Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead
of having them in
metadata, this could fail cve_check
ERROR: readline-5.2-r9 do_cve_check: File Not found:
qemuarm/build/../downloads/readline52-001
This patch ensures that download is done before running CVE scan, even
though these will be external patches and may not contain CVE tags as it
expects, but it will fix the run failures as seen above
Signed-off-by: Khem Raj <raj.k...@gmail.com>
---
meta/classes/cve-check.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 2a530a0489..556ac6e67f 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -65,7 +65,7 @@ python do_cve_check () {
}
-addtask cve_check before do_build
+addtask cve_check before do_build after do_fetch
do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db"
do_cve_check[nostamp] = "1"
--
2.26.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#138555):
https://lists.openembedded.org/g/openembedded-core/message/138555
Mute This Topic: https://lists.openembedded.org/mt/74379087/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
