Add a check for a SECURITY.md file (or similar) to yocto-check-layer, as knowing where to report security issues is important.
Signed-off-by: Ross Burton <[email protected]> --- scripts/lib/checklayer/cases/common.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/scripts/lib/checklayer/cases/common.py b/scripts/lib/checklayer/cases/common.py index 97b16f78c8e..2da3d9d77a3 100644 --- a/scripts/lib/checklayer/cases/common.py +++ b/scripts/lib/checklayer/cases/common.py @@ -40,6 +40,19 @@ class CommonCheckLayer(OECheckLayerTestCase): email_regex = re.compile(r"[^@]+@[^@]+") self.assertTrue(email_regex.match(data)) + def test_security(self): + """ + Test that the layer has a SECURITY.md (or similar) file. + """ + if self.tc.layer['type'] == LayerType.CORE: + raise unittest.SkipTest("Core layer's SECURITY is top level") + + security = os.path.join(self.tc.layer['path'], 'SECURITY') + security_glob = os.path.join(self.tc.layer['path'], 'SECURITY.*') + + files = glob.glob(security) + glob.glob(security_glob) + self.assertTrue(files, msg="Layer doesn't contain a SECURITY.md file.") + def test_parse(self): check_command('Layer %s failed to parse.' % self.tc.layer['name'], 'bitbake -p') -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#207100): https://lists.openembedded.org/g/openembedded-core/message/207100 Mute This Topic: https://lists.openembedded.org/mt/109553474/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
