Moritz Haase [Thu, 3 Jul 2025 13:27:16 +0000 (15:27 +0200)]
apt: Backport patch to support builds with CMake 4+
There have been a number of upstream releases that ship this patch already, but
given that the most recent ones are considered experimental, I opted to backport
instead.
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 30 Jun 2025 09:13:03 +0000 (17:13 +0800)]
pango: upgrade 1.56.3 -> 1.56.4
Changelog:
===========
- fontconfig: Improve the add_font_file implementation
- fontconfig: Combine font features and style variants
- fontconfig: Make sure font faces stay alive
- win32: Drop some caching
- win32: Make sure font faces stay alive
- win32: Modernize and simplify the code
- win32: Stop synthesizing fonts
- win32: Implement list models
- coretext: Support synthetic small caps
- layout: Avoid assertions in line breaking
- build: Require GLib 2.82
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=============
- Fix missing release wheels
- Fix typo in README.rst for SPDX license list version
- Fix LicenseWithExceptionSymbol missing Expression class variables
- Depcreated licenses are loaded by default.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 30 Jun 2025 09:12:56 +0000 (17:12 +0800)]
libpam: upgrade 1.7.0 -> 1.7.1
0001-meson.build-correct-check-for-existence-of-two-prepr.patch
removed since it's included in 1.7.1
Changelog:
===============
* pam_access: do not resolve ttys or display variables as hostnames.
* pam_access: added "nodns" option to disallow resolving of tokens as hostnames
(CVE-2024-10963).
* pam_limits: added support for rttime (RLIMIT_RTTIME).
* pam_namespace: fixed potential privilege escalation (CVE-2025-6020).
* meson: added support of elogind as a logind provider.
* Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Louis Rannou [Thu, 3 Jul 2025 12:14:36 +0000 (14:14 +0200)]
openssh: limit read access to sshd_config
Enhance security by limiting read access for /etc/sshd_config to user root as it
may reveal unsecure configurations.
Reading access is limited in the install append as the default value 0644 is
hardcoded in the openssh makefile and is not configurable. Therefore the
permissions are modified in the install append.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rpm-sequoia: Use DEBUG_BUILD to determine build directory
Debug builds fail with a panic in build.rs when attempting
to create rpm-sequoia.pc in a non-existent target/debug directory:
process didn't exit successfully: `TOPDIR/tmp/work/core2-32-wrs-linux/rpm-sequoia/1.7.0/build/target/debug/build/rpm-sequoia-d2609670a855c0b5/build-script-build` (exit status: 101)
— stderr
thread 'main' panicked at build.rs:125:36:
Creating "TOPDIR/tmp/work/core2-32-wrs-linux/rpm-sequoia/1.7.0/sources-unpack/git/target/debug/rpm-sequoia.pc" (CARGO_TARGET_DIR: None): Os
{ code: 2, kind: NotFound, message: "No such file or directory" }
This was caused by the build and install logic assuming a fixed release directory
in rpm-sequoia recipe.
Update build and install steps to use the ${BUILD_DIR} variable,
which is set based on the value of DEBUG_BUILD from cargo.bbclass.
(rpm-sequoia inherits cargo)
This ensures paths used for rpm-sequoia.pc generation and installation
are valid in both debug and release configurations.
Changelog:
- AdwAboutDialog/AdwAboutWindow
- Fix a leak
- AdwAvatar
- Fix custom image size with GTK 4.19.2
- AdwStyleManager
- Fix loading font names when debug variables are set
- AdwTabOverview
- Update window radius
- AdwToastOverlay
- Fix a critical when showing a toast while hiding it
- Tests
- Fix a leak
Mike Crowe [Wed, 2 Jul 2025 10:56:58 +0000 (11:56 +0100)]
externalsrc: Always ask Git for location of .git directory
externalsrc_configure_prefunc assumed that the .git directory is
${S}/.git. This isn't true for submodules at least.
srctree_hash_files already contained code to ask Git for the correct
path to the .git directory. Let's move that code to a new find_git_dir
function and call it from both places and make the behaviour consistent.
Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 30 Jun 2025 09:13:10 +0000 (17:13 +0800)]
python3-pdm: upgrade 2.25.1 -> 2.25.3
Changelog:
=============
- Fix a bug that local file package metadata was missing when reading the lockfile.
- Extract dependency-groups and extras markers from marker value when parsing pylock.toml.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 30 Jun 2025 09:13:08 +0000 (17:13 +0800)]
python3-markdown: upgrade 3.8 -> 3.8.2
Changelog:
============
- Fix codecs deprecation in Python 3.14.
- Fix issue with unclosed comment parsing in Python 3.14.
- Fix issue with unclosed declarations in Python 3.14.
- Fix issue with unclosed HTML tag < foo and Python 3.14.
- Ensure incomplete markup declaration in raw HTML doesn't crash parser (#1534).
- Fixed dropped content in md_in_html (#1526).
- Fixed HTML handling corner case that prevented some content from not being rendered
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mikko Rapeli [Wed, 2 Jul 2025 07:25:13 +0000 (10:25 +0300)]
oeqa context.py: use TEST_SUITES if set
If build target has set TEST_SUITES, then that should
be the default test modules to execute. Fixes testexport.bbclass
to run same tests as testimage.bbclass which already
uses TEST_SUITES.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
compiler-rt,libcxx: Use clang for native-libcxx and gcc for compiler-rt-native
compiler-rt configure calls for c++ compiler which can cause C++ runtime to
not be detected on some Yocto autobuilder workers running ubuntu 24.04
therefore let it use gcc for native version
Set TOOLCHAIN_NATIVE for using clang for libcxx
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kernelsrc/perf: clean up package version while using kernel source
If recipe inherits bbclass kernelsrc to use kernel sources,
the recipe should explicitly set ${KERNEL_VERSION} to ${PKGV}
in task do_package, otherwise package version (${PV} is usually
default 1.0) is not consistent with kernel source.
For example, there are 5 recipes in meta-openembedded to inherit
kernelsrc, but 4 recipes explicitly set PKGV.
This commit clean up the setting of PKGV, move it to kernelsrc.bbclass
for common use, the recipe (such as intel-speed-select) that inherited
kernelsrc will not be required to explicitly set ${PKGV} with
${KERNEL_VERSION}
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hongxu Jia [Mon, 30 Jun 2025 12:17:08 +0000 (20:17 +0800)]
kernel-devsrc: make package version consistent with kernel source
The package version of kernel-devsrc is 1.0 which is not consistent
with kernel source
$ bitbake kernel-devsrc
$ ls tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-*
tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-1.0-r0.qemux86_64.rpm
tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-dbg-1.0-r0.qemux86_64.rpm
tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-dev-1.0-r0.qemux86_64.rpm
After commit [kernelsrc.bbclass/perf: make package version consistent
with kernel source] applied, it moved the setting of PKGV to
kernelsrc.bbclass for common use. And bbclass kernelsrc has already
inherited linux-kernel-base, this commit uses bbclass kernelsrc to
instead of linux-kernel-base, and remove duplicated settings.
After applying this commit:
$ ls tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-*
tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-6.12.31-r0.qemux86_64.rpm
tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-dbg-6.12.31-r0.qemux86_64.rpm
tmp/work/qemux86_64-poky-linux/kernel-devsrc/1.0/deploy-rpms/qemux86_64/kernel-devsrc-dev-6.12.31-r0.qemux86_64.rpm
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jon Mason [Tue, 1 Jul 2025 13:27:23 +0000 (09:27 -0400)]
libucontext: use hard/soft float
When building for qemuarm-secureboot in meta-arn with musl and clang,
the following compile error is seen:
- | ../sources/libucontext-1.3.2/arch/arm/swapcontext.S:23:11: error: unknown token in expression
- | ldr r4, =#0x56465001
- | ^
This is happening because 1.3 added ifdefs for assembly code for both
hard and soft float, and bcause neither is being defined, it is taking
this path with the issue.
Since we can tell if soft or hard float is being used via the TARGET_FPU
variable, use that and set the relevant makefile flag.
Signed-off-by: Jon Mason <jon.mason@arm.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Thomas Perrot [Tue, 1 Jul 2025 14:42:50 +0000 (16:42 +0200)]
opensbi: bump to 1.7
This release has:
- New parameter in top-level Makefile for reproducible builds
- Added MIPS P8700 platform support
- Allow arbitrary path in LLVM parameter of top-level Makefile
- Improved SBI v3.0 extensions to match frozen specification
- Emulate AMO instructions when Zaamo is not available
- Stop the harts waiting for HSM start from supervisor software
- Improved generic platform overrides to use common fdt_driver helpers
- Improved SBI MPXY framework to use per-domain data
- Added support for control transfer records (CTR) ISA extension
- Use LR and SC when Zaamo ISA extension is not available
- Added PXA UART support
- Added support for double-trap ISA extensions
- Optimized hartid and scratch lookup
- Added unit tests for bitwise operations
- Added unit tests for SBI ecall functionality
- Constify various FDT driver definitions
- Added MPXY RPMI mailbox driver for System MSI service group
- Improved RPMI drivers to match frozen specifications
- Initialize miscellaneous early drivers in one pass
- Use fdt_driver helpers for irqchip driver framework
- Allow adding SSE events dynamically at boot-time
- Simple singly linked list implementation
Overall, this release adds more ISA extensions and does many device driver
improvements.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
spdx30: Allow VEX Justification to be configurable
Instead of hard coding the VEX justifications for "Ignored" CVE status,
add a map that configures what justification should be used for each
status.
This allows other justifications to be easily added, and also ensures
that status fields added externally (by downstream) can set an
appropriate justification if necessary.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 1 Jul 2025 23:24:35 +0000 (07:24 +0800)]
libproxy: upgrade 0.5.9 -> 0.5.10
Changelog:
==========
- kde: Support Proxy Config Script value without scheme
- Create codeql.yml
- Add MATE and Cinnamon check to gnome plugin
- Support -M option for Solaris/illumos ld
- Fix symbol versioning with LLD
- Create SECURITY.md
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 1 Jul 2025 23:24:34 +0000 (07:24 +0800)]
libmodulemd: upgrade 2.15.1 -> 2.15.2
Fixes:
-----------
module_index test now passes if RPM library is built without bzip2 or xz
compression support and libmodulemd is configured to support decompression
using the RPM library.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
clang-native: Add class to use clang as native compiler
Some recipes demand full clang/llvm builds e.g. chromium we need to use
clang as native toolchain. This class collects all needed bits to enable
OE built clang to provide the clang native toolchain
Setting
TOOLCHAIN_NATIVE = "clang"
in recipe will chose clang for native toolchain
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Mon, 30 Jun 2025 07:44:42 +0000 (15:44 +0800)]
mingetty: fix do_package warning
Reproduce steps(Under the same project dir):
1. enable DISTRO_FEATURES usrmerge, bitbake mingetty
2. disable DISTRO_FEATURES usrmerge, bitbake mingetty
Result in step 2:
WARNING: mingetty-1.08-r3 do_package: mingetty: NOT adding alternative provide /usr/sbin/getty: /usr/sbin/mingetty does not exist
WARNING: mingetty-1.08-r3 do_package: QA Issue: mingetty: Files/directories were installed but not shipped in any package:
/sbin
/usr/sbin
In step1, Line SBINDIR=/sbin is replaced to SBINDIR=/usr/sbin, in step2,
since do_fetch does not rerun, Makefile still has SBINDIR=/usr/sbin, so
sed not works as expected, SBINDIR still equal to /usr/sbin when disable
usrmerge. And cause above two warnings.
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mikko Rapeli [Tue, 1 Jul 2025 07:33:54 +0000 (10:33 +0300)]
oeqa/runtime: set self.runner and handle None
Set default self.runner to None. qemu target sets
the runner to qemu. Then handle self.runner None in
run_network_serialdebug(). This way ssh runner
and failing ping or ssh tests handle the error cases.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Wed, 2 Jul 2025 07:28:52 +0000 (15:28 +0800)]
gnupg: drop -unknown suffix from version number
For gnupg and related packages, if autogen.sh is run outside of a git
repo, the find-version function always assumes that the package is a
beta version and adds the suffix '-unknown' to the version number.
Add drop-unknow-suffix.inc file that can be included by gnupg and other
recipes. This file is used to modify autogen.sh:
1. Replace beta=yes with beta=no.
2. Replace tmp="-unknown" with tmp=""
Also remove 0004-autogen.sh-fix-find-version-for-beta-checking.patch as
it is no longer needed.
Befor the fix:
$ gpg --version
gpg (GnuPG) 2.5.5-unknown
After the fix:
$ gpg --version
gpg (GnuPG) 2.5.5
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 1 Jul 2025 21:44:02 +0000 (22:44 +0100)]
sanity: Reference gcc/g++ directly
BUILD_CC and BUILD_CXX can be overridden on a per recipe context now so
these tests don't make sense in this form any more. They assume gcc/g++
so lets just use those directly.
This fixes things to work with toolchain selection for the native
case.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 27 Jun 2025 09:25:00 +0000 (10:25 +0100)]
bitbake.conf/sstate: Introduce OE_SHARED_UMASK to standarise shared area umask
Currently, the "shared" directory permissions of sstate are hardcoded. Since
multiple areas of the code reference this, separate it out to a variable to
allow the behaviour to be configurable. Initially this applies to SSTATE_DIR.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Add python3-packaging to RDEPENDS
* Enable ptest:
- Add to ptest-packagelists.inc PTESTS_FAST
- inherit ptest-python-pytest
- Add python3-setuptools to ptest RDEPENDS
- One test is skipped, but it requires the "full" python3-flit,
not just python3-flit-core.
Comparing changes since 0.45.1:
https://github.com/pypa/wheel/compare/0.45.1...0.46.1
Release notes [1]:
0.46.1 (2025-04-08)
* Temporarily restored the wheel.macosx_libfile module (#659)
0.46.0 (2025-04-03)
* Dropped support for Python 3.8
* Removed the bdist_wheel setuptools command implementation and entry
point. The wheel.bdist_wheel module is now just an alias to
setuptools.command.bdist_wheel, emitting a deprecation warning on import.
* Removed vendored packaging in favor of a run-time dependency on it
* Made the wheel.metadata module private (with a deprecation warning if
it’s imported
* Made the wheel.cli package private (no deprecation warning)
* Fixed an exception when calling the convert command with an empty
description field
Moritz Haase [Fri, 27 Jun 2025 06:13:46 +0000 (08:13 +0200)]
json-c: Remove icecc specific comment
6481e8b209b ("json-c: fix icecc compilation") disabled '-Werror' unconditionally
for all compilers. We want to keep it disabled to reduce efforts when updating
or adding support for new toolchains (see [0]), but since support for icecc has
been removed via ba4fd5229893 ("classes/recipes-devtools: Drop icecc from
OE-Core") recently, we can drop the comment referencing it.
Randy MacLeod [Thu, 26 Jun 2025 21:28:02 +0000 (17:28 -0400)]
ninja: upgrade 1.12.1 -> 1.13.0
Changelog:
==========
- Ninja now automatically joins a GNU Make jobserver as a client
(version 4.4 on non-Windows systems required for "fifo" style) #1139
- Print exit code of failed subcommands #1507
- ninja -t compdb accepts a target #1544
- Support for ANSI (color) escape codes in NINJA_STATUS #713
See:
https://github.com/ninja-build/ninja/milestone/8?closed=1
for a complete list of changes.
Add tag to SRC_URI as is now required.
Also line-wrap the DESCRIPTION.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Thune Tran [Thu, 26 Jun 2025 20:57:21 +0000 (20:57 +0000)]
oeqa/sdk: Simplify test specification and discovery
Simplify how tests are specified and discovered for different SDK configurations
to allow per-layer customization.
* Introduce `TESTSDK_CASE_DIRS` variable to specify test directory types,
replacing the need to modify the default_cases class member
* Discover tests from configured layers using a common discovery pattern
(`<LAYER_DIR>/lib/oeqa/<dirname>/cases`) where `<dirname>` is specified in `TESTSDK_CASE_DIRS`
* The buildtools directories were renamed to follow the common discovery pattern
(`<LAYER_DIR>/lib/oeqa/<dirname>/cases`) for consistency across all SDK configurations.
Ross Burton [Fri, 27 Jun 2025 13:48:49 +0000 (14:48 +0100)]
oeqa/sefltest/devtool: improve assignment matching in _test_recipe_contents
This function assumed that all assignments are done with just "=".
However, being able to check += or ?= is also useful, so use a regex to
split the line and be more flexible about what an assignment operator
looks like.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 27 Jun 2025 13:48:47 +0000 (14:48 +0100)]
classes/go-mod-update-modules: add class to generate module list
Almost entirely based on the create_go.py module for recipetool by
Christian Lindeberg <christian.lindeberg@axis.com>, this instead has the
logic inside a class that can be used to update the list of Go modules
that are used, both SRC_URI and LICENSE.
Integration with devtool upgrade will come shortly, but it needs a bit
more work.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 27 Jun 2025 13:48:44 +0000 (14:48 +0100)]
recipetool: allow recipe create handlers to specify bitbake tasks to run
When creating a recipe there can be cases where there is a class that
does some of the recipe creation (such as cargo-update-recipe-crates).
To avoid duplication of code, look for run_task assignments in the
extravalues dictionary returned by the handler, and if it is set then
call that task after writing the recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ricardo Simoes [Fri, 27 Jun 2025 12:21:58 +0000 (14:21 +0200)]
dosfstools: Use standard fsck exit codes
This commit brings in `dosfstools` patches to make `fsck.vfat` exit
codes adhere to the standard exit codes defined by `fsck`. See [1].
These will fix the interaction of `fsck.vfat` with other tools like
`systemd-fsck` which expect the exit codes to be in line with the
standard [2].
However, as of today the dosfstools maintainer(s) are invisible for over
a year [3]. Thus, if upstream ever becomes active again, these patches
should be reassessed.
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com> Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
