From 3a861f2204e18ddf4a9a4add06b84f7b6f36f73a Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Sun, 12 Mar 2023 09:45:43 +0100 Subject: go: use go as CVE product for all golang recipe veriants All golang vulnerabilities are reported under product 'go'. By default there is no vulnerability reported for images with golang components because none of used golang packages have correct CVE product set: * go-binary-native * go-runtime * go-cross-* (From OE-Core rev: 09f3a27a809bbec9b08c4e4a2b846b68f386c35c) Signed-off-by: Peter Marko Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie --- meta/recipes-devtools/go/go-binary-native_1.20.1.bb | 2 ++ meta/recipes-devtools/go/go-common.inc | 3 +++ 2 files changed, 5 insertions(+) (limited to 'meta/recipes-devtools/go') diff --git a/meta/recipes-devtools/go/go-binary-native_1.20.1.bb b/meta/recipes-devtools/go/go-binary-native_1.20.1.bb index 3eb80fdcce..239334552a 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.20.1.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.20.1.bb @@ -16,6 +16,8 @@ SRC_URI[go_linux_ppc64le.sha256sum] = "85cfd4b89b48c94030783b6e9e619e35557862358 UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux" +CVE_PRODUCT = "go" + S = "${WORKDIR}/go" inherit goarch native diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc index 83f8db7b39..96e32eeb97 100644 --- a/meta/recipes-devtools/go/go-common.inc +++ b/meta/recipes-devtools/go/go-common.inc @@ -19,6 +19,9 @@ S = "${WORKDIR}/go" B = "${S}" UPSTREAM_CHECK_REGEX = "(?P\d+(\.\d+)+)\.src\.tar" +# all recipe variants are created from the same product +CVE_PRODUCT = "go" + INHIBIT_PACKAGE_DEBUG_SPLIT = "1" SSTATE_SCAN_CMD = "true" -- cgit v1.2.3-54-g00ecf