On Wed, May 11, 2022 at 4:37 PM akash hadke via lists.openembedded.org
<akash.hadke=kpit....@lists.openembedded.org> wrote:
>
> Add new method get_ignored_cves in cve_check.py
> to get ignored CVEs from recipe by excluding distro-wide
> ignored CVEs from meta/conf/distro/include/cve-extra-exclusions.inc
>
> While calling this method use below code to get argument values
> paths = d.getVar('PATH').split(':')
> cves = d.getVar('CVE_CHECK_IGNORE').split()
>Hello Akash, While looking into this patch set I'm wondering what is your use case. It seems to be to get a list of ignored and patched CVEs. This is already available from the cve-check output or from the create-spdx output after some parsing. With the new JSON format for cve-check it becomes very easy. If you could elaborate more on the way you plan to use this data, I'm pretty sure we can come with a simple post-processing script to do the same. BTW Why do assume people always include meta/conf/distro/include/cve-extra-exclusions.inc ? We don't do that at Oniro and we use our own judgement on outstanding CVEs. Regards, Marta
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165722): https://lists.openembedded.org/g/openembedded-core/message/165722 Mute This Topic: https://lists.openembedded.org/mt/91037023/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
