diff options
| -rw-r--r-- | meta/classes/create-spdx.bbclass | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index eb9535069a..eaf92c1773 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass | |||
| @@ -29,6 +29,11 @@ SPDX_NAMESPACE_PREFIX ??= "http://spdx.org/spdxdoc" | |||
| 29 | SPDX_LICENSES ??= "${COREBASE}/meta/files/spdx-licenses.json" | 29 | SPDX_LICENSES ??= "${COREBASE}/meta/files/spdx-licenses.json" |
| 30 | 30 | ||
| 31 | SPDX_ORG ??= "OpenEmbedded ()" | 31 | SPDX_ORG ??= "OpenEmbedded ()" |
| 32 | SPDX_SUPPLIER ??= "Organization: ${SPDX_ORG}" | ||
| 33 | SPDX_SUPPLIER[doc] = "The SPDX PackageSupplier field for SPDX packages created from \ | ||
| 34 | this recipe. For SPDX documents create using this class during the build, this \ | ||
| 35 | is the contact information for the person or organization who is doing the \ | ||
| 36 | build." | ||
| 32 | 37 | ||
| 33 | do_image_complete[depends] = "virtual/kernel:do_create_spdx" | 38 | do_image_complete[depends] = "virtual/kernel:do_create_spdx" |
| 34 | 39 | ||
| @@ -425,6 +430,7 @@ python do_create_spdx() { | |||
| 425 | recipe.name = d.getVar("PN") | 430 | recipe.name = d.getVar("PN") |
| 426 | recipe.versionInfo = d.getVar("PV") | 431 | recipe.versionInfo = d.getVar("PV") |
| 427 | recipe.SPDXID = oe.sbom.get_recipe_spdxid(d) | 432 | recipe.SPDXID = oe.sbom.get_recipe_spdxid(d) |
| 433 | recipe.packageSupplier = d.getVar("SPDX_SUPPLIER") | ||
| 428 | if bb.data.inherits_class("native", d) or bb.data.inherits_class("cross", d): | 434 | if bb.data.inherits_class("native", d) or bb.data.inherits_class("cross", d): |
| 429 | recipe.annotations.append(create_annotation(d, "isNative")) | 435 | recipe.annotations.append(create_annotation(d, "isNative")) |
| 430 | 436 | ||
| @@ -534,6 +540,7 @@ python do_create_spdx() { | |||
| 534 | spdx_package.name = pkg_name | 540 | spdx_package.name = pkg_name |
| 535 | spdx_package.versionInfo = d.getVar("PV") | 541 | spdx_package.versionInfo = d.getVar("PV") |
| 536 | spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d, found_licenses) | 542 | spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d, found_licenses) |
| 543 | spdx_package.packageSupplier = d.getVar("SPDX_SUPPLIER") | ||
| 537 | 544 | ||
| 538 | package_doc.packages.append(spdx_package) | 545 | package_doc.packages.append(spdx_package) |
| 539 | 546 | ||
| @@ -826,6 +833,7 @@ python image_combine_spdx() { | |||
| 826 | image.name = d.getVar("PN") | 833 | image.name = d.getVar("PN") |
| 827 | image.versionInfo = d.getVar("PV") | 834 | image.versionInfo = d.getVar("PV") |
| 828 | image.SPDXID = oe.sbom.get_image_spdxid(image_name) | 835 | image.SPDXID = oe.sbom.get_image_spdxid(image_name) |
| 836 | image.packageSupplier = d.getVar("SPDX_SUPPLIER") | ||
| 829 | 837 | ||
| 830 | doc.packages.append(image) | 838 | doc.packages.append(image) |
| 831 | 839 | ||