spdx3: support to override the version of a package in SBOM 3

By default, still use ${PV} as the the version of a package in SBOM 3 $ bitbake acl $ jq . tmp/deploy/spdx/3.0.1/core2-64/packages/package-acl.spdx.json ... { "type": "software_Package", ... "name": "acl", "software_packageVersion": "2.3.2" }, ... Support to override it by setting SPDX_PACKAGE_VERSION, such as set SPDX_PACKAGE_VERSION = "${EXTENDPKGV}" in local.conf to append PR to software_packageVersion in SBOM 3 $ echo 'SPDX_PACKAGE_VERSION = "${EXTENDPKGV}"' >> conf/local.conf $ bitbake acl $ jq . tmp/deploy/spdx/3.0.1/core2-64/packages/package-acl.spdx.json ... { "type": "software_Package", ... "name": "acl", "software_packageVersion": "2.3.2-r0" }, ... (From OE-Core rev: e6ff5f4d870624795bd36572f5c2bfeec90d83ce) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Hongxu Jia <hongxu.jia@windriver.com> 2025-03-24 14:54:07 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-03-24 17:29:16 +0000
commit: 0834a9cdf684fc906f5afb20493579324cedea7b (patch)
tree: befe1a43180134628d9601ec749196847881e2c3 /meta/lib/oe
parent: b9620d79c054026ab885997a6b110034ec87aabe (diff)
download: poky-0834a9cdf684fc906f5afb20493579324cedea7b.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py
index 1629ed69ce..52329760b6 100644
--- a/meta/lib/oe/spdx30_tasks.py
+++ b/meta/lib/oe/spdx30_tasks.py
@@ -606,7 +606,7 @@ def create_spdx(d):
                    _id=pkg_objset.new_spdxid("package", pkg_name),
                    creationInfo=pkg_objset.doc.creationInfo,
                    name=pkg_name,
-                    software_packageVersion=d.getVar("PV"),
+                    software_packageVersion=d.getVar("SPDX_PACKAGE_VERSION"),
                )
            )
            set_timestamp_now(d, spdx_package, "builtTime")
author	Hongxu Jia <hongxu.jia@windriver.com>	2025-03-24 14:54:07 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-03-24 17:29:16 +0000
commit	0834a9cdf684fc906f5afb20493579324cedea7b (patch)
tree	befe1a43180134628d9601ec749196847881e2c3 /meta/lib/oe
parent	b9620d79c054026ab885997a6b110034ec87aabe (diff)
download	poky-0834a9cdf684fc906f5afb20493579324cedea7b.tar.gz

diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py index 1629ed69ce..52329760b6 100644 --- a/meta/lib/oe/spdx30_tasks.py +++ b/meta/lib/oe/spdx30_tasks.py
@@ -606,7 +606,7 @@ def create_spdx(d):
606	_id=pkg_objset.new_spdxid("package", pkg_name),	606	_id=pkg_objset.new_spdxid("package", pkg_name),
607	creationInfo=pkg_objset.doc.creationInfo,	607	creationInfo=pkg_objset.doc.creationInfo,
608	name=pkg_name,	608	name=pkg_name,
609	software_packageVersion=d.getVar("PV"),	609	software_packageVersion=d.getVar("SPDX_PACKAGE_VERSION"),
610	)	610	)
611	)	611	)
612	set_timestamp_now(d, spdx_package, "builtTime")	612	set_timestamp_now(d, spdx_package, "builtTime")