]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eb730ca) | patch
create-spdx/sbom: Ensure files don't overlap between machines
authorRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 21 Sep 2023 15:04:20 +0000 (09:04 -0600)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 22 Sep 2023 06:43:51 +0000 (07:43 +0100)
commitb2db10e966438071d00d2057b84d5f347613d841
treea91fbd04f800fbcfe7fd4f9283a136e4d0581c7ctree | snapshot
parenteb730ca78c6408513f3443d5017c3ae1504ae323commit | diff
create-spdx/sbom: Ensure files don't overlap between machines

Currently the by-id and by-namespace SPDX files are created without reference
to PACKAGE_ARCH. This means that for two machines using a common package architecture
(e.g. genericx86-64 and qqemux86-64), there would be overlapping files. This means
that the build of one can remove files from the other leading to build failures. An
example would be:

MACHINE=qemux86-64 bitbake core-image-minimal
MACHINE=genericx86-64 bitbake core-image-minimal
MACHINE=qemux86-64 bitbake linux-yocto -c clean
MACHINE=genericx86-64 bitbake core-image-minimal -C rootfs

To fix this, add PACKAGE_ARCH to the path used for the files and use a search
path based upon PACKAGE_ARCHS to access them.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/classes/create-spdx-2.2.bbclass diff | blob | blame | history
meta/lib/oe/sbom.py diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core