From: Peter Marko <peter.marko@siemens.com>
Date: Sun, 24 Aug 2025 14:57:40 +0000 (+0200)
Subject: cve-update-db-native: Handle BB_NO_NETWORK and missing db
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=749c8e266ded2fa81e0e0ebbfa8f1ba164a062f2;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

cve-update-db-native: Handle BB_NO_NETWORK and missing db

OE-Core rev: 337c0806d2784d74bee8d6420fb8b4d48795d5fa

This commit was not applied on nvd1/fkie fetcher.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 70bef2179f..fe7b8a017f 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -54,6 +54,8 @@ python do_fetch() {
         update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL"))
         if update_interval < 0:
             bb.note("CVE database update skipped")
+            if not os.path.exists(db_file):
+                bb.error("CVE database %s not present, database fetch/update skipped" % db_file)
             return
         if time.time() - os.path.getmtime(db_file) < update_interval:
             bb.debug(2, "Recently updated, skipping")
@@ -62,6 +64,9 @@ python do_fetch() {
     except OSError:
         pass
 
+    if bb.utils.to_boolean(d.getVar("BB_NO_NETWORK")):
+        bb.error("BB_NO_NETWORK attempted to disable fetch, this recipe uses CVE_DB_UPDATE_INTERVAL to control download, set to '-1' to disable fetch or update")
+
     bb.utils.mkdirhier(db_dir)
     bb.utils.mkdirhier(os.path.dirname(db_tmp_file))
     if os.path.exists(db_file):