> -----Original Message----- > From: [email protected] <openembedded- > [email protected]> On Behalf Of Alexander Kanavin via > lists.openembedded.org > Sent: Tuesday, May 12, 2026 12:10 PM > To: [email protected] > Cc: Alexander Kanavin <[email protected]> > Subject: [OE-core] [PATCH] sbom-cve-check: set PV from upstream tags and > ensure version checks are correct > > From: Alexander Kanavin <[email protected]> > > These recipes didn't set PV, which by default is 1.0. This isn't correct:
This is probably old commit message that claims PV being 1.0. I can see version provided in filename of recipes being updated in this commit. > upstream does provide date-based tags that can be used to perform version > upgrades. > > Signed-off-by: Alexander Kanavin <[email protected]> > --- > ...ve.bb => sbom-cve-check-update-cvelist-native_2026-05-07.bb} | 2 +- > ...bb => sbom-cve-check-update-nvd-native_2026.05.07-000006.bb} | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > rename meta/recipes-devtools/sbom-cve-check/{sbom-cve-check-update-cvelist- > native.bb => sbom-cve-check-update-cvelist-native_2026-05-07.bb} (88%) > rename meta/recipes-devtools/sbom-cve-check/{sbom-cve-check-update-nvd- > native.bb => sbom-cve-check-update-nvd-native_2026.05.07-000006.bb} (90%) > > diff --git > a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist- > native.bb b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update- > cvelist-native_2026-05-07.bb > similarity index 88% > rename from meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update- > cvelist-native.bb > rename to meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update- > cvelist-native_2026-05-07.bb > index 3763e7f21f..7670172c40 100644 > --- a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist- > native.bb > +++ b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist- > native_2026-05-07.bb > @@ -6,7 +6,7 @@ HOMEPAGE = "https://github.com/CVEProject/cvelistV5"; > SRC_URI = > "git://github.com/CVEProject/cvelistV5.git;branch=main;protocol=https;destsuffix=" > SBOM_CVE_CHECK_DB_NAME = "cvelist" > > -# cve_2026-05-07_1300Z > SRCREV = "dd0e93c75034d0167498174c886a56729edc44de" > +UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>.+)_baseline" > > require sbom-cve-check-update-db.inc > diff --git a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd- > native.bb b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd- > native_2026.05.07-000006.bb > similarity index 90% > rename from meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update- > nvd-native.bb > rename to meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd- > native_2026.05.07-000006.bb > index 26a14e6eb1..02446e30ce 100644 > --- a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd- > native.bb > +++ b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd- > native_2026.05.07-000006.bb > @@ -6,7 +6,7 @@ HOMEPAGE = "https://github.com/fkie-cad/nvd-json-data- > feeds" > SRC_URI = "git://github.com/fkie-cad/nvd-json-data- > feeds.git;branch=main;protocol=https;destsuffix=" > SBOM_CVE_CHECK_DB_NAME = "nvd-fkie" > > -# v2026.05.07-000006 > SRCREV = "72d8841c8ad9083ebf6723063f275444ea0d76f9" > +UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.+)" > > require sbom-cve-check-update-db.inc > -- > 2.47.3
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#236876): https://lists.openembedded.org/g/openembedded-core/message/236876 Mute This Topic: https://lists.openembedded.org/mt/119271933/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
