From: Peter Marko Date: Sun, 24 Aug 2025 14:57:39 +0000 (+0200) Subject: cve-update-db-native: Use a local copy of the database during builds X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e5b0a74810fdd3f72fe61e0ae1f859a444dc1fa5;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git cve-update-db-native: Use a local copy of the database during builds OE-Core rev: 03596904392d257572a905a182b92c780d636744 This seems to be misimplemented when re-adding update from nvd1 feed. Use file in temporary directory instead of downloads directory for update process. Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie --- diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index dff5cd1c61..70bef2179f 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb @@ -24,8 +24,7 @@ CVE_SOCKET_TIMEOUT ?= "60" CVE_CHECK_DB_DLDIR_FILE ?= "${DL_DIR}/CVE_CHECK2/${CVE_CHECK_DB_FILENAME}" CVE_CHECK_DB_DLDIR_LOCK ?= "${CVE_CHECK_DB_DLDIR_FILE}.lock" - -CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DLDIR_FILE}.tmp" +CVE_CHECK_DB_TEMP_FILE ?= "${CVE_CHECK_DB_FILE}.tmp" python () { if not bb.data.inherits_class("cve-check", d): @@ -44,7 +43,7 @@ python do_fetch() { db_file = d.getVar("CVE_CHECK_DB_DLDIR_FILE") db_dir = os.path.dirname(db_file) - db_tmp_file = d.getVar("CVE_DB_TEMP_FILE") + db_tmp_file = d.getVar("CVE_CHECK_DB_TEMP_FILE") cleanup_db_download(db_file, db_tmp_file) @@ -64,6 +63,7 @@ python do_fetch() { pass bb.utils.mkdirhier(db_dir) + bb.utils.mkdirhier(os.path.dirname(db_tmp_file)) if os.path.exists(db_file): shutil.copy2(db_file, db_tmp_file)