want to add this package to your image.
-Getting Your Package Ready
--------------------------
-In order to enable a recipe to run installed ptests on target hardware,
-you need to prepare the recipes that build the packages you want to
-test. Here is what you have to do for each recipe:
-  *Be sure the recipe inherits the* :ref:`ref-classes-ptest` *class:*
-   Include the following line in each recipe::
-      inherit ptest
-  *Create run-ptest:* This script starts your test. Locate the
-   script where you will refer to it using
-   :term:`SRC_URI`. Here is an
-   example that starts a test for ``dbus``::
-      #!/bin/sh
-      cd test
-      make -k runtest-TESTS
-  *Ensure dependencies are met:* If the test adds build or runtime
-   dependencies that normally do not exist for the package (such as
-   requiring "make" to run the test suite), use the
-   :term:`DEPENDS` and
-   :term:`RDEPENDS` variables in
-   your recipe in order for the package to meet the dependencies. Here
-   is an example where the package has a runtime dependency on "make"::
-      RDEPENDS:${PN}-ptest += "make"
-  *Add a function to build the test suite:* Not many packages support
-   cross-compilation of their test suites. Consequently, you usually
-   need to add a cross-compilation function to the package.
-   Many packages based on Automake compile and run the test suite by
-   using a single command such as ``make check``. However, the host
-   ``make check`` builds and runs on the same computer, while
-   cross-compiling requires that the package is built on the host but
-   executed for the target architecture (though often, as in the case
-   for ptest, the execution occurs on the host). The built version of
-   Automake that ships with the Yocto Project includes a patch that
-   separates building and execution. Consequently, packages that use the
-   unaltered, patched version of ``make check`` automatically
-   cross-compiles.
-   Regardless, you still must add a ``do_compile_ptest`` function to
-   build the test suite. Add a function similar to the following to your
-   recipe::
-      do_compile_ptest() {
-          oe_runmake buildtest-TESTS
-      }
-  *Ensure special configurations are set:* If the package requires
-   special configurations prior to compiling the test code, you must
-   insert a ``do_configure_ptest`` function into the recipe.
-  *Install the test suite:* The :ref:`ref-classes-ptest` class
-   automatically copies the file ``run-ptest`` to the target and then runs make
-   ``install-ptest`` to run the tests. If this is not enough, you need
-   to create a ``do_install_ptest`` function and make sure it gets
-   called after the "make install-ptest" completes.
 Creating Node Package Manager (NPM) Packages
 ============================================
diff --git a/documentation/dev-manual/qemu.rst b/documentation/dev-manual/qemu.rst
index 19f3e40d63..253aff9977 100644
--- a/documentation/dev-manual/qemu.rst
+++ b/documentation/dev-manual/qemu.rst
@@ -75,7 +75,7 @@ available. Follow these general steps to run QEMU:
      your :term:`Build Directory`.
   -  If you have not built an image, you can go to the
-      :yocto_dl:`machines/qemu </releases/yocto/yocto-&DISTRO;/machines/qemu/>` area and download a
+      :yocto_dl:`machines/qemu </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines/qemu/>` area and download a
      pre-built image that matches your architecture and can be run on
      QEMU.
@@ -280,12 +280,11 @@ present, the toolchain is also automatically used.
      networking.
   -  SSH servers are available in some QEMU images. The ``core-image-sato``
-      QEMU image has a Dropbear secure shell (SSH) server that runs with
+      QEMU image has a Dropbear secure shell (SSH) server that runs with the
-      the root password disabled. The ``core-image-full-cmdline`` and
+      root password disabled. The ``core-image-full-cmdline`` QEMU image has
-      ``core-image-lsb`` QEMU images have OpenSSH instead of Dropbear.
+      OpenSSH instead of Dropbear. Including these SSH servers allow you to use
-      Including these SSH servers allow you to use standard ``ssh`` and
+      standard ``ssh`` and ``scp`` commands. The ``core-image-minimal`` QEMU
-      ``scp`` commands. The ``core-image-minimal`` QEMU image, however,
+      image, however, contains no SSH server.
-      contains no SSH server.
   -  You can use a provided, user-space NFS server to boot the QEMU
      session using a local copy of the root filesystem on the host. In
diff --git a/documentation/dev-manual/runtime-testing.rst b/documentation/dev-manual/runtime-testing.rst
deleted file mode 100644
index 7a2b42f25a..0000000000
--- a/documentation/dev-manual/runtime-testing.rst
+++ /dev/null
@@ -1,594 +0,0 @@
-.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
-Performing Automated Runtime Testing
-************************************
-The OpenEmbedded build system makes available a series of automated
-tests for images to verify runtime functionality. You can run these
-tests on either QEMU or actual target hardware. Tests are written in
-Python making use of the ``unittest`` module, and the majority of them
-run commands on the target system over SSH. This section describes how
-you set up the environment to use these tests, run available tests, and
-write and add your own tests.
-For information on the test and QA infrastructure available within the
-Yocto Project, see the ":ref:`ref-manual/release-process:testing and quality assurance`"
-section in the Yocto Project Reference Manual.
-Enabling Tests
-==============
-Depending on whether you are planning to run tests using QEMU or on the
-hardware, you have to take different steps to enable the tests. See the
-following subsections for information on how to enable both types of
-tests.
-Enabling Runtime Tests on QEMU
------------------------------
-In order to run tests, you need to do the following:
-  *Set up to avoid interaction with sudo for networking:* To
-   accomplish this, you must do one of the following:
-   -  Add ``NOPASSWD`` for your user in ``/etc/sudoers`` either for all
-      commands or just for ``runqemu-ifup``. You must provide the full
-      path as that can change if you are using multiple clones of the
-      source repository.
-      .. note::
-         On some distributions, you also need to comment out "Defaults
-         requiretty" in ``/etc/sudoers``.
-   -  Manually configure a tap interface for your system.
-   -  Run as root the script in ``scripts/runqemu-gen-tapdevs``, which
-      should generate a list of tap devices. This is the option
-      typically chosen for Autobuilder-type environments.
-      .. note::
-         -  Be sure to use an absolute path when calling this script
-            with sudo.
-         -  Ensure that your host has the package ``iptables`` installed.
-         -  The package recipe ``qemu-helper-native`` is required to run
-            this script. Build the package using the following command::
-               $ bitbake qemu-helper-native
-  *Set the DISPLAY variable:* You need to set this variable so that
-   you have an X server available (e.g. start ``vncserver`` for a
-   headless machine).
-  *Be sure your host's firewall accepts incoming connections from
-   192.168.7.0/24:* Some of the tests (in particular DNF tests) start an
-   HTTP server on a random high number port, which is used to serve
-   files to the target. The DNF module serves
-   ``${WORKDIR}/oe-rootfs-repo`` so it can run DNF channel commands.
-   That means your host's firewall must accept incoming connections from
-   192.168.7.0/24, which is the default IP range used for tap devices by
-   ``runqemu``.
-  *Be sure your host has the correct packages installed:* Depending
-   your host's distribution, you need to have the following packages
-   installed:
-   -  Ubuntu and Debian: ``sysstat`` and ``iproute2``
-   -  openSUSE: ``sysstat`` and ``iproute2``
-   -  Fedora: ``sysstat`` and ``iproute``
-   -  CentOS: ``sysstat`` and ``iproute``
-Once you start running the tests, the following happens:
-#. A copy of the root filesystem is written to ``${WORKDIR}/testimage``.
-#. The image is booted under QEMU using the standard ``runqemu`` script.
-#. A default timeout of 500 seconds occurs to allow for the boot process
-   to reach the login prompt. You can change the timeout period by
-   setting
-   :term:`TEST_QEMUBOOT_TIMEOUT`
-   in the ``local.conf`` file.
-#. Once the boot process is reached and the login prompt appears, the
-   tests run. The full boot log is written to
-   ``${WORKDIR}/testimage/qemu_boot_log``.
-#. Each test module loads in the order found in :term:`TEST_SUITES`. You can
-   find the full output of the commands run over SSH in
-   ``${WORKDIR}/testimgage/ssh_target_log``.
-#. If no failures occur, the task running the tests ends successfully.
-   You can find the output from the ``unittest`` in the task log at
-   ``${WORKDIR}/temp/log.do_testimage``.
-Enabling Runtime Tests on Hardware
----------------------------------
-The OpenEmbedded build system can run tests on real hardware, and for
-certain devices it can also deploy the image to be tested onto the
-device beforehand.
-For automated deployment, a "controller image" is installed onto the
-hardware once as part of setup. Then, each time tests are to be run, the
-following occurs:
-#. The controller image is booted into and used to write the image to be
-   tested to a second partition.
-#. The device is then rebooted using an external script that you need to
-   provide.
-#. The device boots into the image to be tested.
-When running tests (independent of whether the image has been deployed
-automatically or not), the device is expected to be connected to a
-network on a pre-determined IP address. You can either use static IP
-addresses written into the image, or set the image to use DHCP and have
-your DHCP server on the test network assign a known IP address based on
-the MAC address of the device.
-In order to run tests on hardware, you need to set :term:`TEST_TARGET` to an
-appropriate value. For QEMU, you do not have to change anything, the
-default value is "qemu". For running tests on hardware, the following
-options are available:
-  *"simpleremote":* Choose "simpleremote" if you are going to run tests
-   on a target system that is already running the image to be tested and
-   is available on the network. You can use "simpleremote" in
-   conjunction with either real hardware or an image running within a
-   separately started QEMU or any other virtual machine manager.
-  *"SystemdbootTarget":* Choose "SystemdbootTarget" if your hardware is
-   an EFI-based machine with ``systemd-boot`` as bootloader and
-   ``core-image-testmaster`` (or something similar) is installed. Also,
-   your hardware under test must be in a DHCP-enabled network that gives
-   it the same IP address for each reboot.
-   If you choose "SystemdbootTarget", there are additional requirements
-   and considerations. See the
-   ":ref:`dev-manual/runtime-testing:selecting systemdboottarget`" section, which
-   follows, for more information.
-  *"BeagleBoneTarget":* Choose "BeagleBoneTarget" if you are deploying
-   images and running tests on the BeagleBone "Black" or original
-   "White" hardware. For information on how to use these tests, see the
-   comments at the top of the BeagleBoneTarget
-   ``meta-yocto-bsp/lib/oeqa/controllers/beaglebonetarget.py`` file.
-  *"GrubTarget":* Choose "GrubTarget" if you are deploying images and running
-   tests on any generic PC that boots using GRUB. For information on how
-   to use these tests, see the comments at the top of the GrubTarget
-   ``meta-yocto-bsp/lib/oeqa/controllers/grubtarget.py`` file.
-  *"your-target":* Create your own custom target if you want to run
-   tests when you are deploying images and running tests on a custom
-   machine within your BSP layer. To do this, you need to add a Python
-   unit that defines the target class under ``lib/oeqa/controllers/``
-   within your layer. You must also provide an empty ``__init__.py``.
-   For examples, see files in ``meta-yocto-bsp/lib/oeqa/controllers/``.
-Selecting SystemdbootTarget
---------------------------
-If you did not set :term:`TEST_TARGET` to "SystemdbootTarget", then you do
-not need any information in this section. You can skip down to the
-":ref:`dev-manual/runtime-testing:running tests`" section.
-If you did set :term:`TEST_TARGET` to "SystemdbootTarget", you also need to
-perform a one-time setup of your controller image by doing the following:
-#. *Set EFI_PROVIDER:* Be sure that :term:`EFI_PROVIDER` is as follows::
-      EFI_PROVIDER = "systemd-boot"
-#. *Build the controller image:* Build the ``core-image-testmaster`` image.
-   The ``core-image-testmaster`` recipe is provided as an example for a
-   "controller" image and you can customize the image recipe as you would
-   any other recipe.
-   Image recipe requirements are:
-   -  Inherits ``core-image`` so that kernel modules are installed.
-   -  Installs normal linux utilities not BusyBox ones (e.g. ``bash``,
-      ``coreutils``, ``tar``, ``gzip``, and ``kmod``).
-   -  Uses a custom :term:`Initramfs` image with a custom
-      installer. A normal image that you can install usually creates a
-      single root filesystem partition. This image uses another installer that
-      creates a specific partition layout. Not all Board Support
-      Packages (BSPs) can use an installer. For such cases, you need to
-      manually create the following partition layout on the target:
-      -  First partition mounted under ``/boot``, labeled "boot".
-      -  The main root filesystem partition where this image gets installed,
-         which is mounted under ``/``.
-      -  Another partition labeled "testrootfs" where test images get
-         deployed.
-#. *Install image:* Install the image that you just built on the target
-   system.
-The final thing you need to do when setting :term:`TEST_TARGET` to
-"SystemdbootTarget" is to set up the test image:
-#. *Set up your local.conf file:* Make sure you have the following
-   statements in your ``local.conf`` file::
-      IMAGE_FSTYPES += "tar.gz"
-      IMAGE_CLASSES += "testimage"
-      TEST_TARGET = "SystemdbootTarget"
-      TEST_TARGET_IP = "192.168.2.3"
-#. *Build your test image:* Use BitBake to build the image::
-      $ bitbake core-image-sato
-Power Control
-------------
-For most hardware targets other than "simpleremote", you can control
-power:
-  You can use :term:`TEST_POWERCONTROL_CMD` together with
-   :term:`TEST_POWERCONTROL_EXTRA_ARGS` as a command that runs on the host
-   and does power cycling. The test code passes one argument to that
-   command: off, on or cycle (off then on). Here is an example that
-   could appear in your ``local.conf`` file::
-      TEST_POWERCONTROL_CMD = "powercontrol.exp test 10.11.12.1 nuc1"
-   In this example, the expect
-   script does the following:
-   .. code-block:: shell
-      ssh test@10.11.12.1 "pyctl nuc1 arg"
-   It then runs a Python script that controls power for a label called
-   ``nuc1``.
-   .. note::
-      You need to customize :term:`TEST_POWERCONTROL_CMD` and
-      :term:`TEST_POWERCONTROL_EXTRA_ARGS` for your own setup. The one requirement
-      is that it accepts "on", "off", and "cycle" as the last argument.
-  When no command is defined, it connects to the device over SSH and
-   uses the classic reboot command to reboot the device. Classic reboot
-   is fine as long as the machine actually reboots (i.e. the SSH test
-   has not failed). It is useful for scenarios where you have a simple
-   setup, typically with a single board, and where some manual
-   interaction is okay from time to time.
-If you have no hardware to automatically perform power control but still
-wish to experiment with automated hardware testing, you can use the
-``dialog-power-control`` script that shows a dialog prompting you to perform
-the required power action. This script requires either KDialog or Zenity
-to be installed. To use this script, set the
-:term:`TEST_POWERCONTROL_CMD`
-variable as follows::
-   TEST_POWERCONTROL_CMD = "${COREBASE}/scripts/contrib/dialog-power-control"
-Serial Console Connection
-------------------------
-For test target classes requiring a serial console to interact with the
-bootloader (e.g. BeagleBoneTarget and GrubTarget),
-you need to specify a command to use to connect to the serial console of
-the target machine by using the
-:term:`TEST_SERIALCONTROL_CMD`
-variable and optionally the
-:term:`TEST_SERIALCONTROL_EXTRA_ARGS`
-variable.
-These cases could be a serial terminal program if the machine is
-connected to a local serial port, or a ``telnet`` or ``ssh`` command
-connecting to a remote console server. Regardless of the case, the
-command simply needs to connect to the serial console and forward that
-connection to standard input and output as any normal terminal program
-does. For example, to use the picocom terminal program on serial device
-``/dev/ttyUSB0`` at 115200bps, you would set the variable as follows::
-   TEST_SERIALCONTROL_CMD = "picocom /dev/ttyUSB0 -b 115200"
-For local
-devices where the serial port device disappears when the device reboots,
-an additional "serdevtry" wrapper script is provided. To use this
-wrapper, simply prefix the terminal command with
-``${COREBASE}/scripts/contrib/serdevtry``::
-   TEST_SERIALCONTROL_CMD = "${COREBASE}/scripts/contrib/serdevtry picocom -b 115200 /dev/ttyUSB0"
-Running Tests
-=============
-You can start the tests automatically or manually:
-  *Automatically running tests:* To run the tests automatically after the
-   OpenEmbedded build system successfully creates an image, first set the
-   :term:`TESTIMAGE_AUTO` variable to "1" in your ``local.conf`` file in the
-   :term:`Build Directory`::
-      TESTIMAGE_AUTO = "1"
-   Next, build your image. If the image successfully builds, the
-   tests run::
-      bitbake core-image-sato
-  *Manually running tests:* To manually run the tests, first globally
-   inherit the :ref:`ref-classes-testimage` class by editing your
-   ``local.conf`` file::
-      IMAGE_CLASSES += "testimage"
-   Next, use BitBake to run the tests::
-      bitbake -c testimage image
-All test files reside in ``meta/lib/oeqa/runtime/cases`` in the
-:term:`Source Directory`. A test name maps
-directly to a Python module. Each test module may contain a number of
-individual tests. Tests are usually grouped together by the area tested
-(e.g tests for systemd reside in ``meta/lib/oeqa/runtime/cases/systemd.py``).
-You can add tests to any layer provided you place them in the proper
-area and you extend :term:`BBPATH` in
-the ``local.conf`` file as normal. Be sure that tests reside in
-``layer/lib/oeqa/runtime/cases``.
-.. note::
-   Be sure that module names do not collide with module names used in
-   the default set of test modules in ``meta/lib/oeqa/runtime/cases``.
-You can change the set of tests run by appending or overriding
-:term:`TEST_SUITES` variable in
-``local.conf``. Each name in :term:`TEST_SUITES` represents a required test
-for the image. Test modules named within :term:`TEST_SUITES` cannot be
-skipped even if a test is not suitable for an image (e.g. running the
-RPM tests on an image without ``rpm``). Appending "auto" to
-:term:`TEST_SUITES` causes the build system to try to run all tests that are
-suitable for the image (i.e. each test module may elect to skip itself).
-The order you list tests in :term:`TEST_SUITES` is important and influences
-test dependencies. Consequently, tests that depend on other tests should
-be added after the test on which they depend. For example, since the
-``ssh`` test depends on the ``ping`` test, "ssh" needs to come after
-"ping" in the list. The test class provides no re-ordering or dependency
-handling.
-.. note::
-   Each module can have multiple classes with multiple test methods.
-   And, Python ``unittest`` rules apply.
-Here are some things to keep in mind when running tests:
-  The default tests for the image are defined as::
-      DEFAULT_TEST_SUITES:pn-image = "ping ssh df connman syslog xorg scp vnc date rpm dnf dmesg"
-  Add your own test to the list of the by using the following::
-      TEST_SUITES:append = " mytest"
-  Run a specific list of tests as follows::
-     TEST_SUITES = "test1 test2 test3"
-   Remember, order is important. Be sure to place a test that is
-   dependent on another test later in the order.
-Exporting Tests
-===============
-You can export tests so that they can run independently of the build
-system. Exporting tests is required if you want to be able to hand the
-test execution off to a scheduler. You can only export tests that are
-defined in :term:`TEST_SUITES`.
-If your image is already built, make sure the following are set in your
-``local.conf`` file::
-   INHERIT += "testexport"
-   TEST_TARGET_IP = "IP-address-for-the-test-target"
-   TEST_SERVER_IP = "IP-address-for-the-test-server"
-You can then export the tests with the
-following BitBake command form::
-   $ bitbake image -c testexport
-Exporting the tests places them in the :term:`Build Directory` in
-``tmp/testexport/``\ image, which is controlled by the :term:`TEST_EXPORT_DIR`
-variable.
-You can now run the tests outside of the build environment::
-   $ cd tmp/testexport/image
-   $ ./runexported.py testdata.json
-Here is a complete example that shows IP addresses and uses the
-``core-image-sato`` image::
-   INHERIT += "testexport"
-   TEST_TARGET_IP = "192.168.7.2"
-   TEST_SERVER_IP = "192.168.7.1"
-Use BitBake to export the tests::
-   $ bitbake core-image-sato -c testexport
-Run the tests outside of
-the build environment using the following::
-   $ cd tmp/testexport/core-image-sato
-   $ ./runexported.py testdata.json
-Writing New Tests
-=================
-As mentioned previously, all new test files need to be in the proper
-place for the build system to find them. New tests for additional
-functionality outside of the core should be added to the layer that adds
-the functionality, in ``layer/lib/oeqa/runtime/cases`` (as long as
-:term:`BBPATH` is extended in the
-layer's ``layer.conf`` file as normal). Just remember the following:
-  Filenames need to map directly to test (module) names.
-  Do not use module names that collide with existing core tests.
-  Minimally, an empty ``__init__.py`` file must be present in the runtime
-   directory.
-To create a new test, start by copying an existing module (e.g.
-``oe_syslog.py`` or ``gcc.py`` are good ones to use). Test modules can use
-code from ``meta/lib/oeqa/utils``, which are helper classes.
-.. note::
-   Structure shell commands such that you rely on them and they return a
-   single code for success. Be aware that sometimes you will need to
-   parse the output. See the ``df.py`` and ``date.py`` modules for examples.
-You will notice that all test classes inherit ``oeRuntimeTest``, which
-is found in ``meta/lib/oetest.py``. This base class offers some helper
-attributes, which are described in the following sections:
-Class Methods
-------------
-Class methods are as follows:
-  *hasPackage(pkg):* Returns "True" if ``pkg`` is in the installed
-   package list of the image, which is based on the manifest file that
-   is generated during the :ref:`ref-tasks-rootfs` task.
-  *hasFeature(feature):* Returns "True" if the feature is in
-   :term:`IMAGE_FEATURES` or
-   :term:`DISTRO_FEATURES`.
-Class Attributes
----------------
-Class attributes are as follows:
-  *pscmd:* Equals "ps -ef" if ``procps`` is installed in the image.
-   Otherwise, ``pscmd`` equals "ps" (busybox).
-  *tc:* The called test context, which gives access to the
-   following attributes:
-   -  *d:* The BitBake datastore, which allows you to use stuff such
-      as ``oeRuntimeTest.tc.d.getVar("VIRTUAL-RUNTIME_init_manager")``.
-   -  *testslist and testsrequired:* Used internally. The tests
-      do not need these.
-   -  *filesdir:* The absolute path to
-      ``meta/lib/oeqa/runtime/files``, which contains helper files for
-      tests meant for copying on the target such as small files written
-      in C for compilation.
-   -  *target:* The target controller object used to deploy and
-      start an image on a particular target (e.g. Qemu, SimpleRemote,
-      and SystemdbootTarget). Tests usually use the following:
-      -  *ip:* The target's IP address.
-      -  *server_ip:* The host's IP address, which is usually used
-         by the DNF test suite.
-      -  *run(cmd, timeout=None):* The single, most used method.
-         This command is a wrapper for: ``ssh root@host "cmd"``. The
-         command returns a tuple: (status, output), which are what their
-         names imply - the return code of "cmd" and whatever output it
-         produces. The optional timeout argument represents the number
-         of seconds the test should wait for "cmd" to return. If the
-         argument is "None", the test uses the default instance's
-         timeout period, which is 300 seconds. If the argument is "0",
-         the test runs until the command returns.
-      -  *copy_to(localpath, remotepath):*
-         ``scp localpath root@ip:remotepath``.
-      -  *copy_from(remotepath, localpath):*
-         ``scp root@host:remotepath localpath``.
-Instance Attributes
-------------------
-There is a single instance attribute, which is ``target``. The ``target``
-instance attribute is identical to the class attribute of the same name,
-which is described in the previous section. This attribute exists as
-both an instance and class attribute so tests can use
-``self.target.run(cmd)`` in instance methods instead of
-``oeRuntimeTest.tc.target.run(cmd)``.
-Installing Packages in the DUT Without the Package Manager
-==========================================================
-When a test requires a package built by BitBake, it is possible to
-install that package. Installing the package does not require a package
-manager be installed in the device under test (DUT). It does, however,
-require an SSH connection and the target must be using the
-``sshcontrol`` class.
-.. note::
-   This method uses ``scp`` to copy files from the host to the target, which
-   causes permissions and special attributes to be lost.
-A JSON file is used to define the packages needed by a test. This file
-must be in the same path as the file used to define the tests.
-Furthermore, the filename must map directly to the test module name with
-a ``.json`` extension.
-The JSON file must include an object with the test name as keys of an
-object or an array. This object (or array of objects) uses the following
-data:
-  "pkg" --- a mandatory string that is the name of the package to be
-   installed.
-  "rm" --- an optional boolean, which defaults to "false", that specifies
-   to remove the package after the test.
-  "extract" --- an optional boolean, which defaults to "false", that
-   specifies if the package must be extracted from the package format.
-   When set to "true", the package is not automatically installed into
-   the DUT.
-Here is an example JSON file that handles test "foo" installing
-package "bar" and test "foobar" installing packages "foo" and "bar".
-Once the test is complete, the packages are removed from the DUT::
-     {
-         "foo": {
-             "pkg": "bar"
-         },
-         "foobar": [
-             {
-                 "pkg": "foo",
-                 "rm": true
-             },
-             {
-                 "pkg": "bar",
-                 "rm": true
-             }
-         ]
-     }
diff --git a/documentation/dev-manual/sbom.rst b/documentation/dev-manual/sbom.rst
index b72bad1554..7c4b5804fb 100644
--- a/documentation/dev-manual/sbom.rst
+++ b/documentation/dev-manual/sbom.rst
@@ -30,16 +30,9 @@ To make this happen, you must inherit the
   INHERIT += "create-spdx"
-Upon building an image, you will then get:
+Upon building an image, you will then get the compressed archive
+``IMAGE-MACHINE.spdx.tar.zst`` contains the index and the files for the single
-  :term:`SPDX` output in JSON format as an ``IMAGE-MACHINE.spdx.json`` file in
+recipes.
-   ``tmp/deploy/images/MACHINE/`` inside the :term:`Build Directory`.
-  This toplevel file is accompanied by an ``IMAGE-MACHINE.spdx.index.json``
-   containing an index of JSON :term:`SPDX` files for individual recipes.
-  The compressed archive ``IMAGE-MACHINE.spdx.tar.zst`` contains the index
-   and the files for the single recipes.
 The :ref:`ref-classes-create-spdx` class offers options to include
 more information in the output :term:`SPDX` data:
@@ -56,7 +49,7 @@ more information in the output :term:`SPDX` data:
 Though the toplevel :term:`SPDX` output is available in
 ``tmp/deploy/images/MACHINE/`` inside the :term:`Build Directory`, ancillary
-generated files are available in ``tmp/deploy/spdx/MACHINE`` too, such as:
+generated files are available in ``tmp/deploy/spdx`` too, such as:
 -  The individual :term:`SPDX` JSON files in the ``IMAGE-MACHINE.spdx.tar.zst``
   archive.
diff --git a/documentation/dev-manual/start.rst b/documentation/dev-manual/start.rst
index 386e5f5d29..f4da61b53f 100644
--- a/documentation/dev-manual/start.rst
+++ b/documentation/dev-manual/start.rst
@@ -615,7 +615,7 @@ Accessing Source Archives
 The Yocto Project also provides source archives of its releases, which
 are available on :yocto_dl:`/releases/yocto/`. Then, choose the subdirectory
 containing the release you wish to use, for example
-:yocto_dl:`yocto-&DISTRO; </releases/yocto/yocto-&DISTRO;/>`.
+:yocto_dl:`&DISTRO_REL_LATEST_TAG; </releases/yocto/&DISTRO_REL_LATEST_TAG;/>`.
 You will find there source archives of individual components (if you wish
 to use them individually), and of the corresponding Poky release bundling
diff --git a/documentation/dev-manual/upgrading-recipes.rst b/documentation/dev-manual/upgrading-recipes.rst
index 4fac78bdfb..a38fd7837c 100644
--- a/documentation/dev-manual/upgrading-recipes.rst
+++ b/documentation/dev-manual/upgrading-recipes.rst
@@ -333,7 +333,7 @@ Manually Upgrading a Recipe
 If for some reason you choose not to upgrade recipes using
 :ref:`dev-manual/upgrading-recipes:Using the Auto Upgrade Helper (AUH)` or
-by :ref:`dev-manual/upgrading-recipes:Using \`\`devtool upgrade\`\``,
+by :ref:`dev-manual/upgrading-recipes:Using ``devtool upgrade```,
 you can manually edit the recipe files to upgrade the versions.
 .. note::
diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst
index 1bc2a85929..f5f9fe3a0c 100644
--- a/documentation/dev-manual/vulnerabilities.rst
+++ b/documentation/dev-manual/vulnerabilities.rst
@@ -62,37 +62,77 @@ found in ``build/tmp/deploy/cve``.
 For example the CVE check report for the ``flex-native`` recipe looks like::
-   $ cat poky/build/tmp/deploy/cve/flex-native
+   $ cat ./tmp/deploy/cve/flex-native_cve.json
-   LAYER: meta
+   {
-   PACKAGE NAME: flex-native
+     "version": "1",
-   PACKAGE VERSION: 2.6.4
+     "package": [
-   CVE: CVE-2016-6354
+       {
-   CVE STATUS: Patched
+         "name": "flex-native",
-   CVE SUMMARY: Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.
+         "layer": "meta",
-   CVSS v2 BASE SCORE: 7.5
+         "version": "2.6.4",
-   CVSS v3 BASE SCORE: 9.8
+         "products": [
-   VECTOR: NETWORK
+           {
-   MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2016-6354
+             "product": "flex",
+             "cvesInRecord": "No"
-   LAYER: meta
+           },
-   PACKAGE NAME: flex-native
+           {
-   PACKAGE VERSION: 2.6.4
+             "product": "flex",
-   CVE: CVE-2019-6293
+             "cvesInRecord": "Yes"
-   CVE STATUS: Ignored
+           }
-   CVE SUMMARY: An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.
+         ],
-   CVSS v2 BASE SCORE: 4.3
+         "issue": [
-   CVSS v3 BASE SCORE: 5.5
+           {
-   VECTOR: NETWORK
+             "id": "CVE-2006-0459",
-   MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-6293
+             "status": "Patched",
+             "link": "https://nvd.nist.gov/vuln/detail/CVE-2006-0459",
+             "summary": "flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code.",
+             "scorev2": "7.5",
+             "scorev3": "0.0",
+             "scorev4": "0.0",
+             "modified": "2024-11-21T00:06Z",
+             "vector": "NETWORK",
+             "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+             "detail": "version-not-in-range"
+           },
+           {
+             "id": "CVE-2016-6354",
+             "status": "Patched",
+             "link": "https://nvd.nist.gov/vuln/detail/CVE-2016-6354",
+             "summary": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.",
+             "scorev2": "7.5",
+             "scorev3": "9.8",
+             "scorev4": "0.0",
+             "modified": "2024-11-21T02:55Z",
+             "vector": "NETWORK",
+             "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+             "detail": "version-not-in-range"
+           },
+           {
+             "id": "CVE-2019-6293",
+             "status": "Ignored",
+             "link": "https://nvd.nist.gov/vuln/detail/CVE-2019-6293",
+             "summary": "An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.",
+             "scorev2": "4.3",
+             "scorev3": "5.5",
+             "scorev4": "0.0",
+             "modified": "2024-11-21T04:46Z",
+             "vector": "NETWORK",
+             "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+             "detail": "upstream-wontfix",
+             "description": "there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address this."
+           }
+         ]
+       }
+     ]
+   }
 For images, a summary of all recipes included in the image and their CVEs is also
-generated in textual and JSON formats. These ``.cve`` and ``.json`` reports can be found
+generated in the JSON format. These ``.json`` reports can be found
 in the ``tmp/deploy/images`` directory for each compiled image.
 At build time CVE check will also throw warnings about ``Unpatched`` CVEs::
-   WARNING: flex-2.6.4-r0 do_cve_check: Found unpatched CVE (CVE-2019-6293), for more information check /poky/build/tmp/work/core2-64-poky-linux/flex/2.6.4-r0/temp/cve.log
+   WARNING: qemu-native-9.2.0-r0 do_cve_check: Found unpatched CVE (CVE-2023-1386)
-   WARNING: libarchive-3.5.1-r0 do_cve_check: Found unpatched CVE (CVE-2021-36976), for more information check /poky/build/tmp/work/core2-64-poky-linux/libarchive/3.5.1-r0/temp/cve.log
 It is also possible to check the CVE status of individual packages as follows::
@@ -111,10 +151,10 @@ upstream `NIST CVE database <https://nvd.nist.gov/>`__.
 The variable supports using vendor and product names like this::
-   CVE_PRODUCT = "flex_project:flex"
+   CVE_PRODUCT = "flex_project:flex westes:flex"
-In this example the vendor name used in the CVE database is ``flex_project`` and the
+In this example we have two possible vendors names,  ``flex_project`` and ``westes``,
-product is ``flex``. With this setting the ``flex`` recipe only maps to this specific
+with the product name ``flex``. With this setting the ``flex`` recipe only maps to this specific
 product and not products from other vendors with same name ``flex``.
 Similarly, when the recipe version :term:`PV` is not compatible with software versions used by
diff --git a/documentation/dev-manual/wic.rst b/documentation/dev-manual/wic.rst
index a3880f3a1c..fced0e170c 100644
--- a/documentation/dev-manual/wic.rst
+++ b/documentation/dev-manual/wic.rst
@@ -513,7 +513,7 @@ or ::
   For more information on how to use the ``bmaptool``
   to flash a device with an image, see the
-   ":ref:`dev-manual/bmaptool:flashing images using \`\`bmaptool\`\``"
+   ":ref:`dev-manual/bmaptool:flashing images using \`bmaptool\``"
   section.
 Using a Modified Kickstart File
@@ -721,7 +721,7 @@ the existing kernel, and then inserts a new kernel:
   Once the new kernel is added back into the image, you can use the
   ``dd`` command or :ref:`bmaptool
-   <dev-manual/bmaptool:flashing images using \`\`bmaptool\`\`>`
+   <dev-manual/bmaptool:flashing images using \`bmaptool\`>` commands
   to flash your wic image onto an SD card or USB stick and test your
   target.