I don't see the point in logging native, nativesdk etc. The bottom line is the BPN has the issue.
Allow folks to filter out those other package name variations via CVE_CHECK_MANIFEST_FILTER Signed-off-by: Armin Kuster <akuster...@gmail.com> --- meta/classes/cve-check.bbclass | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 112ee3379d3..0d33d5a530c 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -59,6 +59,7 @@ CVE_CHECK_LAYER_EXCLUDELIST ??= "" # Layers to be included CVE_CHECK_LAYER_INCLUDELIST ??= "" +CVE_CHECK_MANIFEST_FILTER ??="0" # set to "alphabetical" for version using single alphabetical character as increament release CVE_VERSION_SUFFIX ??= "" @@ -96,6 +97,13 @@ python do_cve_check () { """ if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): + if d.getVar("CVE_CHECK_MANIFEST_FILTER") == "1": + # drop native, nativesdk, cross, etc + bpn = d.getVar("BPN") + pn = d.getVar("PN") + if bpn != pn: + return + try: patched_cves = get_patches_cves(d) except FileNotFoundError: @@ -164,6 +172,7 @@ def get_patches_cves(d): import re pn = d.getVar("PN") + cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+") # Matches last CVE-1234-211432 in the file name, also if written -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#148042): https://lists.openembedded.org/g/openembedded-core/message/148042 Mute This Topic: https://lists.openembedded.org/mt/80642628/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-