subtree updates
meta-raspberrypi: 9240ea91ca..8e07f0d328:
DOLE Olivier (1):
rpi-config: U-Boot requires "enable_uart=1" to operate correctly.
Florin Sarbu (1):
udev-rules-rpi: Use 99-com.rules directly from upstream
meta-openembedded: 829dcb63f0..def4759e95:
Alex Kiernan (1):
ostree: Add soup3 PACKAGECONFIG, rename soup to soup2
Alexander Mohr (1):
dlt-daemon: apply rename of genivi to covesa
Armin Kuster (1):
wireshark: Update to a supported version 4.0.x
Bartosz Golaszewski (97):
python3-snagboot: new recipe
libgpiod: add myself as maintainer
python3-pyparted: add missing run-time dependencies
python3-send2trash: add missing run-time dependencies
python3-mock: cleanup RDEPENDS
python3-mock: add missing run-time dependencies
python3-cson: fix run-time dependencies
python3-ldap: don't use PYTHON_PN
python3-ldap: add missing run-time dependencies
python3-pyrad: add missing run-time dependencies
python3-html2text: add missing run-time dependencies
python3-parse: don't use PYTHON_PN and improve coding style
python3-parse: add missing run-time dependencies
python3-meld3: add missing run-time dependencies
python3-pyiface: add missing run-time dependencies
python3-mpmath: add missing run-time dependencies
python3-uswid: add missing run-time dependencies
python3-xmlrunner: add missing run-time dependencies
python3-editor: add missing run-time dependencies
python3-pykwalify: don't use PYTHON_PN and improve coding style
python3-pykwalify: add missing run-time dependencies
python3-iperf: add missing run-time dependencies
python3-sdnotify: add missing run-time dependencies
python3-service-identity: add missing run-time dependencies
python3-sqlsoup: add missing run-time dependencies
python3-sqlalchemy: don't use PYTHON_PN and improve coding style
python3-sqlalchemy: add missing run-time dependencies
python3-pure-eval: add missing run-time dependencies
python3-stack-data: fix coding style
python3-stack-data: add missing run-time dependencies
python3-sympy: add missing run-time dependencies
python3-thrift: don't use PYTHON_PN and improve coding style
python3-thrift: add missing run-time dependencies
python3-tomlkit: add missing run-time dependencies
python3-tornado: drop ${PN} from RDEPENDS
python3-tornado: fix coding style
python3-tornado: remove the testing submodule from FILES:${PN}-test
python3-tornado: add missing run-time dependencies
python3-trustme: add missing run-time dependencies
python3-twofish: add missing run-time dependencies
python3-txws: add missing run-time dependencies
python3-web3: add missing run-time dependencies
python3-uefi-firmware: add missing run-time dependencies
python3-websockets: fix coding style
python3-websockets: add missing run-time dependencies
python3-xlrd: fix coding style
python3-xlrd: add missing run-time dependencies
python3-versiontools: add missing run-time dependencies
python3-typeguard: add missing run-time dependencies
python3-process-tests: add missing run-time dependencies
python3-pyatspi: add missing run-time dependencies
python3-pydantic: don't use PYTHON_PN and improve coding style
python3-pydantic: add missing run-time dependencies
python3-python-vlc: add missing run-time dependencies
python3-redis: fix coding style
python3-redis: add missing run-time dependencies
python3-raven: add missing run-time dependencies
python3-pypng: new package
python3-qrcode: add missing run-time dependencies
python3-pyusb: fix run-time dependencies
python3-pytest-mock: add missing run-time dependencies
python3-pyroute2: fix coding style
python3-fcntl: add missing run-time dependencies
python3-pyproject-metadata: add missing run-time dependencies
python3-pyproj: don't use PYTHON_PN
python3-pyproj: drop unnecessary run-time dependency
python3-pyproj: add missing run-time dependencies
python3-classes: new package
python3-pylyrics: add missing run-time dependencies
python3-pyjwt: stop using PYTHON_PN
python3-pyjwt: add missing run-time dependencies
python3-javaobj-py3: add missing run-time dependencies
python3-pyjks: stop using PYTHON_PN
python3-pyjks: fix run-time dependencies
python3-pyexpect: add missing run-time dependencies
python3-pynetlinux: fix relative imports
python3-pynetlinux: add missing run-time dependencies
python3-pickleshare: add missing run-time dependencies
python3-petact: add missing run-time dependencies
python3-pefile: add missing run-time dependencies
python3-jsonpath-rw: add missing run-time dependencies
python3-jsonrpcclient: add missing run-time dependencies
python3-jstyleson: add missing run-time dependencies
python3-kconfiglib: add missing run-time dependencies
python3-libevdev: add missing run-time dependencies
python3-linux-procfs: add missing run-time dependencies
python3-lockfile: add missing run-time dependencies
python3-msm: fix coding style
python3-lazy: new recipe
python3-msm: add missing run-time dependencies
python3-netaddr: stop using PYTHON_PN
python3-netaddr: add missing run-time dependencies
python3-ninja-syntax: new package
python3-ninja: add missing run-time dependencies
python3-nmap: add missing run-time dependencies
python3-oslash: add missing run-time dependencies
python3-padaos: add missing run-time dependencies
Christophe Vu-Brugier (1):
switchtec-user: add new recipe
Geoff Parker (1):
python3-platformdirs: add nativesdk to BBCLASSEXTEND
Ivan Maidanski (1):
bdwgc: upgrade 8.2.2 -> 8.2.4
Johannes Kauffmann (2):
open62541: update to v1.3.6
open62541: build optimized binary
Khem Raj (21):
ipvsadm: Pass build environment cflags to compiler
orrery: Pass OE provided cflags
libleak: Upgrade to 0.3.6
zeroconf: Pass cflags from environment
lshw: Pass OE cflags via RPM_OPT_FLAGS
ruli: Pass cflags to makefile
gnome-online-accounts: Replace filename with basename
rdma-core: Use target path for systemctl
monkey: Remove buildpaths from generated mk_env.h
minio: Ignore from world builds
libcppkafka: Remove RECIPE_SYSROOT from packageconfig .pc file
doxygen: Do not generate #line directive with flex/bison
gattlib: Upgrade to latest tip of trunk
ettercap: Do not generate #line directives with bison/flex
zfs: Add a patch to fix aarch64 build with gcc13
zfs: Upgrade to 2.1.11
zfs: Fix build with aarch64
zfs: Fix build on musl
ctapi-common: Use archives.fedoraproject.org to fetch srpm
Revert "libgpiod: modify test 'gpioset: toggle (continuous)'"
meta-python-ptest-fast-image: Do not run python3-pytest-mock ptests
Lei Maohui (1):
dovecot: Fix install conflict when enable multilib.
Marek Vasut (1):
v4l-utils: Update 1.23.0+9431e4b2 -> 1.24.1
Markus Volk (4):
iwd: update 2.4 -> 2.5
gnome-control-center: upgrade 44.1 -> 44.2
mutter: upgrade 44.1 -> 44.2
gnome-shell: upgrade 44.1 -> 44.2
Martin Jansa (1):
switchtec-user: fix installed-vs-shipped with multilib
Niko Mauno (2):
contrib: oe-stylize: Fix ambiguous variable names
contrib: oe-stylize: Use Python3 explicitly
Peter Marko (1):
nss: ignore CVE-2022-3479
Petr Gotthard (4):
blueman: fix REQUIRED_DISTRO_FEATURES gobject-introspection-data
firewalld: fix REQUIRED_DISTRO_FEATURES gobject-introspection-data
system-config-printer: fix REQUIRED_DISTRO_FEATURES gobject-introspection-data
firewalld: upgrade 1.2.0 -> 1.3.2
Wang Mingyu (40):
ctags: upgrade 6.0.20230521.0 -> 6.0.20230528.0
eog: upgrade 44.1 -> 44.2
nautilus: upgrade 44.1 -> 44.2
evolution-data-server: upgrade 3.48.1 -> 3.48.2
flatbuffers: upgrade 23.1.4 -> 23.3.56
python3-asgiref: upgrade 3.7.1 -> 3.7.2
python3-cachetools: upgrade 5.3.0 -> 5.3.1
python3-coverage: upgrade 7.2.6 -> 7.2.7
python3-croniter: upgrade 1.3.14 -> 1.3.15
python3-deprecated: upgrade 1.2.13 -> 1.2.14
python3-google-api-python-client: upgrade 2.86.0 -> 2.87.0
python3-google-auth: upgrade 2.18.1 -> 2.19.0
python3-imageio: upgrade 2.29.0 -> 2.30.0
python3-license-expression: upgrade 30.1.0 -> 30.1.1
python3-lru-dict: upgrade 1.1.8 -> 1.2.0
python3-paramiko: upgrade 3.1.0 -> 3.2.0
python3-pint: upgrade 0.21 -> 0.22
python3-protobuf: upgrade 4.23.1 -> 4.23.2
python3-xlsxwriter: upgrade 3.1.1 -> 3.1.2
xterm: upgrade 380 -> 381
python3-zeroconf: upgrade 0.62.0 -> 0.63.0
dnf-plugin-tui: modify suffix of spdx file.
evolution-data-server: upgrade 3.48.2 -> 3.48.3
samba: upgrade 4.18.2 -> 4.18.3
ctags: upgrade 6.0.20230528.0 -> 6.0.20230604.0
tree: upgrade 2.1.0 -> 2.1.1
xrdb: upgrade 1.2.1 -> 1.2.2
xterm: upgrade 381 -> 382
xwd: upgrade 1.0.8 -> 1.0.9
libnet-dns-perl: upgrade 1.38 -> 1.39
pamela: upgrade 1.0.0 -> 1.1.0
python3-cachecontrol: upgrade 0.12.12 -> 0.13.0
python3-google-api-python-client: upgrade 2.87.0 -> 2.88.0
python3-google-auth: upgrade 2.19.0 -> 2.19.1
python3-nocaselist: upgrade 1.1.1 -> 2.0.0
python3-pymodbus: upgrade 3.2.2 -> 3.3.0
python3-regex: upgrade 2023.5.5 -> 2023.6.3
python3-rich: upgrade 13.3.5 -> 13.4.1
python3-sentry-sdk: upgrade 1.24.0 -> 1.25.0
ntp: upgrade 4.2.8p15 -> 4.2.8p16
poky: 76494f2b66..00f3d58064:
Alex Kiernan (1):
rust: Upgrade 1.69.0 -> 1.70.0
Alexander Kanavin (5):
maintaines.inc: unassign Richard Weinberger from erofs-utils entry
maintainers.inc: unassign Andreas Müller from itstool entry
maintainers.inc: unassign Pascal Bach from cmake entry
maintainers.inc: correct unassigned entries (> was missing)
maintainers.inc: correct Carlos Rafael Giani's email address
Andrej Valek (1):
busybox: 1.36.0 -> 1.36.1
Anuj Mittal (3):
gstreamer1.0: upgrade 1.22.2 -> 1.22.3
stress-ng: upgrade 0.15.07 -> 0.15.08
glib-networking: upgrade 2.74.0 -> 2.76.0
Bruce Ashfield (10):
linux-yocto/6.1: update to v6.1.26
linux-yocto/6.1: update to v6.1.27
linux-yocto-dev: bump to v6.4+
kernel: don't force PAHOLE=false
linux-yocto: move build / debug dependencies to .inc
linux-yocto/6.1: update to v6.1.28
linux-yocto/6.1: update to v6.1.29
linux-yocto/6.1: update to v6.1.30
linux-yocto/6.1: update to v6.1.31
linux-yocto/6.1: update to v6.1.32
Chen Qi (4):
libsdl2: disable SDL's own ccache
cmake.bbclass: do not search host paths for find_program()
Revert "libsdl2: disable SDL's own ccache"
qemurunner.py: fix error message about qmp
Daniel Ammann (1):
overview-manual: concepts.rst: Fix a typo
Denys Dmytriyenko (1):
bitbake.conf: Add SRCPV to BB_HASH_CODEPARSER_VALS
Dmitry Baryshkov (1):
openssl: fix building on riscv32
Frieder Paape (1):
image_types: Fix reproducible builds for initramfs and UKI img
Jialing Zhang (1):
linuxloader/initramfs: Add support for loongarch64
Joshua Watt (7):
bitbake: server: Fix crash when checking lock file
bitbake: runqueue: Pass hashfn in taskdep data
classes/create-spdx-2.2: Use hashfn from BB_TASKDEPDATA instead of MACHINE
classes/create-spdx-2.2: Respect PKG for providers
classes/create-spdx-2.2: Fix build time dependency calculations
classes/create-spdx-2.2: Fix runtime dependency calculations
classes/create-spdx-2.2: Make license errors fatal
Khem Raj (2):
gcc: Upgrade to 13.1.1
perf: Make built-in libtraceevent plugins cohabit with external libtraceevent
Lee Chee Yang (4):
release-notes-4.2: update known issues and Repositories/Downloads
migration-guides: add release-notes for 4.1.4
migration-guides: add release notes for 4.0.10
migration-guides: add release notes for 4.2.1
Louis Rannou (1):
spdx: Fix license parsing
Marc Ferland (1):
connman: fix warning by specifying runstatedir at configure time
Markus Volk (4):
ell: upgrade 0.56 -> 0.57
python3: add libxcrypt-native dependency
ruby: add libxcrypt-native dependency
shadow: add libxcrypt-native dependency
Martin Jansa (2):
connman: backport a fix for build with pppd-2.5.0
selftest: wic.py respect IMAGE_LINK_NAME
Mauro Queiros (1):
pybootchartgui: show elapsed time for each task
Michael Halstead (2):
uninative: Upgrade to 3.10 to support gcc 13
uninative: Upgrade to 4.0 to include latest gcc 13.1.1
Michael Opdenacker (19):
migration-guides: release-notes-4.2: add doc improvement highlights
migration-guides: release-notes-4.3: add stub section for documentation changes
releases.svg: update according to latest release
ref-manual: improve description of kernel-fitimage variables
ref-manual: document uboot-sign class and variables
ref-manual: improve documentation for kernel-devicetree class
migration-guides: update 4.3 release notes
releases.svg: fix and explain duration of Hardknott 3.3
conf.py: add macro for Mitre CVE links
migration-guides: use new cve_mitre macro
migration-guides: release-notes-4.0.4.rst: fix typo
alsa-lib: upgrade 1.2.8 -> 1.2.9
alsa-ucm-conf: upgrade 1.2.8 -> 1.2.9
psplash: enable fullscreen and disable startup-msg
alsa-utils: upgrade 1.2.8 -> 1.2.9
ref-manual: document SPLASH variable
manuals: document SPLASH_IMAGES variable
bitbake: bitbake-user-manual: update releases.rst
bitbake: bitbake-user-manual: document "network" task flag
Ming Liu (1):
kernel.bbclass: introduce KERNEL_LOCALVERSION
Natasha Bailey (1):
tiff: backport a fix for CVE-2023-2731
Peter Kjellerstedt (1):
manuals: kernel-dev: Use protocol=https in a SRC_URI example
Petr Kubizňák (1):
ref-manual: document devicetree class variables
Richard Purdie (18):
glib: Fix ptest race issue
Revert "python3/ruby/shadow: Revert add libxcrypt-native dependency"
Revert "sqlite3: Whitelist CVE-2022-21227"
glib-2.0: Update ptest fix to upstream backport
meta-world-pkgdata: Fix for create-spdx
selftest/license: Exclude from world
create-spdx-2-2: Fix packagedata usage to work with SDK packages
create-spdx-2.2: Add missing variable exclusions
layer.conf: Add missing dependency exclusion
selftest/incompatible_lic: Ensure create_sdpx isn't used with the tests
oeqa/selftest/sstatetests: Add easier debug option
oeqa/selftest/wic: Fix host contamination issue
v86d: Improve kernel dependency
sstatesig: Drop SPDX special casing
packagegroup: Handle SPDX signature issues
poky: Enable spdx manifests by default
build-appliance-image: Update to master head revision
selftest/reproducible: Allow native/cross reuse in test
Riyaz Khan (1):
openssh: Remove BSD-4-clause contents completely from codebase
Robert Joslyn (1):
curl: Update from 8.1.0 to 8.1.1
Ross Burton (11):
avahi: remove redundant gobject-introspection DEPENDS
base: add ability to provide further details when using LICENSE_FLAGS
ninja: ignore CVE-2021-4336, wrong ninja
vulkan-samples: fix build on 32-bit platforms
gtk+3: upgrade 3.24.37 -> 3.24.38
piglit: upgrade to latest revision
pkgconf: upgrade 1.9.4 -> 1.9.5
ghostscript: upgrade to 10.01.1
git: upgrade to 2.39.3
binutils: fix CVE-2023-1972
cve-extra-exclusions: add more linux-yocto CVE ignores
Sanjay Chitroda (1):
sqlite3: Whitelist CVE-2022-21227
Sudip Mukherjee (1):
apt: Upgrade to v2.6.1
Tim Orling (1):
openssl: upgrade 3.1.0 -> 3.1.1
Tom Isaacson (1):
sdk-manual: fix Makefile example
Trevor Gamblin (6):
bind: upgrade 9.18.13 -> 9.18.14
pciutils: upgrade 3.9.0 -> 3.10.0
vim: upgrade 9.0.1527 -> 9.0.1592
python_hatchling: remove empty python sysroot dirs
python3-webcolors: upgrade 1.12 -> 1.13
python3-poetry-core: upgrade 1.5.2 -> 1.6.1
Ulrich Ölmann (1):
ref-manual: classes.rst: fix typo
Victor Kamensky (1):
systemtap: upgrade 4.8 -> 4.9
Wang Mingyu (34):
babeltrace2: upgrade 2.0.4 -> 2.0.5
curl: upgrade 8.1.1 -> 8.1.2
dos2unix: upgrade 7.4.4 -> 7.5.0
enchant2: upgrade 2.3.4 -> 2.5.0
fribidi: upgrade 1.0.12 -> 1.0.13
libdnf: upgrade 0.70.0 -> 0.70.1
libmicrohttpd: upgrade 0.9.76 -> 0.9.77
libxft: upgrade 2.3.7 -> 2.3.8
libxpm: upgrade 3.5.15 -> 3.5.16
mobile-broadband-provider-info: upgrade 20221107 -> 20230416
bind: upgrade 9.18.14 -> 9.18.15
ccache: upgrade 4.8 -> 4.8.1
libcap: upgrade 2.68 -> 2.69
libuv: upgrade 1.44.2 -> 1.45.0
python3-pip: upgrade 23.0.1 -> 23.1.2
python3-psutil: upgrade 5.9.4 -> 5.9.5
python3-ruamel-yaml: upgrade 0.17.21 -> 0.17.31
python3-sphinx: upgrade 6.1.3 -> 7.0.1
orc: upgrade 0.4.33 -> 0.4.34
python3-cython: upgrade 0.29.34 -> 0.29.35
python3-dbusmock: upgrade 0.28.7 -> 0.29.0
python3-hatch-fancy-pypi-readme: upgrade 22.8.0 -> 23.1.0
python3-hypothesis: upgrade 6.71.0 -> 6.75.7
python3-numpy: upgrade 1.24.2 -> 1.24.3
python3-pycryptodome: upgrade 3.17 -> 3.18.0
python3-pycryptodomex: upgrade 3.17 -> 3.18.0
python3-requests: upgrade 2.30.0 -> 2.31.0
python3-setuptools-rust: upgrade 1.5.2 -> 1.6.0
python3-sphinx-rtd-theme: upgrade 1.2.0 -> 1.2.1
python3-trove-classifiers: upgrade 2023.5.2 -> 2023.5.24
python3-typing-extensions: upgrade 4.5.0 -> 4.6.2
repo: upgrade 2.32 -> 2.34.1
sysklogd: upgrade 2.4.4 -> 2.5.0
xdpyinfo: upgrade 1.3.3 -> 1.3.4
Xiangyu Chen (1):
sysstat: Fix CVE-2023-33204
schitrod=cisco.com@lists.openembedded.org (1):
Revert "sqlite3: update CVE_PRODUCT"
meta-arm: 5cbe3041be..3fcafa3a94:
Adam Johnston (1):
CI: Platform specific Trusted Services config
Anton Antonov (1):
arm/oeqa: Make ts-service-test config match selected SPs
Claus Stovgaard (1):
arm-toolchain/gcc: Workaround for missing libcrypt
Emekcan Aras (1):
arm-bsp/u-boot: corstone1000: enable PSCI reset
Gyorgy Szing (11):
arm/trusted-services: update TS version
optee-os: remove v3.18 pin of OP-TEE on qemuarm64-secureboot
optee-os: Add support for TOS_FW_CONFIG on qemu
arm/trusted-firmware-a: Add TOS_FW_CONFIG handling for quemu
optee-test: backport SWd ABI compatibility changes
optee-os: enable SPMC test
arm/oeqa: enable OP-TEE SPMC tests
trusted-services: update documentation
arm/trusted-services: disable psa-iat on qemuarm64-secureboot
arm/trusted-services: fix nanopb build error
optee-os: unblock NWd interrupts
Jon Mason (9):
CI: move FVP license auto-accept to fvp.yml
CI/corstone: remove debug-tweaks usage
arm/qemuarm-secureboot: add musl testing
arm/linux-yocto: remove 5.15 bbappend
Revert "arm-bsp/tc1: re-enable signed kernel image"
arm/linux-yocto: remove unused 5.15 patches and inc file
arm-bsp/optee: Remove unreferenced patches
CI: add debug yml file for ease of use
arm/linux-yocto: add gcc 13 gimple backport patch
Mikko Rapeli (1):
scp-firmware: remove -fcanon-prefix-map
Ross Burton (3):
kas: remove obsolete armcompiler LICENSE_FLAGS_ACCEPTED
arm/fvp: add LICENSE_FLAGS_DETAILS
arm/trusted-firmware-a: look for LTS releases when looking for releases
Rui Miguel Silva (3):
arm-bsp/trusted-services:corstone1000: remove already merged patches
arm-bsp/trusted-services: remove merged patches for corstone1000
arm-bps/corstone1000: setup trusted service proxy configuration
meta-security: 5c2379f4bc..180dac9aec:
Andrew Geissler (1):
ibmswtpm2: update to 164-2020-192.1
Mikko Rapeli (4):
linux-yocto: support tpm and tpm2 on all architectures
linux-yocto: remove tpm_x86.cfg
parsec-service: fix build error
parsec-tool: fix build error
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I7e7960123b241d099e5ace7c36bb5836bdac6aad
diff --git a/poky/meta/classes/create-spdx-2.2.bbclass b/poky/meta/classes/create-spdx-2.2.bbclass
index 13d13fe..844b674 100644
--- a/poky/meta/classes/create-spdx-2.2.bbclass
+++ b/poky/meta/classes/create-spdx-2.2.bbclass
@@ -4,7 +4,7 @@
# SPDX-License-Identifier: GPL-2.0-only
#
-DEPLOY_DIR_SPDX ??= "${DEPLOY_DIR}/spdx/${MACHINE}"
+DEPLOY_DIR_SPDX ??= "${DEPLOY_DIR}/spdx"
# The product name that the CVE database uses. Defaults to BPN, but may need to
# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
@@ -16,6 +16,7 @@
SPDXWORK = "${SPDXDIR}/work"
SPDXIMAGEWORK = "${SPDXDIR}/image-work"
SPDXSDKWORK = "${SPDXDIR}/sdk-work"
+SPDXDEPS = "${SPDXDIR}/deps.json"
SPDX_TOOL_NAME ??= "oe-spdx-creator"
SPDX_TOOL_VERSION ??= "1.0"
@@ -137,7 +138,7 @@
with open(filename, errors="replace") as f:
extracted_info.extractedText = f.read()
else:
- bb.error("Cannot find any text for license %s" % name)
+ bb.fatal("Cannot find any text for license %s" % name)
extracted[name] = extracted_info
document.hasExtractedLicensingInfos.append(extracted_info)
@@ -167,7 +168,7 @@
return spdx_license
- lic_split = lic.replace("(", " ( ").replace(")", " ) ").split()
+ lic_split = lic.replace("(", " ( ").replace(")", " ) ").replace("|", " | ").replace("&", " & ").split()
return ' '.join(convert(l) for l in lic_split)
@@ -337,21 +338,24 @@
package_doc.add_relationship(pkg_file, "GENERATED_FROM", ref_id, comment=debugsrc)
+add_package_sources_from_debug[vardepsexclude] += "STAGING_KERNEL_DIR"
+
def collect_dep_recipes(d, doc, spdx_recipe):
+ import json
from pathlib import Path
import oe.sbom
import oe.spdx
deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
+ spdx_deps_file = Path(d.getVar("SPDXDEPS"))
dep_recipes = []
- taskdepdata = d.getVar("BB_TASKDEPDATA", False)
- deps = sorted(set(
- dep[0] for dep in taskdepdata.values() if
- dep[1] == "do_create_spdx" and dep[0] != d.getVar("PN")
- ))
- for dep_pn in deps:
- dep_recipe_path = deploy_dir_spdx / "recipes" / ("recipe-%s.spdx.json" % dep_pn)
+
+ with spdx_deps_file.open("r") as f:
+ deps = json.load(f)
+
+ for dep_pn, dep_hashfn in deps:
+ dep_recipe_path = oe.sbom.doc_path_by_hashfn(deploy_dir_spdx, "recipe-" + dep_pn, dep_hashfn)
spdx_dep_doc, spdx_dep_sha1 = oe.sbom.read_doc(dep_recipe_path)
@@ -380,8 +384,6 @@
return dep_recipes
-collect_dep_recipes[vardepsexclude] += "BB_TASKDEPDATA"
-collect_dep_recipes[vardeps] += "DEPENDS"
def collect_dep_sources(d, dep_recipes):
import oe.sbom
@@ -454,6 +456,52 @@
# but this should be sufficient for now
doc.add_relationship(package, "BUILD_DEPENDENCY_OF", recipe)
+def collect_direct_deps(d, dep_task):
+ current_task = "do_" + d.getVar("BB_CURRENTTASK")
+ pn = d.getVar("PN")
+
+ taskdepdata = d.getVar("BB_TASKDEPDATA", False)
+
+ for this_dep in taskdepdata.values():
+ if this_dep[0] == pn and this_dep[1] == current_task:
+ break
+ else:
+ bb.fatal(f"Unable to find this {pn}:{current_task} in taskdepdata")
+
+ deps = set()
+ for dep_name in this_dep[3]:
+ dep_data = taskdepdata[dep_name]
+ if dep_data[1] == dep_task and dep_data[0] != pn:
+ deps.add((dep_data[0], dep_data[7]))
+
+ return sorted(deps)
+
+collect_direct_deps[vardepsexclude] += "BB_TASKDEPDATA"
+collect_direct_deps[vardeps] += "DEPENDS"
+
+python do_collect_spdx_deps() {
+ # This task calculates the build time dependencies of the recipe, and is
+ # required because while a task can deptask on itself, those dependencies
+ # do not show up in BB_TASKDEPDATA. To work around that, this task does the
+ # deptask on do_create_spdx and writes out the dependencies it finds, then
+ # do_create_spdx reads in the found dependencies when writing the actual
+ # SPDX document
+ import json
+ from pathlib import Path
+
+ spdx_deps_file = Path(d.getVar("SPDXDEPS"))
+
+ deps = collect_direct_deps(d, "do_create_spdx")
+
+ with spdx_deps_file.open("w") as f:
+ json.dump(deps, f)
+}
+# NOTE: depending on do_unpack is a hack that is necessary to get it's dependencies for archive the source
+addtask do_collect_spdx_deps after do_unpack
+do_collect_spdx_deps[depends] += "${PATCHDEPENDENCY}"
+do_collect_spdx_deps[deptask] = "do_create_spdx"
+do_collect_spdx_deps[dirs] = "${SPDXDIR}"
+
python do_create_spdx() {
from datetime import datetime, timezone
import oe.sbom
@@ -571,7 +619,7 @@
dep_recipes = collect_dep_recipes(d, doc, recipe)
- doc_sha1 = oe.sbom.write_doc(d, doc, "recipes", indent=get_json_indent(d))
+ doc_sha1 = oe.sbom.write_doc(d, doc, d.getVar("SSTATE_PKGARCH"), "recipes", indent=get_json_indent(d))
dep_recipes.append(oe.sbom.DepRecipe(doc, doc_sha1, recipe))
recipe_ref = oe.spdx.SPDXExternalDocumentRef()
@@ -636,10 +684,11 @@
add_package_sources_from_debug(d, package_doc, spdx_package, package, package_files, sources)
- oe.sbom.write_doc(d, package_doc, "packages", indent=get_json_indent(d))
+ oe.sbom.write_doc(d, package_doc, d.getVar("SSTATE_PKGARCH"), "packages", indent=get_json_indent(d))
}
+do_create_spdx[vardepsexclude] += "BB_NUMBER_THREADS"
# NOTE: depending on do_unpack is a hack that is necessary to get it's dependencies for archive the source
-addtask do_create_spdx after do_package do_packagedata do_unpack before do_populate_sdk do_build do_rm_work
+addtask do_create_spdx after do_package do_packagedata do_unpack do_collect_spdx_deps before do_populate_sdk do_build do_rm_work
SSTATETASKS += "do_create_spdx"
do_create_spdx[sstate-inputdirs] = "${SPDXDEPLOY}"
@@ -653,7 +702,6 @@
do_create_spdx[dirs] = "${SPDXWORK}"
do_create_spdx[cleandirs] = "${SPDXDEPLOY} ${SPDXWORK}"
do_create_spdx[depends] += "${PATCHDEPENDENCY}"
-do_create_spdx[deptask] = "do_create_spdx"
def collect_package_providers(d):
from pathlib import Path
@@ -665,23 +713,29 @@
providers = {}
- taskdepdata = d.getVar("BB_TASKDEPDATA", False)
- deps = sorted(set(
- dep[0] for dep in taskdepdata.values() if dep[0] != d.getVar("PN")
- ))
- deps.append(d.getVar("PN"))
+ deps = collect_direct_deps(d, "do_create_spdx")
+ deps.append((d.getVar("PN"), d.getVar("BB_HASHFILENAME")))
- for dep_pn in deps:
- recipe_data = oe.packagedata.read_pkgdata(dep_pn, d)
+ for dep_pn, dep_hashfn in deps:
+ localdata = d
+ recipe_data = oe.packagedata.read_pkgdata(dep_pn, localdata)
+ if not recipe_data:
+ localdata = bb.data.createCopy(d)
+ localdata.setVar("PKGDATA_DIR", "${PKGDATA_DIR_SDK}")
+ recipe_data = oe.packagedata.read_pkgdata(dep_pn, localdata)
for pkg in recipe_data.get("PACKAGES", "").split():
- pkg_data = oe.packagedata.read_subpkgdata_dict(pkg, d)
+ pkg_data = oe.packagedata.read_subpkgdata_dict(pkg, localdata)
rprovides = set(n for n, _ in bb.utils.explode_dep_versions2(pkg_data.get("RPROVIDES", "")).items())
rprovides.add(pkg)
+ if "PKG" in pkg_data:
+ pkg = pkg_data["PKG"]
+ rprovides.add(pkg)
+
for r in rprovides:
- providers[r] = pkg
+ providers[r] = (pkg, dep_hashfn)
return providers
@@ -717,7 +771,7 @@
if not oe.packagedata.packaged(package, localdata):
continue
- pkg_spdx_path = deploy_dir_spdx / "packages" / (pkg_name + ".spdx.json")
+ pkg_spdx_path = oe.sbom.doc_path(deploy_dir_spdx, pkg_name, d.getVar("SSTATE_PKGARCH"), "packages")
package_doc, package_doc_sha1 = oe.sbom.read_doc(pkg_spdx_path)
@@ -761,7 +815,7 @@
if dep not in providers:
continue
- dep = providers[dep]
+ (dep, dep_hashfn) = providers[dep]
if not oe.packagedata.packaged(dep, localdata):
continue
@@ -772,7 +826,7 @@
if dep in dep_package_cache:
(dep_spdx_package, dep_package_ref) = dep_package_cache[dep]
else:
- dep_path = deploy_dir_spdx / "packages" / ("%s.spdx.json" % dep_pkg)
+ dep_path = oe.sbom.doc_path_by_hashfn(deploy_dir_spdx, dep_pkg, dep_hashfn)
spdx_dep_doc, spdx_dep_sha1 = oe.sbom.read_doc(dep_path)
@@ -800,9 +854,11 @@
)
seen_deps.add(dep)
- oe.sbom.write_doc(d, runtime_doc, "runtime", spdx_deploy, indent=get_json_indent(d))
+ oe.sbom.write_doc(d, runtime_doc, d.getVar("SSTATE_PKGARCH"), "runtime", spdx_deploy, indent=get_json_indent(d))
}
+do_create_runtime_spdx[vardepsexclude] += "OVERRIDES"
+
addtask do_create_runtime_spdx after do_create_spdx before do_build do_rm_work
SSTATETASKS += "do_create_runtime_spdx"
do_create_runtime_spdx[sstate-inputdirs] = "${SPDXRUNTIMEDEPLOY}"
@@ -869,6 +925,8 @@
finally:
d.setVar("WORKDIR", workdir)
+spdx_get_src[vardepsexclude] += "STAGING_KERNEL_DIR"
+
do_rootfs[recrdeptask] += "do_create_spdx do_create_runtime_spdx"
do_rootfs[cleandirs] += "${SPDXIMAGEWORK}"
@@ -933,6 +991,8 @@
import tarfile
import bb.compress.zstd
+ providers = collect_package_providers(d)
+
creation_time = datetime.now(tz=timezone.utc).strftime("%Y-%m-%dT%H:%M:%SZ")
deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
source_date_epoch = d.getVar("SOURCE_DATE_EPOCH")
@@ -956,7 +1016,12 @@
doc.packages.append(image)
for name in sorted(packages.keys()):
- pkg_spdx_path = deploy_dir_spdx / "packages" / (name + ".spdx.json")
+ if name not in providers:
+ bb.fatal("Unable to find provider for '%s'" % name)
+
+ pkg_name, pkg_hashfn = providers[name]
+
+ pkg_spdx_path = oe.sbom.doc_path_by_hashfn(deploy_dir_spdx, pkg_name, pkg_hashfn)
pkg_doc, pkg_doc_sha1 = oe.sbom.read_doc(pkg_spdx_path)
for p in pkg_doc.packages:
@@ -973,7 +1038,7 @@
else:
bb.fatal("Unable to find package with name '%s' in SPDX file %s" % (name, pkg_spdx_path))
- runtime_spdx_path = deploy_dir_spdx / "runtime" / ("runtime-" + name + ".spdx.json")
+ runtime_spdx_path = oe.sbom.doc_path_by_hashfn(deploy_dir_spdx, "runtime-" + name, pkg_hashfn)
runtime_doc, runtime_doc_sha1 = oe.sbom.read_doc(runtime_spdx_path)
runtime_ref = oe.spdx.SPDXExternalDocumentRef()
@@ -1045,7 +1110,7 @@
})
for ref in doc.externalDocumentRefs:
- ref_path = deploy_dir_spdx / "by-namespace" / ref.spdxDocument.replace("/", "_")
+ ref_path = oe.sbom.doc_path_by_namespace(deploy_dir_spdx, ref.spdxDocument)
collect_spdx_document(ref_path)
collect_spdx_document(image_spdx_path)
@@ -1067,3 +1132,5 @@
info.gname = "root"
tar.addfile(info, fileobj=index_str)
+
+combine_spdx[vardepsexclude] += "BB_NUMBER_THREADS"