git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Hongxu Jia <hongxu.jia@windriver.com>
	Wed, 25 Jun 2025 09:20:39 +0000 (17:20 +0800)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 30 Jun 2025 16:19:02 +0000 (17:19 +0100)
commit	0bd069f526ee0d535477b75a4aa825b4cb589423
tree	e42be5e3ab18cb24571175227615034857acf522	tree
parent	ee2df4554804cc08906cf7b5c734b234c7913c5f	commit \| diff

create-spdx-2.2: support to override the version of a package in SPDX 2

By default, still use ${PV} as the the version of a package in SPDX 2

$ echo 'INHERIT:remove = "create-spdx"' >> conf/local.conf
$ echo 'INHERIT += "create-spdx-2.2"' >> conf/local.conf
$ bitbake acl
$ jq . tmp/deploy/spdx/2.2/core2-64/recipes/recipe-acl.spdx.json
...
      "name": "acl",
      "summary": "Utilities for managing POSIX Access Control Lists",
      "supplier": "Organization: OpenEmbedded ()",
      "versionInfo": "2.3.2"
    },
...

Support to override it by setting SPDX_PACKAGE_VERSION, such as
set SPDX_PACKAGE_VERSION = "${EXTENDPKGV}" in local.conf to append
PR to versionInfo in SBOM 2
$ echo 'SPDX_PACKAGE_VERSION = "${EXTENDPKGV}"' >> conf/local.conf
$ bitbake acl
$ jq . tmp/deploy/spdx/2.2/core2-64/recipes/recipe-acl.spdx.json
...
      "name": "acl",
      "summary": "Utilities for managing POSIX Access Control Lists",
      "supplier": "Organization: OpenEmbedded ()",
      "versionInfo": "2.3.2-r0"
    },
...

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>