After discussion in all parallel threads we proposed following variant which covers both expressed requirements to have very small number of different cve statuses and also very large number of them at the same time. This is a compromise version which maybe is not ideal but deals with conflicting responses we got.
Please guide us which direction do we need to go to get further with acceptance of this patch series. The CVE_CHECK_IGNORE variable is now deprecated in favor of CVE_STATUS variable. The variable contains the same values like before ("Ignored", "Patched" and "Unpatched"). The previous implementation has been extended by two additional optional variables, CVE_STATUS_DETAIL and CVE_STATUS_DESCRIPTION. meta/classes/cve-check.bbclass | 89 ++++++++++++++++--- meta/lib/oe/cve_check.py | 6 ++ meta/lib/oeqa/selftest/cases/cve_check.py | 26 ++++-- .../logrotate/logrotate_3.21.0.bb | 7 +- 4 files changed, 109 insertions(+), 19 deletions(-) -- 2.40.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182664): https://lists.openembedded.org/g/openembedded-core/message/182664 Mute This Topic: https://lists.openembedded.org/mt/99481048/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-