[OE-core][dunfell 01/16] cve-check: Run it after do_fetch

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 01/16] cve-check: Run it after do_fetch
Date: Mon,  1 Jun 2020 04:11:09 -1000	[thread overview]
Message-ID: <dbf143d79476e54e8da93101fc16eaedeec88362.1591020366.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1591020366.git.steve@sakoman.com>

From: Khem Raj <raj.khem@gmail.com>

Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in
metadata, this could fail cve_check

ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001

This patch ensures that download is done before running CVE scan, even
though these will be external patches and may not contain CVE tags as it
expects, but it will fix the run failures as seen above

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/cve-check.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 2a530a0489..556ac6e67f 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -65,7 +65,7 @@ python do_cve_check () {
 
 }
 
-addtask cve_check before do_build
+addtask cve_check before do_build after do_fetch
 do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db"
 do_cve_check[nostamp] = "1"
 
-- 
2.17.1

next prev parent reply	other threads:[~2020-06-01 14:11 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-01 14:11 [OE-core][dunfell 00/16] Patch review Steve Sakoman
2020-06-01 14:11 ` Steve Sakoman [this message]
2020-06-01 14:11 ` [OE-core][dunfell 02/16] checklayer: Skip layers without a collection Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 03/16] oeqa/concurrencytest: don't delete build directory for failed tests Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 04/16] sanity.bbclass: Detect and fail if 'inherit' is used in conf file Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 05/16] archiver.bbclass: Fix duplicated SRC_URIs for do_ar_original Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 06/16] resulttool/report: Remove leftover debugging Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 07/16] resulttool/log: Add ability to dump ltp logs as well as ptest Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 08/16] terminal.py: do not stop searching for auto Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 09/16] bind: fix CVE-2020-8616/7 Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 10/16] libexif: fix CVE-2020-13114 Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 11/16] libubootenv: Remove the DEPENDS on mtd-utils Steve Sakoman
2020-06-02  5:24   ` Adrian Bunk
2020-06-01 14:11 ` [OE-core][dunfell 12/16] qemurunner: fix ip fallback detection Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 13/16] make-mod-scripts: Fix a rare build race condition Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 14/16] bitbake.conf: Remove unused DEPLOY_DIR_TOOLS variable Steve Sakoman
2020-06-01 16:38   ` Richard Purdie
2020-06-01 16:51     ` Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 15/16] sstate.bbclass: When siginfo or sig files are missing, stop fetcher errors Steve Sakoman
2020-06-01 14:11 ` [OE-core][dunfell 16/16] qemuarm: check serial consoles vs /proc/consoles Steve Sakoman

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:2a530a048 dfblob:556ac6e67 )
 OR (
bs:"[OE-core][dunfell 01/16] cve-check: Run it after do_fetch" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=dbf143d79476e54e8da93101fc16eaedeec88362.1591020366.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox