| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CVE is about race conditions in 'ps' which make it unsuitable for security
audits. As these race conditions are unavoidable ps shouldn't be used for
security auditing, so this isn't a valid CVE.
(From OE-Core rev: b3fa0654abf9ac32f683ac174e453ea5e64b6cb8)
(From OE-Core rev: 618a3203d53d33e6403386f1204bcaf327b68f37)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/procps/procps_3.3.15.bb
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: f1d5273d53d66b217f3d4975f5cb5eb367b1aab1)
(From OE-Core rev: 2395ae4a332928de3f5fcb840ef196e7a7d77386)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/pam/libpam_1.3.1.bb
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 43aaa117386490c822b824974fb095bd0d3ce1a3)
(From OE-Core rev: 76b3996974de8ca8729d7d262b1c90cd2def02d5)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-sato/webkit/webkitgtk_2.24.0.bb
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are many projects called Flex and they have CVEs, so also set the vendor
to remove these false positives.
(From OE-Core rev: 0598ccdcb31e16f1d1227197591b10ba441fcfe2)
(From OE-Core rev: 22544792c5b3bd9be0af7c2b7c6dd7e68aa00f83)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 066fa83eeaaa34e5b901dc4b82ad607d0fa78f0b)
(From OE-Core rev: add14ed1970ff70f4dc71720986e13887da9fffa)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 8f03a33f61a94e9b8d8232283204588ce18b45a0)
(From OE-Core rev: 5ebaa9b41501c64e939b671b37dc616e98d2a803)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 721e69aa12dd9ee22618ef13f29fb6d28eeab9af)
(From OE-Core rev: 4f905e245a02b9d8c5fe4a77271aabc41a69ba00)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/ghostscript/ghostscript_9.26.bb
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 1f0cca19014fef24a359d400c96d178463b2760f)
(From OE-Core rev: d368ffb08bd3e3de59827e49df9c69643e002e6e)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-graphics/libsdl2/libsdl2_2.0.9.bb
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 3c247a4a166cabf7ddfea403cf272b3fb4e00872)
(From OE-Core rev: 52a716ed45c9b36c893b56c4f71a84769ae67878)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: e61c42ee49029ae8ffec58128dd083031305d9e5)
(From OE-Core rev: 29a898902b52bada1dafdf82a32d1151ed818a06)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-devtools/nasm/nasm_2.14.02.bb
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 8995f2c7d6f2f6f760811976af77e949d505a5d8)
(From OE-Core rev: 414fd1cd1845d05103cdc1f845acac4953c06f09)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: f6a456fed7286e1304cd776bb2f740c462c9b4b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVEs that are whitelisted or were not vulnerable when there are version
comparisons were not included in the report, so alter the logic to ensure that
all relevant CVEs are in the report for completeness.
(From OE-Core rev: 98256ff05fcfe9d5ccad360582c36eafb577c264)
(From OE-Core rev: 301887fc4b726e1040e1ff2045c70562624dc961)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When https_proxy is set, use proxy opener to open CVE metadata and
database URLs, otherwise fallback to the urllib.request.urlopen.
Also fix a minor issue where the json database which has been gzip
decompressed as byte object should be decoded as utf-8 string as
expected by update_db.
(From OE-Core rev: 95438d52b732bec217301fbfc2fb019bbc3707c8)
(From OE-Core rev: 6d3222fb7ecde524c4e033729318fb0fb80a444c)
Signed-off-by: Chin Huat Ang <chin.huat.ang@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the code fetches the compressed JSON, writes it to a temporary file,
uncompresses that with gzip and passes the fake file object to update_db().
Instead, uncompress the gzip'd data in memory and pass the JSON directly to
update_db().
(From OE-Core rev: 9422745979256c442f533770203f62ec071c18fb)
(From OE-Core rev: 1d34aec479156a7dadf7867bbf0d53f12d21ef3e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The metadata parser is fragile: first it coerces a bytes() to a str() (so the
string is b'LastModifiedDate:2019...'), assumes the first line is the date, and
then uses a regex to parse (which then includes the trailing quote as part of
the date).
Clean this up by parsing the bytes as UTF-8 (ASCII is probably fine, but this is
safer), iterate through the lines and split on colons to find the right
key/value pair.
(From OE-Core rev: bb4e53af33d6ca1e9346464adbdc1b39c47530f3)
(From OE-Core rev: c718e073e8e9cd5df9e19dd02fcac2139758b5b7)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of calling execute() repeatedly, rewrite the function to be a generator
and use executemany() for performance.
(From OE-Core rev: b309840b6aa3423b909a43499356e929c8761318)
(From OE-Core rev: d248ec9764d0439eb30fdb3605e9d05ee4219348)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The recipe was called -native but didn't inherit native.
(From OE-Core rev: f0d822fad2a163d1ee32ed3b4c0359245140e19b)
(From OE-Core rev: 5eeafcb492daf63602f0e2ed4a12f755701597d7)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 4b301030cf9cf7a981dcff85a50e915c045e3130)
(From OE-Core rev: 7df7cd765e67535b72cd56eb679c6f5078c08460)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
djb2 hash algorithm was found to do collisions, so the database was
sometime missing data. Remove this hash mechanism, clear and populate
elements from scratch in PRODUCTS table if the current year needs an
update.
(From OE-Core rev: 78de2cb39d74b030cd4ec811bf6f9a6daa003d19)
(From OE-Core rev: e6541c6add1714938a81cca394886893cf24cdb0)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using expanded list of affected versions that is not
reliable, use the 'cpe_match' node in the 'configurations' json node.
For cve-check to correctly match affected CVE, the sqlite database need to
contain operator_start, operator_end and the corresponding versions fields.
(From OE-Core rev: f7676e9a38d595564922e5f59acbc69c2109a78f)
(From OE-Core rev: 6977d15fbc3b78958768b21f6c501e7d63be9499)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 91770338f76ef35f3c4eeac216eb9d2b3188e575)
(From OE-Core rev: 075683d23018760e8b2fa0b793ceacd9027e55c3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE_CHECK_WHITELIST does not contain version anymore, as it was not
used. This variable should be set per recipe.
(From OE-Core rev: 7069302a4ccbb5b72e1902f284cf078516fd7294)
(From OE-Core rev: 8dd899679fc881d02e081d1e0814252d604dd479)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some product names are too vague to be searched without also matching the
vendor, for example Flex could be the parser compiler we ship, or Adobe Flex, or
Apache Flex, or IBM Flex.
If entries in CVE_PRODUCT contain a colon then split it as vendor:product to improve the search.
Also don't use .format() to construct SQL as that can lead to security
issues. Instead, use ? placeholders and lets sqlite3 handle the escaping.
(From OE-Core rev: e6bf90009877d00243417898700d2320fd87b39c)
(From OE-Core rev: 0851d68b4679a7035029d28091d9a6b21d266c99)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes build failure with core-image-minimal:
Exception: UnboundLocalError: local variable 'to_append' referenced before assignment
(From OE-Core rev: 270ac00cb43d0614dfe1c95f960c76e9e5fa20d4)
(From OE-Core rev: 45758c900ff738e58fd37ff809960965867d79f8)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As glibc will be scanned for CVEs, we don't need to scan glibc-locale,
glibc-mtrace, and glibc-scripts which are all separate recipes for technical
reasons.
Exclude the recipes by setting CVE_PRODUCT in the recipe, instead of using the
global whitelist.
(From OE-Core rev: 1f9a963b9ff7ebe052ba54b9fcbdf7d09478dd17)
(From OE-Core rev: 2b9f1b654c726e7c7b2fe8710d60ca10212295f5)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 5388ed6d1378d647a65912dbd537f9ef3cb5760a)
(From OE-Core rev: eb227c8885580fc08dccc005056bb1fdb691ea1d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-2524 is a readline CVE that was fixed in 6.3patch3 onwards, but the
tooling wasn't able to detect this version. As we now ship readline 8 we don't
need to manually whitelist it, and if we did then the whitelisting should be in
the readline recipe.
(From OE-Core rev: 07bb8b25e172aa5c8ae96b6e8eb4ac901b835219)
(From OE-Core rev: c7f23d4e53d039838536f71996ad896c977cf138)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that cve-update-db added CPE information to NVD database. We can
check for unpatched versions with operators '<', '<=', '>', and '>='.
(From OE-Core rev: bc0195be1b15bcffe60127bc5e8b7011a853c2ed)
(From OE-Core rev: 48793a3b74bfaa5ffe6191d21f64aef3720433db)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
do_populate_cve_db is a native task.
(From OE-Core rev: 4078da92b49946848cddebe1735f301af161e162)
(From OE-Core rev: 5d6cbab419770eb556b57445fd5509339d3142b4)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/conf/distro/include/maintainers.inc
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the NVD url is not accessible, print a warning on top of the CVE
report, and continue. The database will not be fully updated, but
cve_check can still run on the previous database.
(From OE-Core rev: 0325dd72714f0b447558084f481b77f0ec850eed)
(From OE-Core rev: ae743789d893e950583014f38f0ad246aa4fe034)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To be able to populate NVD database on a fetchall
(bitbake <image> --run-all=fetch), set the do_populate_cve_db task to be
executed before do_fetch.
Do not get CVE_CHECK_DB_DIR, CVE_CHECK_DB_FILE and CVE_CHECK_TMP_FILE
variable because do_populate_cve_db can be called in a context where
cve-check class is not loaded.
(From OE-Core rev: 975793e3825a2a9ca6dc0e43577f680214cb7993)
(From OE-Core rev: 5d265e84ef47ec6545eaa0fa64b16ccbb9e8a4ea)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
If https_proxy environment variable is defined, manage proxy to be able
to download meta and json data feeds from https://nvd.nist.gov
(From OE-Core rev: 09be21f4d1793b1e26e78391f51bfc0a27b76deb)
(From OE-Core rev: 3af4399ea35b5c4b87d656f09dd2afed11791f0a)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of generating a series of indexes via range(len(list)), just iterate the
list.
(From OE-Core rev: 27eb839ee651c2d584db42d23bcf5dd764eb33f1)
(From OE-Core rev: 27ef8c40afc27ce0ae87d2fe9a973edc89133def)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
urllib3 was used in this recipe but it was not set as a
dependency. As it is not specifically needed, rewrite the recipe with
urllib from the standard library.
(From OE-Core rev: c0eabd30d7b9c2517f4ec9229640be421ecc8a5e)
(From OE-Core rev: bfaee04b8a7cb0fc6e149106619a01b848fd8a98)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
flac uses both 'flac' and 'libflac' as cve product.
(From OE-Core rev: 3a043a078f6cc89bcc097823fa37cd1311805ae7)
(From OE-Core rev: c130045aff7f51ddb6c7fbde590a79207dbb4ddf)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the NVD json CVE feed, affected versions can be strictly matched to a
version, but they can also be matched with the operator '<='.
Add a new condition in the sqlite query to match affected versions that
are defined with the operator '<='. Then use LooseVersion to discard all
versions that are not relevant.
(From OE-Core rev: 3bf63bc60848d91e90c23f6d854d22b78832aa2d)
(From OE-Core rev: 70046288894184477dcf6f7eba25b1994b88c8de)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
In some rare cases (eg. curl recipe) the CVE_PRODUCT contains more than
one name.
(From OE-Core rev: 7f62a20b32a3d42f04ec58786a7d0db68ef1bb05)
(From OE-Core rev: 4f96e9ba1f4f14f312b6024711fe8da0c3041e4c)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Use the new update-cve-db recipe to update database.
(From OE-Core rev: bc144b028f6f51252f4359248f6921028bcb6780)
(From OE-Core rev: 6556bb30998d9d37f2389492eb7c15667ba4a827)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cve-check-tool-native do_populate_cve_db task was using deprecated NVD
xml data feeds, cve-update-db uses NVD json data feeds.
Sqlite database schema was updated to take into account CVSSv3 CVE
scores and operator in affected product versions.
A new META table was added to store the last modification date of the
NVD json data feeds.
(From OE-Core rev: 546d14135c50c6a571dfbf3baf6e9b22ce3d58e0)
(From OE-Core rev: e344a27003cc9e39058b41c0e96463f231ebf245)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/conf/distro/include/maintainers.inc
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 29fc9210b973be68de474e75068e4c72371afe5a)
(From OE-Core rev: b6645596f2d2faf8f1fdfbedfe1edd004fbce6bc)
(From OE-Core rev: 151f7fb11bb4c91dd6edaebcc63fa3c1a2cbfe8b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes libstdc++ changes from gcc 9.X.
It also switches uninative from bz2 to xz compression.
(From OE-Core rev: 7ed16ec033366aea175ac4ecf7cd82656c4141bb)
(From OE-Core rev: 0bc5136608f7e3cab31ea57a4c3dd8df7eca9a4b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows better parallelism between the different tests as currently
this block takes the longest time to execute. devtool tests are still
all grouped into the "devtool" module for ease of exection.
This also makes it easier to execute some subset of devtool tests for
testing devtool changes.
(From OE-Core rev: 84f19e78d9b1f3d634cf1d46ce48f24670199d0b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently some tests run in buffer mode and some don't. Those that don't can
corrupt stdout/stderr. Switch to using buffer mode everywhere so we're consistent.
If there is useful output on stdout/stderr, it will be displayed if the test
fails.
(From OE-Core rev: 85c1b6fb516aae58240330a0aca659bfafcd3883)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If dbus isn't build first the dbus dependency of dbus-wait can't be detected
through pkgconfig and the test fails:
AssertionError: {'DEPENDS': {'dbus'}} != {}
- {'DEPENDS': {'dbus'}}
+ {} : Some expected variables not found in recipe: {'DEPENDS': {'dbus'}}
Ensure dbus is built and present in the sysroot.
(From OE-Core rev: af7ba26a603a12de0aed35e786674c92049c2bee)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The warn method is deprecated. We should use the documented warning instead.
Quoting from the python's official doc:
"""
Note: There is an obsolete method warn which is functionally identical to warning.
As warn is deprecated, please do not use it - use warning instead.
"""
(From OE-Core rev: cc771aa4b74f222f1bea38b0b50196b2fbc97ab4)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Prefer collections.abc (new in Python 3.3) over collections for abstract base classes
- In Python 3.8, the abstract base classes in collections.abc will no longer be exposed in
the regular collections module. This will help create a clearer distinction between
the concrete classes and the abstract base classes."
- https://docs.python.org/3.7/whatsnew/3.7.html#deprecated
- see https://github.com/python/cpython/commit/c66f9f8d3909f588c251957d499599a1680e2320
(From OE-Core rev: b254ab6ce34da3d3241a51958b5770664d317fcc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sometimes we meet the following failure for the test_lookup_recipe
test case.
AssertionError: 'zlib\nbusybox is in the RPROVIDES of target-sdk-provid[32 chars]ummy' != 'zlib\nbusybox'
zlib
+ busybox- busybox is in the RPROVIDES of target-sdk-provides-dummy:
- target-sdk-provides-dummy
This is because target-sdk-provides-dummy rprovides busybox.
So clean things up to avoid failure.
(From OE-Core rev: 5ae49260180adc0070287db01c01a0820ce99ad3)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All test id (eg. @alias) inside manual testcase file shall follow the same
test id naming convention from oeqa automated tests (eg. selftest,
runtime, sdk, etc), where the test id consists of
<test_module>.<test_suite>.<test_function>. Furthermore, there shall be
only 1 unique test_module per each manual testcases file, where
test_module match the file name itself.
This file was using test_module name that does not match the file name
itself. Fixed test_module name as well as the test_suite name.
(From OE-Core rev: 05e08a64771e40c147bdd6f02492b85edc01e946)
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of the solution to replace Testopia, manual test cases
need to be migrated to OEQA. These manual test case json files
will serve two use cases.
Use case#1: as input to the future commandline-based manual test
runner script, where this script will display actions and expected
result information in user friendly text, then it will capture
user input for test result and log, finally it will write test
result and log into existing standardize test result json format
from OEQA framework for automated tests.
Use case#2: QA will open and read these json file manually for
planning manual test execution. Any reader interested in
understanding manual test cases will open and read these files.
(From OE-Core rev: 73f5446c38a5d7766c81cda7a7bb22df9cfe0f23)
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|