From: Alexander Kanavin <[email protected]> These recipes didn't set PV, which by default is 1.0. This isn't correct: upstream does provide date-based tags that can be used to perform version upgrades.
Correct SRCREV in one of the recipes to point to the next tagged commit, as existing SRCREV was pointing to a non-tagged commit between 03.19 and 03.20 tags. Signed-off-by: Alexander Kanavin <[email protected]> --- ...b => sbom-cve-check-update-cvelist-native_2026-03-19.bb} | 4 ++-- ...> sbom-cve-check-update-nvd-native_2026.03.20-010002.bb} | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) rename meta/recipes-devtools/sbom-cve-check/{sbom-cve-check-update-cvelist-native.bb => sbom-cve-check-update-cvelist-native_2026-03-19.bb} (79%) rename meta/recipes-devtools/sbom-cve-check/{sbom-cve-check-update-nvd-native.bb => sbom-cve-check-update-nvd-native_2026.03.20-010002.bb} (70%) diff --git a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native.bb b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-03-19.bb similarity index 79% rename from meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native.bb rename to meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-03-19.bb index 3387122165..850537e777 100644 --- a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native.bb +++ b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-03-19.bb @@ -3,10 +3,10 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" HOMEPAGE = "https://github.com/CVEProject/cvelistV5"; -SRC_URI = "git://github.com/CVEProject/cvelistV5.git;branch=main;protocol=https;destsuffix=" +SRC_URI = "git://github.com/CVEProject/cvelistV5.git;branch=main;protocol=https;tag=${PV}_baseline;destsuffix=" SBOM_CVE_CHECK_DB_NAME = "cvelist" -# 2026-03-19_baseline SRCREV = "ada54ee3cc8380820aa45e4996910bdc9dcb94e7" +UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>.+)_baseline" require sbom-cve-check-update-db.inc diff --git a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native.bb b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.03.20-010002.bb similarity index 70% rename from meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native.bb rename to meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.03.20-010002.bb index c868ba09c1..d1290ba8e3 100644 --- a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native.bb +++ b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.03.20-010002.bb @@ -3,10 +3,10 @@ LICENSE = "cve-tou" LIC_FILES_CHKSUM = "file://LICENSES/cve-tou.md;md5=bc5bbf146f01e20ece63d83c8916d8fb" HOMEPAGE = "https://github.com/fkie-cad/nvd-json-data-feeds"; -SRC_URI = "git://github.com/fkie-cad/nvd-json-data-feeds.git;branch=main;protocol=https;destsuffix=" +SRC_URI = "git://github.com/fkie-cad/nvd-json-data-feeds.git;branch=main;protocol=https;tag=v${PV};destsuffix=" SBOM_CVE_CHECK_DB_NAME = "nvd-fkie" -# v2026.03.19-010002 -SRCREV = "49f8bbe1b0b0884e16bdc37ab68db997085570a7" +SRCREV = "71a7984884a918f7f1464a0efe25ba4a24c569ca" +UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.+)" require sbom-cve-check-update-db.inc -- 2.47.3
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#236714): https://lists.openembedded.org/g/openembedded-core/message/236714 Mute This Topic: https://lists.openembedded.org/mt/119214254/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
