On Thu Mar 12, 2026 at 4:38 PM CET, Stefano Tondo via lists.openembedded.org wrote: > From: Stefano Tondo <[email protected]> > > This series enhances SPDX 3.0 SBOM generation with enriched > metadata, ecosystem-specific Package URLs, and compliance > improvements. > > Changes since v8 (addressing Joshua Watt's review): > > 1/7: File exclusion now uses re.compile() for proper regex > matching instead of substring matching. Excluded files > are tracked in a set() returned from add_package_files() > and passed to get_package_sources_from_debug() for > precise cross-checking. > > 2/7: Unchanged (Reviewed-by added). > > 3/7: Fixed npm_spdx_name() to use bpn[5:] instead of bpn[4:] > since "node-" is 5 characters. > > 4/7: Dropped PV fallback for non-Git source versions since > the recipe version does not necessarily match individual > downloaded file versions. Ecosystem PURLs (which include > version) from SPDX_PACKAGE_URLS are still used. > > 5/7: Renamed recipe-m4/recipe-tar to build-m4/build-tar in > tests to align with upstream rename. > > 6/7: Unchanged (Reviewed-by added). > > 7/7: Unchanged (Reviewed-by added). > > Stefano Tondo (7):
Hi Stefano, Joshua series has been merged. I've been trying to rebase this series on top of it, but I've got a few failures in spdx.SPDX30Check.test_download_location_defensive_handling and spdx.SPDX30Check.test_version_extraction_patterns. Either my conflicts merges were wrong or a few changes are needed. Can you rebase this series on top of master, make sure the said tests pass and resend? I believe this is the last step before we can merge it. Thanks, Mathieu -- Mathieu Dubois-Briand, Bootlin Embedded Linux and Kernel engineering https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#233630): https://lists.openembedded.org/g/openembedded-core/message/233630 Mute This Topic: https://lists.openembedded.org/mt/118281259/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
