From: Joshua Watt <jpewhacker@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: Joshua Watt <JPEWhacker@gmail.com>
Subject: [OE-core][PATCH 2/5] spdx: Reformat
Date: Tue, 9 Jun 2026 16:15:53 -0600 [thread overview]
Message-ID: <20260609222331.1293007-3-JPEWhacker@gmail.com> (raw)
In-Reply-To: <20260609222331.1293007-1-JPEWhacker@gmail.com>
Reformats SPDX files with black
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
---
meta/lib/oe/sbom30.py | 6 +--
meta/lib/oe/spdx30_tasks.py | 76 ++++++++++++++++++++-----------------
2 files changed, 44 insertions(+), 38 deletions(-)
diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py
index b379ff947c..0926266295 100644
--- a/meta/lib/oe/sbom30.py
+++ b/meta/lib/oe/sbom30.py
@@ -712,7 +712,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
return self.add(v)
def new_vex_patched_relationship(self, from_, to, notes: None):
- props = {'security_statusNotes': notes} if notes else {}
+ props = {"security_statusNotes": notes} if notes else {}
return self._new_relationship(
oe.spdx30.security_VexFixedVulnAssessmentRelationship,
from_,
@@ -724,7 +724,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
)
def new_vex_unpatched_relationship(self, from_, to, notes: None):
- props = {'security_statusNotes': notes} if notes else {}
+ props = {"security_statusNotes": notes} if notes else {}
return self._new_relationship(
oe.spdx30.security_VexAffectedVulnAssessmentRelationship,
from_,
@@ -737,7 +737,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
)
def new_vex_ignored_relationship(self, from_, to, *, impact_statement, notes: None):
- props = {'security_statusNotes': notes} if notes else {}
+ props = {"security_statusNotes": notes} if notes else {}
return self._new_relationship(
oe.spdx30.security_VexNotAffectedVulnAssessmentRelationship,
from_,
diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py
index 7cc46d579b..72d17aade6 100644
--- a/meta/lib/oe/spdx30_tasks.py
+++ b/meta/lib/oe/spdx30_tasks.py
@@ -382,7 +382,6 @@ def collect_dep_sources(dep_objsets, dest):
index_sources_by_hash(e.to, dest)
-
def _generate_git_purl(d, download_location, srcrev):
"""Generate a Package URL for a Git source from its download location.
@@ -392,27 +391,29 @@ def _generate_git_purl(d, download_location, srcrev):
Returns the PURL string or None if no mapping matches.
"""
- if not download_location or not download_location.startswith('git+'):
+ if not download_location or not download_location.startswith("git+"):
return None
git_url = download_location[4:] # Remove 'git+' prefix
# Default handler: github.com
git_purl_handlers = {
- 'github.com': 'pkg:github',
+ "github.com": "pkg:github",
}
# Custom PURL mappings from SPDX_GIT_PURL_MAPPINGS
# Format: "domain1:purl_type1 domain2:purl_type2"
- custom_mappings = d.getVar('SPDX_GIT_PURL_MAPPINGS')
+ custom_mappings = d.getVar("SPDX_GIT_PURL_MAPPINGS")
if custom_mappings:
for mapping in custom_mappings.split():
- parts = mapping.split(':', 1)
+ parts = mapping.split(":", 1)
if len(parts) == 2:
git_purl_handlers[parts[0]] = parts[1]
bb.debug(2, f"Added custom Git PURL mapping: {parts[0]} -> {parts[1]}")
else:
- bb.warn(f"Invalid SPDX_GIT_PURL_MAPPINGS entry: {mapping} (expected format: domain:purl_type)")
+ bb.warn(
+ f"Invalid SPDX_GIT_PURL_MAPPINGS entry: {mapping} (expected format: domain:purl_type)"
+ )
try:
parsed = urllib.parse.urlparse(git_url)
@@ -425,11 +426,11 @@ def _generate_git_purl(d, download_location, srcrev):
for domain, purl_type in git_purl_handlers.items():
if hostname == domain:
- path = parsed.path.strip('/')
- path_parts = path.split('/')
+ path = parsed.path.strip("/")
+ path_parts = path.split("/")
if len(path_parts) >= 2:
owner = path_parts[0]
- repo = path_parts[1].replace('.git', '')
+ repo = path_parts[1].replace(".git", "")
return f"{purl_type}/{owner}/{repo}@{srcrev}"
break
@@ -448,12 +449,12 @@ def _enrich_source_package(d, dl, fd, file_name, primary_purpose):
if fd.type == "git":
# Use full SHA-1 from fd.revision
- srcrev = getattr(fd, 'revision', None)
- if srcrev and srcrev not in {'${AUTOREV}', 'AUTOINC', 'INVALID'}:
+ srcrev = getattr(fd, "revision", None)
+ if srcrev and srcrev not in {"${AUTOREV}", "AUTOINC", "INVALID"}:
version = srcrev
# Generate PURL for Git hosting services
- download_location = getattr(dl, 'software_downloadLocation', None)
+ download_location = getattr(dl, "software_downloadLocation", None)
if version and download_location:
purl = _generate_git_purl(d, download_location, version)
@@ -464,12 +465,12 @@ def _enrich_source_package(d, dl, fd, file_name, primary_purpose):
dl.software_packageUrl = purl
# Add VCS external reference for Git repositories
- download_location = getattr(dl, 'software_downloadLocation', None)
+ download_location = getattr(dl, "software_downloadLocation", None)
if download_location and isinstance(download_location, str):
- if download_location.startswith('git+'):
+ if download_location.startswith("git+"):
git_url = download_location[4:]
- if '@' in git_url:
- git_url = git_url.split('@')[0]
+ if "@" in git_url:
+ git_url = git_url.split("@")[0]
dl.externalRef = dl.externalRef or []
dl.externalRef.append(
@@ -480,7 +481,6 @@ def _enrich_source_package(d, dl, fd, file_name, primary_purpose):
)
-
def add_download_files(d, objset):
inputs = set()
@@ -726,8 +726,9 @@ def create_recipe_spdx(d):
if status == "Patched":
spdx_vex = recipe_objset.new_vex_patched_relationship(
- [spdx_cve_id], [recipe],
- notes=": ".join(v for v in (detail, description) if v)
+ [spdx_cve_id],
+ [recipe],
+ notes=": ".join(v for v in (detail, description) if v),
)
patches = []
for idx, filepath in enumerate(resources):
@@ -753,8 +754,9 @@ def create_recipe_spdx(d):
elif status == "Unpatched":
recipe_objset.new_vex_unpatched_relationship(
- [spdx_cve_id], [recipe],
- notes=": ".join(v for v in (detail, description) if v)
+ [spdx_cve_id],
+ [recipe],
+ notes=": ".join(v for v in (detail, description) if v),
)
elif status == "Ignored":
spdx_vex = recipe_objset.new_vex_ignored_relationship(
@@ -1060,7 +1062,11 @@ def create_spdx(d):
if include_sources:
debug_sources |= get_package_sources_from_debug(
- d, package, package_files, dep_sources, source_hash_cache,
+ d,
+ package,
+ package_files,
+ dep_sources,
+ source_hash_cache,
excluded_files=excluded_files,
)
@@ -1185,7 +1191,7 @@ def create_package_spdx(d):
if dep not in providers:
continue
- (dep, _) = providers[dep]
+ dep, _ = providers[dep]
if not oe.packagedata.packaged(dep, localdata):
continue
@@ -1455,17 +1461,17 @@ def create_image_spdx(d):
image_path = image_deploy_dir / image_filename
if os.path.isdir(image_path):
a, _ = add_package_files(
- d,
- objset,
- image_path,
- lambda file_counter: objset.new_spdxid(
- "imagefile", str(file_counter)
- ),
- lambda filepath: [],
- license_data=None,
- ignore_dirs=[],
- ignore_top_level_dirs=[],
- archive=None,
+ d,
+ objset,
+ image_path,
+ lambda file_counter: objset.new_spdxid(
+ "imagefile", str(file_counter)
+ ),
+ lambda filepath: [],
+ license_data=None,
+ ignore_dirs=[],
+ ignore_top_level_dirs=[],
+ archive=None,
)
artifacts.extend(a)
else:
@@ -1482,7 +1488,7 @@ def create_image_spdx(d):
oe.spdx30.Hash(
algorithm=oe.spdx30.HashAlgorithm.sha512,
hashValue=bb.utils.sha512_file(image_path),
- )
+ ),
],
)
)
--
2.54.0
next prev parent reply other threads:[~2026-06-09 22:23 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-09 22:15 [OE-core][PATCH 0/5] Implement SPDX for deploy tasks Joshua Watt
2026-06-09 22:15 ` [OE-core][PATCH 1/5] classes/baremetal-image: Remove "do_" prefix from image manifest Joshua Watt
2026-06-09 22:15 ` Joshua Watt [this message]
2026-06-09 22:15 ` [OE-core][PATCH 3/5] spdx: Add ability for deploy tasks to create SPDX Joshua Watt
2026-06-09 22:15 ` [OE-core][PATCH 4/5] Add SPDX deploy tasks Joshua Watt
2026-06-09 22:31 ` Patchtest results for " patchtest
2026-06-10 6:17 ` Mikko Rapeli
2026-06-10 7:46 ` Richard Purdie
2026-06-09 22:15 ` [OE-core][PATCH 5/5] spdx: Replace do_create_image_spdx with deploy task Joshua Watt
2026-06-10 13:17 ` [OE-core][PATCH 0/5] Implement SPDX for deploy tasks Mathieu Dubois-Briand
2026-06-11 18:46 ` Joshua Watt
2026-06-18 15:38 ` [OE-core][PATCH v2 " Joshua Watt
2026-06-18 15:38 ` [OE-core][PATCH v2 1/5] spdx: Add ability for deploy tasks to create SPDX Joshua Watt
2026-06-18 15:38 ` [OE-core][PATCH v2 2/5] classes-global/sstate: Keep SPDX generating setscene dependencies Joshua Watt
2026-06-18 15:38 ` [OE-core][PATCH v2 3/5] Add SPDX deploy tasks to various recipes Joshua Watt
2026-06-18 17:07 ` Patchtest results for " patchtest
2026-06-18 15:38 ` [OE-core][PATCH v2 4/5] spdx: Replace do_create_image_spdx with deploy task Joshua Watt
2026-06-18 15:38 ` [OE-core][PATCH v2 5/5] grub-efi: Change to MACHINE_ARCH Joshua Watt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260609222331.1293007-3-JPEWhacker@gmail.com \
--to=jpewhacker@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.