On Mon, May 2, 2022 at 9:23 AM Marta Rybczynska <[email protected]> wrote: > > On Fri, Apr 29, 2022 at 5:53 PM Ralph Siemsen <[email protected]> > wrote: >> >> # Interval between CVE database updates, in seconds. >> # Set to "0" to to force an update of the database. >> CVE_DATABASE_UPDATE_INTERVAL ?= "24*60*60" >> > > This is a good idea, thank you Ralph, I like it. I'll be sending a v2 > shortly.
Thanks for this. I've tested it locally, on the fist run, the CVE database was fetched (it took quite a while, for some reason). On subsequent runs, no fetch occurs, so this seems to be working. I then set CVE_DB_UPDATE_INTERVAL = "3600" in my local.conf, and ran the build again. As it had been over an hour since the first build, the database was downloaded again. The timestamp on nvdcve_1.1.db did not change (as noted in one of your commit descriptions). So, it seems to be working correctly. I will re-test tomorrow (eg. after 24 hours) with the interval set back to default. One minor point of confusion is that the log still shows "NOTE: recipe cve-update-db-native-1.0-r0: task do_fetch: Started" even when the download is skipped. This is of course understandable when looking at the python code, the check is within the do_fetch function. There is probably no simple way to avoid this from being displayed. And most users won't notice anyway. But it initially confused me about what was happening. Regards, Ralph
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165172): https://lists.openembedded.org/g/openembedded-core/message/165172 Mute This Topic: https://lists.openembedded.org/mt/90771095/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
