From: Stefano Tondo <[email protected]> Add [doc] strings for eight undocumented SPDX-related BitBake variables in spdx-common.bbclass.
Variables documented: - SPDX_INCLUDE_SOURCES - SPDX_INCLUDE_COMPILED_SOURCES - SPDX_UUID_NAMESPACE - SPDX_NAMESPACE_PREFIX - SPDX_PRETTY - SPDX_LICENSES - SPDX_CUSTOM_ANNOTATION_VARS - SPDX_MULTILIB_SSTATE_ARCHS This makes variables discoverable via bitbake-getvar and IDE completion, improving usability for SBOM generation. Signed-off-by: Stefano Tondo <[email protected]> Cc: "Ross Burton" <[email protected]> --- meta/classes/spdx-common.bbclass | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/meta/classes/spdx-common.bbclass b/meta/classes/spdx-common.bbclass index 3110230c9e..b8961262f9 100644 --- a/meta/classes/spdx-common.bbclass +++ b/meta/classes/spdx-common.bbclass @@ -26,15 +26,38 @@ SPDX_TOOL_VERSION ??= "1.0" SPDXRUNTIMEDEPLOY = "${SPDXDIR}/runtime-deploy" SPDX_INCLUDE_SOURCES ??= "0" +SPDX_INCLUDE_SOURCES[doc] = "If set to '1', include source code files in the \ + SPDX output. This will create File objects for all source files used during \ + the build. Note: This significantly increases SBOM size and generation time." + SPDX_INCLUDE_COMPILED_SOURCES ??= "0" +SPDX_INCLUDE_COMPILED_SOURCES[doc] = "If set to '1', include compiled source \ + files (object files, etc.) in the SPDX output. This automatically enables \ + SPDX_INCLUDE_SOURCES. Note: This significantly increases SBOM size." SPDX_UUID_NAMESPACE ??= "sbom.openembedded.org" +SPDX_UUID_NAMESPACE[doc] = "The namespace used for generating UUIDs in SPDX \ + documents. This should be a domain name or unique identifier for your \ + organization to ensure globally unique SPDX IDs." + SPDX_NAMESPACE_PREFIX ??= "http://spdx.org/spdxdocs"; +SPDX_NAMESPACE_PREFIX[doc] = "The URI prefix used for SPDX document namespaces. \ + Combined with other identifiers to create unique document URIs." + SPDX_PRETTY ??= "0" +SPDX_PRETTY[doc] = "If set to '1', generate human-readable formatted JSON output \ + with indentation and line breaks. If '0', generate compact JSON output. \ + Pretty formatting makes files larger but easier to read." SPDX_LICENSES ??= "${COREBASE}/meta/files/spdx-licenses.json" +SPDX_LICENSES[doc] = "Path to the JSON file containing SPDX license identifier \ + mappings. This file maps common license names to official SPDX license \ + identifiers." SPDX_CUSTOM_ANNOTATION_VARS ??= "" +SPDX_CUSTOM_ANNOTATION_VARS[doc] = "Space-separated list of variable names whose \ + values will be added as custom annotations to SPDX documents. Each variable's \ + name and value will be recorded as an annotation for traceability." SPDX_CONCLUDED_LICENSE ??= "" SPDX_CONCLUDED_LICENSE[doc] = "The license concluded by manual or external \ @@ -53,6 +76,9 @@ SPDX_CONCLUDED_LICENSE[doc] = "The license concluded by manual or external \ SPDX_CONCLUDED_LICENSE:${PN} = 'MIT & Apache-2.0'" SPDX_MULTILIB_SSTATE_ARCHS ??= "${SSTATE_ARCHS}" +SPDX_MULTILIB_SSTATE_ARCHS[doc] = "The list of sstate architectures to consider \ + when collecting SPDX dependencies. This includes multilib architectures when \ + multilib is enabled. Defaults to SSTATE_ARCHS." python () { from oe.cve_check import extend_cve_status -- 2.53.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231574): https://lists.openembedded.org/g/openembedded-core/message/231574 Mute This Topic: https://lists.openembedded.org/mt/117922397/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
