Mirror of git.yoctoproject.org/meta-virtualization https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=master 2026-04-29T20:01:23+00:00 2026-04-29T20:01:23+00:00 Bin Cao bin.cao.cn@windriver.com 2026-04-29T08:57:18+00:00 urn:sha1:e1beca39e85e32a767469eb6869875fec0009a02 Backported from [1], verified with the test script from [2]. [1] https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311 [2] https://github.com/theskumar/python-dotenv/security/advisories/GHSA-mf9w-mj56-hr94 [3] https://nvd.nist.gov/vuln/detail/CVE-2026-28684 Signed-off-by: Bin Cao <bin.cao.cn@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-04-28T11:27:58+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2026-04-23T15:47:41+00:00 urn:sha1:3c4b5325bcaeed30df377f70a32486902643f8d7 OE-Core needs to make some improvements to the way DISTRO_FEATURES is being built but this will break the way meta-virtualization is handling native propagation. Use DISTRO_FEATURES_FILTER_NATIVE which is designed for this. That then means updating the bbappend just to look at DISTRO_FEATURES and to look for both possible values. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-04-21T13:11:11+00:00 Himanshu Jadon hjadon@cisco.com 2026-04-21T02:43:58+00:00 urn:sha1:f8bbbf1f7d7b5c7ef6b2c9c86a93cb44524bc740 CVE_PRODUCT has been set to docker:registry to align with the NVD CPE product namespace for the distribution/registry codebase. Only a single CPE entry exists in the NVD for this product: cpe:2.3:a:docker:registry This ensures CVEs tracked for docker registry are matched for this recipe. Signed-off-by: Himanshu Jadon <hjadon@cisco.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-04-09T13:51:26+00:00 Li Zhou li.zhou@windriver.com 2026-04-08T08:40:52+00:00 urn:sha1:6eacd900611a08487f72112163f34be339277b7f New version of yq need set CGO_ENABLED="0" when compiling, and this causes do_compile failure for 32 bits target as below: -buildmode=pie requires external (cgo) linking, but cgo is not enabled Tool go's internal linker doesn't support PIE for linux 32 bits target, so -buildmode=pie requires external (cgo) linking on ARM and x86. To fix this conflict with CGO_ENABLED="0", remove "-buildmode=pie" from GOBUILDFLAGS. Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-03-26T17:55:26+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-03-26T17:55:26+00:00 urn:sha1:ad6a311fc13c2e112791ade719e5d27119d74b51 Update yq from 4.45.1 to 4.52.5 and convert from manual vendoring (20+ individual git SRC_URI entries) to the go-mod-vcs discovery system using pure hybrid mode (all gomod://). This makes future updates trivial via: bitbake yq -c discover_and_generate Shortlog of notable changes since 4.45.1: - Add support for YAML 1.1 octal numbers - Add --header-preprocess flag - Add bitwise operators (band, bor, bxor, bnot, bsl, bsr) - Add shuffle operator for arrays - Add rotate operator for arrays - Add limit operator - Add from_props/to_props for Java properties format - Add from_csv/to_csv improvements - Add --csv-separator flag - Improve JSON output formatting - Improve error messages for invalid expressions - Fix various edge cases in YAML/JSON/XML/TOML conversions - Fix memory leaks in large document processing - Performance improvements for large files - Updated Go module dependencies Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-03-26T15:54:03+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-03-26T14:25:30+00:00 urn:sha1:5ccb61a7a67d4f4e9a31301630a3224076bcc4b4 Update all active Go library recipes to their latest releases: - go-md2man: 1.0.10 → 2.0.7 (update GO_IMPORT for v2 module path) - go-cli: 1.1.0 → 2.27.7 (moved to github.com/urfave/cli/v2) - go-connections: 0.2.1 → 0.6.0 - go-dbus: 4.0.0 → 5.2.2 (update GO_IMPORT for v5 module path) - go-distribution: 2.6.0 → 3.0.0 (repo moved to distribution/distribution) - go-fsnotify: 1.5.1 → 1.9.0 - go-logrus: 0.11.0 → 1.9.4 - go-mux: unversioned → 1.8.1 - go-patricia: 2.2.6 → 2.3.3 - go-systemd: 4 → 22.7.0 (update GO_IMPORT for v22 module path) - grpc-go: 1.59.0 → 1.79.3 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-03-26T14:15:15+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-03-26T14:15:15+00:00 urn:sha1:ce4a0ce9006998863a7cb50ac2eee67d06ba3c08 Remove Go library recipes for projects that are archived, deprecated, or otherwise dead upstream: - go-capability: No releases ever published, community moved to github.com/moby/sys/capability - go-context: Superseded by Go stdlib context.Context (since Go 1.7) - go-libtrust: Archived on GitHub, no releases ever published - go-metalinter: Archived and deprecated since 2019, replaced by golangci-lint - go-pty: Archived since 2020, moved to github.com/creack/pty None of these are referenced as build dependencies by any recipe in meta-virtualization. External consumers should migrate to the upstream-recommended replacements. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-03-12T17:25:21+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2026-03-12T17:02:22+00:00 urn:sha1:c6b27a6b5d475b6b53dcff570f9ef84e95a6911f Avoid a yocto-check-layer issue: qemu-system-native:do_recipe_qa: 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 -> 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614 bitbake-diffsigs --task qemu-system-native do_recipe_qa --signature 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614 NOTE: Reconnecting to bitbake server... basehash changed from 1b770ad4a9b79d38c928331d17651d3d66a6ebc45822c336d7ab98bfa8ebfd94 to 6bc5e5507534603aa6f6ab862ab27ef9c0b9ffcfaa9922d7ef25cb563fab6ab9 Variable PACKAGECONFIG value changed: "fdt alsa kvm pie slirp png pixman sdl virglrenderer epoxy {++}" (whitespace changed) but moving the whitespace into the added option. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-19T19:14:22+00:00 urn:sha1:ba23ccd3390b7fbebfed641ebfcd978a0ba406dd Update SUMMARY and DESCRIPTION to note that runx is unmaintained (upstream dormant since 2022) and that vxn provides the same Xen DomU container functionality with pluggable hypervisor backends. go-build is the serial FD handler companion to runx and is similarly superseded. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-09T03:34:12+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-01-23T20:22:41+00:00 urn:sha1:729c4bb01402aac1348d5d40eea6a42ff2bc1934 Fix virtio-9p (virtfs) support for container-cross-install batch imports which provides ~50x speedup over base64-over-serial. The issue was that native recipes don't see target DISTRO_FEATURES, so qemu-system-native wasn't getting virtfs enabled. Fix by: - layer.conf: Propagate virtualization to DISTRO_FEATURES_NATIVE when vcontainer or virtualization is in target DISTRO_FEATURES - qemu-system-native: Check DISTRO_FEATURES_NATIVE for virtfs enable - container-cross-install: Prepend native sysroot to PATH so vrunner finds the QEMU with virtfs support Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>