On Sat, 2010-03-06 at 09:00 -0600, Mike Westerhof wrote: > Does it make any sense to create a class (or extend the sanity or > testlab classes) so that OE can inform someone when a given build is > using a recipe that can be considered obsolete? Perhaps we might also > add a bit more encouragement if it were possible to have that same > class call out builds that have selected versions with known security > vulnerabilities. > > This would certainly help me with the distro I maintain -- one of the > questions I cannot easily answer, and therefore tend to ignore, is > "exactly how out-of-date has my distro become?". > > I have no patches to do such a thing, and neither do I have time to > create such a thing at this point in time, but perhaps if someone > thinks this is worthwhile time can be made for it...
I've been keeping half an eye on what Holger has been doing and yes, I think this could be desirable. Its also rather straightforward to do. Simply create a new variable SECURITY_ISSUES_PRESENT = "This package has know security issues of: X, Y, Z" and then have insane.bbclass choke on this printing the messages unless you set a variable ILOVESECURITYHOLES = "1" :) Cheers, Richard _______________________________________________ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel