mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
ref-manual: classes: add cve status check for oe.qa
With a new check was added for oe.qa for CVE_STATUS via commit
3c5b7605acd9cd68b ("cve-check: Log if CVE_STATUS set but not
reported for component")
in poky. Add related documentation here.
(From yocto-docs rev: 04e1ff01e1b43daa0e5832904a82f95d0cfab678)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Simone Weiß
committed by
Richard Purdie
Richard Purdie
parent
c60038b721
commit
aaa609ac2b
@@ -1297,6 +1297,11 @@ The tests you can list with the :term:`WARN_QA` and
|
||||
paths to locations on the build host were used. Using such paths
|
||||
might result in host contamination of the build output.
|
||||
|
||||
- ``cve_status_not_in_db:`` Checks for each component if CVEs that are ignored
|
||||
via :term:`CVE_STATUS`, that those are (still) reported for this component
|
||||
in the NIST database. If not, a warning is printed. This check is disabled
|
||||
by default.
|
||||
|
||||
- ``debug-deps:`` Checks that all packages except ``-dbg`` packages
|
||||
do not depend on ``-dbg`` packages, which would cause a packaging
|
||||
bug.
|
||||
|
||||
Reference in New Issue
Block a user