From: "Antonin Godard" <antonin.godard@bootlin.com>
To: "Benjamin Robin" <benjamin.robin@bootlin.com>,
<openembedded-core@lists.openembedded.org>
Cc: <richard.purdie@linuxfoundation.org>, <rybczynska@gmail.com>,
<ross.burton@arm.com>, <peter.marko@siemens.com>,
<jpewhacker@gmail.com>, <olivier.benjamin@bootlin.com>,
<mathieu.dubois-briand@bootlin.com>,
<thomas.petazzoni@bootlin.com>
Subject: Re: [PATCH v5] sbom-cve-check: Add class for post-build CVE analysis
Date: Thu, 19 Mar 2026 16:03:54 +0100 [thread overview]
Message-ID: <DH6UMY6OUZES.7NVRN7J9CUFU@bootlin.com> (raw)
In-Reply-To: <20260319-add-sbom-cve-check-v5-1-e310cce7399d@bootlin.com>
Hi,
On Thu Mar 19, 2026 at 3:41 PM CET, Benjamin Robin wrote:
[...]
> diff --git a/meta/conf/fragments/yocto/sbom-cve-check.conf b/meta/conf/fragments/yocto/sbom-cve-check.conf
> new file mode 100644
> index 000000000000..1cdb83117387
> --- /dev/null
> +++ b/meta/conf/fragments/yocto/sbom-cve-check.conf
> @@ -0,0 +1,7 @@
> +# This fragment enable sbom-cve-check with recommended options
> +
> +IMAGE_CLASSES:append = " sbom-cve-check"
> +SRCREV:pn-sbom-cve-check-update-nvd-native = "${AUTOREV}"
> +SRCREV:pn-sbom-cve-check-update-cvelist-native = "${AUTOREV}"
> +SPDX_INCLUDE_VEX = "all"
> +SPDX_INCLUDE_COMPILED_SOURCES:pn-linux-yocto = "1"
You need to define a summary and description of the fragment, see
https://docs.yoctoproject.org/dev-manual/creating-fragments.html.
Antonin
prev parent reply other threads:[~2026-03-19 15:04 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-19 14:41 [PATCH v5] sbom-cve-check: add CVE analysis tool and class Benjamin Robin
2026-03-19 14:41 ` [PATCH v5] sbom-cve-check: Add class for post-build CVE analysis Benjamin Robin
2026-03-19 15:03 ` Antonin Godard [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DH6UMY6OUZES.7NVRN7J9CUFU@bootlin.com \
--to=antonin.godard@bootlin.com \
--cc=benjamin.robin@bootlin.com \
--cc=jpewhacker@gmail.com \
--cc=mathieu.dubois-briand@bootlin.com \
--cc=olivier.benjamin@bootlin.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=peter.marko@siemens.com \
--cc=richard.purdie@linuxfoundation.org \
--cc=ross.burton@arm.com \
--cc=rybczynska@gmail.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox