The proper way would be to cherry-pick the following commit: 2cc43c72ff28aa39a417dd8d57cd7c8741c0e541 But this also requires applying a patch to bitbake to handle that.
So, for Scarthgap, add (manually) the variables CVE_STATUS and CVE_CHECK_STATUSMAP to the vardeps flag of all callers of the following functions: get_patched_cves() and decode_cve_status() Signed-off-by: Benjamin Robin (Schneider Electric) <[email protected]> --- meta/classes/create-spdx-2.2.bbclass | 1 + meta/classes/create-spdx-3.0.bbclass | 2 ++ meta/classes/cve-check.bbclass | 1 + meta/classes/vex.bbclass | 1 + 4 files changed, 5 insertions(+) diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass index aaa2e78fe211..037193bb4b96 100644 --- a/meta/classes/create-spdx-2.2.bbclass +++ b/meta/classes/create-spdx-2.2.bbclass @@ -710,6 +710,7 @@ python do_create_spdx() { oe.sbom.write_doc(d, package_doc, pkg_arch, "packages", indent=get_json_indent(d)) } +do_create_spdx[vardeps] += "CVE_STATUS" do_create_spdx[vardepsexclude] += "BB_NUMBER_THREADS" # NOTE: depending on do_unpack is a hack that is necessary to get it's dependencies for archive the source addtask do_create_spdx after do_package do_packagedata do_unpack do_collect_spdx_deps before do_populate_sdk do_build do_rm_work diff --git a/meta/classes/create-spdx-3.0.bbclass b/meta/classes/create-spdx-3.0.bbclass index c0a5436ad68f..309403abe162 100644 --- a/meta/classes/create-spdx-3.0.bbclass +++ b/meta/classes/create-spdx-3.0.bbclass @@ -148,6 +148,8 @@ do_create_spdx[vardeps] += "\ SPDX_PROFILES \ SPDX_NAMESPACE_PREFIX \ SPDX_UUID_NAMESPACE \ + CVE_STATUS \ + CVE_CHECK_STATUSMAP \ " addtask do_create_spdx after \ diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index f5bbaa5d159a..3f4704fb4ec2 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -187,6 +187,7 @@ python do_cve_check () { } addtask cve_check before do_build +do_cve_check[vardeps] += "CVE_STATUS CVE_CHECK_STATUSMAP" do_cve_check[depends] = "cve-update-nvd2-native:do_unpack" do_cve_check[nostamp] = "1" diff --git a/meta/classes/vex.bbclass b/meta/classes/vex.bbclass index 707e6f45a19a..45a15348724b 100644 --- a/meta/classes/vex.bbclass +++ b/meta/classes/vex.bbclass @@ -160,6 +160,7 @@ python do_generate_vex () { cve_write_data_json(d, cve_data, cves_status) } +do_generate_vex[vardeps] += "CVE_STATUS CVE_CHECK_STATUSMAP" addtask generate_vex before do_build -- 2.52.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#228747): https://lists.openembedded.org/g/openembedded-core/message/228747 Mute This Topic: https://lists.openembedded.org/mt/117011436/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
