From almost 4 years ago:
On 2022-03-14 6:48 p.m., Richard Purdie wrote:
From: Tim Orling<[email protected]>
Dependency for python3-cryptography
Signed-off-by: Tim Orling<[email protected]>
---
.../python/python3-ply_3.11.bb | 18 ++++++++++++++++++
I was looking at a python3-ply CVE the other day and I noticed that
the upstream repository was archived by the owner on Dec 21, 2025. It is
now read-only.
https://github.com/dabeaz/ply
so we'll have to see if anyone takes over maintenance or
if the users switch to a different lex/yacc in python implementation.
On master there are only 2 current users via a layer index depends query:
https://layers.openembedded.org/layerindex/branch/master/recipes/?q=depends%3Apython3-ply
but there could be some recipes that use it such as meta-sca.
I don't see where it was ever used by python3-cryptography but it is
still declared as a dependency for spdx-tools:
❯ rg python3-ply
..
meta/recipes-devtools/python/python3-spdx-tools_0.8.3.bb
16:# Dependencies required for conversion to spdx3 :
python3-semantic-version, python3-ply
24: python3-ply \
Consider this a head up for those CCed.
Since it's not maintained, it would be nice to replace it
or if not really used by spdx-tools, move it back to meta-oe.
../Randy
1 file changed, 18 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3-ply_3.11.bb
diff --git a/meta/recipes-devtools/python/python3-ply_3.11.bb
b/meta/recipes-devtools/python/python3-ply_3.11.bb
new file mode 100644
index 00000000000..99c037bb734
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-ply_3.11.bb
@@ -0,0 +1,18 @@
+SUMMARY = "Python Lex and Yacc"
+DESCRIPTION = "Python ply: PLY is yet another implementation of lex and yacc for
Python"
+HOMEPAGE ="https://pypi.python.org/pypi/ply";
+SECTION = "devel/python"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM
="file://README.md;beginline=5;endline=32;md5=f5ee5c355c0e6719c787a71b8f0fa96c"
+
+SRC_URI[md5sum] = "6465f602e656455affcd7c5734c638f8"
+SRC_URI[sha256sum] =
"00c7c1aaa88358b9c765b6d3000c6eec0ba42abca5351b095321aef446081da3"
+
+inherit pypi setuptools3
+
+RDEPENDS:${PN}:class-target += "\
+ ${PYTHON_PN}-netclient \
+ ${PYTHON_PN}-shell \
+"
+
+BBCLASSEXTEND = "native"
--
# Randy MacLeod
# Wind River Linux
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#230173):
https://lists.openembedded.org/g/openembedded-core/message/230173
Mute This Topic: https://lists.openembedded.org/mt/89786270/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
