summaryrefslogtreecommitdiffstats
path: root/meta/lib/oe/sbom.py
Commit message (Collapse)AuthorAgeFilesLines
* lib: Add copyright statements to files without oneRichard Purdie2022-08-121-0/+2
| | | | | | | | | Where there isn't a copyright statement, add one to make it explicit. Also add license identifiers as MIT if there isn't one. (From OE-Core rev: bb731d1f3d2a1d50ec0aed864dbca54cf795b040) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/create-spdx: Add SPDX_PRETTY optionJoshua Watt2022-06-151-2/+2
| | | | | | | | | | | Adds an option to make the SPDX more human-readable (at the expense of a larger files) (From OE-Core rev: 4799594b26f77ed259dc661bf077519b338390c8) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* create-spdx: add support for SDKsAndres Beltran2022-02-251-0/+4
| | | | | | | | | | Currently, SPDX SBOMs are only created for images. Add support for SDKs. (From OE-Core rev: c3acbb936a339636153903daf127eec9f36de79b) Signed-off-by: Andres Beltran <abeltran@linux.microsoft.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/create-spdx: Add runtime dependency mappingJoshua Watt2021-09-031-2/+3
| | | | | | | (From OE-Core rev: 82f3229bce41dc101c79865033432161dac269d8) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/create-spdx: Add SHA1 to index fileJoshua Watt2021-09-031-3/+13
| | | | | | | (From OE-Core rev: ebfe78ad26b643ce0fb22ba5b3ede43da4a78987) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/create-spdx: Add classJoshua Watt2021-09-031-0/+63
Adds a class as a first attempt to create SPDX SBoM documents during the build. This initial work was influenced by [meta-doubleopen][1], although almost completely rewritten. [1]: https://github.com/doubleopen-project/meta-doubleopen (From OE-Core rev: 78c79821ae7e2f060b9a74ea9aefce98102bb00e) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>