From 07836a96845bad998a803aedf6b3a6d80445f211 Mon Sep 17 00:00:00 2001 From: Joshua Watt Date: Fri, 27 Sep 2024 09:51:55 -0600 Subject: spdx 3.0: Map gitsm URI to git "gitsm" is not a recognized URI protocol (outside of bitbake), so map it to "git" when writing. This should be OK since we report all of the submodule source code (if enabled), and it's still possible for 3rd party analyzers to determine that submodules are in use by looking at .gitmodules. The code to do the mapping is moved to a common location so it covers SPDX 2.2 also [YOCTO #15582] (From OE-Core rev: 6ecf89c75b1a74515266085acc5d3621a0fb2fa1) Signed-off-by: Joshua Watt Signed-off-by: Richard Purdie --- meta/classes/create-spdx-2.2.bbclass | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) (limited to 'meta/classes/create-spdx-2.2.bbclass') diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass index 795ba1a882..cd1d6819bf 100644 --- a/meta/classes/create-spdx-2.2.bbclass +++ b/meta/classes/create-spdx-2.2.bbclass @@ -354,15 +354,6 @@ def add_download_packages(d, doc, recipe): if f.type == "file": continue - uri = f.type - proto = getattr(f, "proto", None) - if proto is not None: - uri = uri + "+" + proto - uri = uri + "://" + f.host + f.path - - if f.method.supports_srcrev(): - uri = uri + "@" + f.revisions[name] - if f.method.supports_checksum(f): for checksum_id in CHECKSUM_LIST: if checksum_id.upper() not in oe.spdx.SPDXPackage.ALLOWED_CHECKSUMS: @@ -377,7 +368,7 @@ def add_download_packages(d, doc, recipe): c.checksumValue = expected_checksum package.checksums.append(c) - package.downloadLocation = uri + package.downloadLocation = oe.spdx_common.fetch_data_to_uri(f, name) doc.packages.append(package) doc.add_relationship(doc, "DESCRIBES", package) # In the future, we might be able to do more fancy dependencies, -- cgit v1.2.3-54-g00ecf