Re: [OE-core] [PATCH] create-spdx: Add check for variable contents along with quotes
On 2/16/23 07:25, Joshua Watt wrote: On Wed, Feb 15, 2023 at 6:31 PM Saul Wold wrote: This adds a check to ensure we that if a variable is empty it gets an empty string, this also adds quotes to indicate the variable contents. "comment": "CUSTOM_SPECIAL=''" or "comment": "CUSTOM_SPECIAL= 'variable contents'" Signed-off-by: Saul Wold --- meta/classes/create-spdx-2.2.bbclass | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass index 28a42e009f6..8b18ada40a4 100644 --- a/meta/classes/create-spdx-2.2.bbclass +++ b/meta/classes/create-spdx-2.2.bbclass @@ -484,7 +484,10 @@ python do_create_spdx() { if d.getVar("SPDX_CUSTOM_ANNOTATION_VARS"): for var in d.getVar('SPDX_CUSTOM_ANNOTATION_VARS').split(): -recipe.annotations.append(create_annotation(d, var + "=" + d.getVar(var))) +if d.getVar(var): +recipe.annotations.append(create_annotation(d, var + "= '" + d.getVar(var) + "'")) Why the extra space after the = ? Right, probably should remove that. Does the variable need some escaping in case it already has a single quote in it? Was thinking about consistency with the empty case below, but I guess we need to think not just of a "stray" single quote in the string, but also a stray double quote ("). I guess we can just remove the single quotes completely for both cases. Sau! +else: +recipe.annotations.append(create_annotation(d, var + "=''")) # Some CVEs may be patched during the build process without incrementing the version number, # so querying for CVEs based on the CPE id can lead to false positives. To account for this, -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#177295): https://lists.openembedded.org/g/openembedded-core/message/177295 Mute This Topic: https://lists.openembedded.org/mt/96996669/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] create-spdx: Add check for variable contents along with quotes
On Wed, Feb 15, 2023 at 6:31 PM Saul Wold wrote: > > This adds a check to ensure we that if a variable is > empty it gets an empty string, this also adds quotes > to indicate the variable contents. > > "comment": "CUSTOM_SPECIAL=''" > or > "comment": "CUSTOM_SPECIAL= 'variable contents'" > > Signed-off-by: Saul Wold > --- > meta/classes/create-spdx-2.2.bbclass | 5 - > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/meta/classes/create-spdx-2.2.bbclass > b/meta/classes/create-spdx-2.2.bbclass > index 28a42e009f6..8b18ada40a4 100644 > --- a/meta/classes/create-spdx-2.2.bbclass > +++ b/meta/classes/create-spdx-2.2.bbclass > @@ -484,7 +484,10 @@ python do_create_spdx() { > > if d.getVar("SPDX_CUSTOM_ANNOTATION_VARS"): > for var in d.getVar('SPDX_CUSTOM_ANNOTATION_VARS').split(): > -recipe.annotations.append(create_annotation(d, var + "=" + > d.getVar(var))) > +if d.getVar(var): > +recipe.annotations.append(create_annotation(d, var + "= '" + > d.getVar(var) + "'")) Why the extra space after the = ? Does the variable need some escaping in case it already has a single quote in it? > +else: > +recipe.annotations.append(create_annotation(d, var + "=''")) > > # Some CVEs may be patched during the build process without incrementing > the version number, > # so querying for CVEs based on the CPE id can lead to false positives. > To account for this, > -- > 2.25.1 > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#177294): https://lists.openembedded.org/g/openembedded-core/message/177294 Mute This Topic: https://lists.openembedded.org/mt/96996669/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] create-spdx: Add check for variable contents along with quotes
This adds a check to ensure we that if a variable is empty it gets an empty string, this also adds quotes to indicate the variable contents. "comment": "CUSTOM_SPECIAL=''" or "comment": "CUSTOM_SPECIAL= 'variable contents'" Signed-off-by: Saul Wold --- meta/classes/create-spdx-2.2.bbclass | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass index 28a42e009f6..8b18ada40a4 100644 --- a/meta/classes/create-spdx-2.2.bbclass +++ b/meta/classes/create-spdx-2.2.bbclass @@ -484,7 +484,10 @@ python do_create_spdx() { if d.getVar("SPDX_CUSTOM_ANNOTATION_VARS"): for var in d.getVar('SPDX_CUSTOM_ANNOTATION_VARS').split(): -recipe.annotations.append(create_annotation(d, var + "=" + d.getVar(var))) +if d.getVar(var): +recipe.annotations.append(create_annotation(d, var + "= '" + d.getVar(var) + "'")) +else: +recipe.annotations.append(create_annotation(d, var + "=''")) # Some CVEs may be patched during the build process without incrementing the version number, # so querying for CVEs based on the CPE id can lead to false positives. To account for this, -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#177224): https://lists.openembedded.org/g/openembedded-core/message/177224 Mute This Topic: https://lists.openembedded.org/mt/96996669/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-