diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-04-17 11:34:57 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2025-04-24 11:27:06 +0100 |
| commit | 416a5dff54af51f66c838431d436723537b2af9f (patch) | |
| tree | 0674d82b5b826b8557743a2195d9affcc0851c77 | |
| parent | 9fd08fcd9450e89be8877d348658d3eeb4f9bf05 (diff) | |
| download | poky-416a5dff54af51f66c838431d436723537b2af9f.tar.gz | |
spdx: extend CVE_STATUS variables
If spdx is generated without inheriting cve/vex classes (which is poky
default), only explicitly set CVE_STATUS fields are handled.
Calculated ones (e.g. from CVE_STATUS_GROUPS) are ignored.
Fix this by expanding the CVE_STATUS in spdx classes.
(From OE-Core rev: ead9c6a8770463c21210a57cc5320f44f7754dd3)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/classes/spdx-common.bbclass | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/classes/spdx-common.bbclass b/meta/classes/spdx-common.bbclass index 36feb56807..713a7fc651 100644 --- a/meta/classes/spdx-common.bbclass +++ b/meta/classes/spdx-common.bbclass | |||
| @@ -37,6 +37,11 @@ SPDX_CUSTOM_ANNOTATION_VARS ??= "" | |||
| 37 | 37 | ||
| 38 | SPDX_MULTILIB_SSTATE_ARCHS ??= "${SSTATE_ARCHS}" | 38 | SPDX_MULTILIB_SSTATE_ARCHS ??= "${SSTATE_ARCHS}" |
| 39 | 39 | ||
| 40 | python () { | ||
| 41 | from oe.cve_check import extend_cve_status | ||
| 42 | extend_cve_status(d) | ||
| 43 | } | ||
| 44 | |||
| 40 | def create_spdx_source_deps(d): | 45 | def create_spdx_source_deps(d): |
| 41 | import oe.spdx_common | 46 | import oe.spdx_common |
| 42 | 47 | ||