If I am not mistaken, the only kernel recipe to have a new PACKAGECONFIG
option is linux-yocto-dev, in commit 1bac831fba
"linux-yocto-dev: introduce dt-validation PACKAGECONFIG".
Therefore, let's replace (kernel) by the one kernel recipe that has this
change.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 1882954924cef9f17caad0f83973afe08f4db764)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Plaintext/clear passwords are not supported anymore but hashed passwords
still are. Mention that in the migration guide and point to the
appropriate location of documentation.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: f8b9697ec7bcc188db5ce9e5067bc82c023b79d9)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
extlinks captions support using %s substitution but only from sphinx 4.0
onwards.
c.f. https://www.sphinx-doc.org/en/master/usage/extensions/extlinks.html#confval-extlinks
Weirdly enough, on older sphinx versions, the caption is just a prefix
to the actual text passed to the extlink. Therefore, in that specific
case, CVE- or CVE-%s are identical in meaning for sphinx >=4.0 and since
only CVE- caption works on sphinx <4.0, let's go with CVE- caption
prefix.
Fixes: b311070d866cf "manuals: add 3.4 and 3.4.1 release notes after migration information"
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: c9922076f5c1285d9cfd6aff8ce5b6635d88222f)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
XZ_THREADS and XZ_MEMLIMIT were introduced in dunfell.
[RP improved an original patch from Paul]
(From yocto-docs rev: 96defb66b775093b5270bd1ebad0461c2bba1e5b)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Generated from commits in the kirkstone branch, as well as a few entries
from the migration guide.
(Note that the "Repositories / Downloads" section still needs to be
filled in.)
(From yocto-docs rev: 0c66638e61d3e16ac8d4b7ebc4ec6fb35625bf4f)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Make some corrections to preliminary set of entries
* Move out entries that were more appropriate for the release notes
(i.e. that are more additions rather than changes that require the
user to make changes)
* Add new entries based on commits in the kirkstone branch
(From yocto-docs rev: bea2da80e7c5338dc5abefe95ce27b80ed4ee98a)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add this since the INCOMPATIBLE_LICENSE wildcard support has changed in
the 4.0 release.
(From yocto-docs rev: c7946863e5a9d62a49131b92cc9549da9b799bbd)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It seems prudent to point out that hard-coding passwords in the manner
detailed in the example is not a good idea in production. This type of
mistake has unfortunately been made by many device vendors (outside of
the Yocto Project context) leading to security vulnerabilities.
(From yocto-docs rev: 1d07dba9423ae0a841eccb58c297e31b63c3965d)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We missed noting this in 3.4 but I noticed the documentation was
recently updated, so note the removal.
(From yocto-docs rev: f661e62d6faf48dbb6c6fd9a61a6448ec339d2bf)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The switcher expects URL subpath to match the "release" used by sphinx
to build the documentation. Branches, however, are put in a subpath
after their name (e.g. dunfell) while sphinx sets the "release" to
X.Y.999. This means the switcher cannot replace correctly the path to
switch between releases/versions.
Let set_versions.py inject the list of release names into the
switchers.js.in file so it can check whether the subpath is one of the
release names in which case it needs to be stripped.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 5ef3d129b8d0d8ae98a694103930988a46285525)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This array only contains versions that can be selected through the
dropdown menu for switching between supported versions.
Therefore, let's rename it to switcher_versions to make its usecase
clearer.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 5c3d67751bf3f572a0788d3a4734b80e3453d084)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Branches are identified by their .999 version suffix which means they
will never be matched in the forloop above this git context. Therefore,
branches will match the condition. However, branches are not necessarily
obsolete (e.g. dunfell, honister and kirkstone today), so let's mark as
obsolete the branches which are from obsolete releases.
Old tags of currently supported releases are not defined as obsolete but
outdated, therefore using the series to which they belong like it is
done for branches is enough for obsolescence detection.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 7181a432da18b47608784363d243ea39b80be1ed)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
master branch of Bitbake is now located at docs.yoctoproject.org/dev
instead of docs.yoctoproject.org so let's update the switchers and
set_versions.py to reflect that change.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 18338292d99ed236e2bac6e73a5152ef11c4a9e5)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ourseries can be an active release and therefore shouldn't be marked as
obsolete. By adding ourseries to activereleases, it is impossible to
know if ourseries is actually an active release or not. Instead let's
loop on the active releases with ourseries too (only if it's not active
release, otherwise it'd appear twice).
Fixes: 6f40ef56054ec "docs: set_versions.py: add information about obsolescence of a release"
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: f16b633211b97b2cdf2c65d83c99cd3853d2bb5c)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
versions array is supposed to store the latest version of all active
releases. However, in the loop it is reassigned and therefore, the check
on whether our version is already in the versions array will always
return false (except for the latest version of the last active release)
and write our version again in the list.
By using a local variable for the logic instead of versions array, the
check now works properly.
Fixes: f2b069be8c307 "set_versions: Various improvements"
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 36a088c8c99dd37f5ca07ec8f90f2c51ef8b36f2)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup
call, leading to a heap-based buffer over-read that might affect a system that
compiles untrusted Lua code.
https://nvd.nist.gov/vuln/detail/CVE-2022-28805
(From OE-Core rev: d2ba3b8850d461bc7b773240cdf15b22b31a3f9e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code
if netstat is used to print a DNS PTR record's value to a VT compatible
terminal. Alternatively, the attacker could choose to change the terminal's colors.
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
(From OE-Core rev: 3e17df4cd17c132dc7732ebd3d1c80c81c85bcc4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Based on additional information per release, specifically with the
obsolescence status of a release, the obsolescence detection can now be
much smarter than just checking if the release is older than dunfell.
This is required because with LTS (dunfell for example) releases, it is
now possible to have LTS releases that are older than obsolete releases.
This means obsolete releases need to be tracked and only the release
version cannot be used as an indicator of obsolescence.
Let's use the obsolete field of the per-release data in the all_versions
dictionary to display correct warning messages.
The warning message is first about outdated version if there's a newer
one available (*even* if it is for an obsolete release, e.g. 3.0.1 will
say it's outdated and should select 3.0.4 version instead), then if the
version is the last of the release, show a warning message if the
release is obsolete.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 6986baa0d3b544bbad8a7e23ee447abc6f2769f6)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This adds support for marking releases as obsolete to make the
detection algorithm smarter (in a later commit) than just checking if
it's older than dunfell.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 6f40ef56054ecbd3d8b7310d748c1af78a689add)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since commit f2b069be8c307 "set_versions: Various improvements", an
outdated version will always appear in all_versions, meaning there'll
always be an exact match in the loop (just above the git context of this
patch) so there's no need to add the current_version to the dropdown
menu manually.
This issue showed up only for outdated versions of obsolete releases,
e.g. 3.2.3. In that case, 3.2.4 (latest version of the obsolete release)
will appear in the all_versions array in addition to 3.2.3, which means
the check on release series (3.2) will be matched twice, and 3.2.3 will
be printed once in the 3.2.4 loop because version != current_version and
once in the 3.2.3 because it is an exact match to an entry in
all_versions.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 05065fa1f3855e8b7d9e8af0502b4ae402273400)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This includes a fix for CVE-2022-24765
(From OE-Core rev: a17dc42d82b12d7f891c903a02a0302b31829c88)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some of the flags listed here do change the output and hence do need to
be included in task checksums.
This means we start including the following flags in function/task/variable
checksums:
type, func, export, unexport, noexec, dirs, cleandirs
(From OE-Core rev: 54e8b744bb7e7aa03277a42b0c5cf707440f8b8a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The license in this code is listed as MIT and whilst it is compatible with and
usable as MIT, it actually looks like HPND. Clarify the license field accordingly.
(From OE-Core rev: 922b645f443c33060a8990d32e6b7b62ea5497c3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With the fix for #8621, cleandirs is now applied to autotools_do_install
and this results in a lot of the install targets to be removed. Ensure
cleandirs isn't set for autotools_do_install.
(From OE-Core rev: 72299395b06fc3fdaca5f7b8b87a6ea32a6267ad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The graphics option auto detection logic added in 7f78bb7a was not
checking if the publicvnc option had been specified, meaning that
it would be ignored and the auto detection result used instead.
Add setting a flag variable in the argument parsing and check
it along with the ones for the other graphics backend options.
(From OE-Core rev: 4b73b55c2d258768cda2bf7262ebb36bcb7fed5b)
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An attempt to disable the use of syslog() was made in commit 8f181686
(shadow-native: Simplify and fix syslog disable patch). However,
because the code checks if USE_SYSLOG is defined rather than checking
if it evaluates to TRUE the patch did not work as intended.
(From OE-Core rev: e1f21d0d3385f9d9f4316bf0039b287fd4b37fc8)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
logger.debug was giving an integer value (2) as event message, causing
knotty to crash when running with debug enabled.
bitbake/lib/bb/ui/knotty.py", line 685, in main
event.msg = taskinfo['title'] + ': ' + event.msg
TypeError: can only concatenate str (not "int") to str
Same issue also happens in the original code that was taken from
oe-core (openembedded-core/meta/lib/crate.py honister) / meta-rust.
(Bitbake rev: c212b0f3b542efa19f15782421196b7f4b64b0b9)
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backporting changes from lttng master to support building against
the 5.18+ kernel. No changes required to the patches. Once a new
-stable 2.13.x is released, we can drop these patches. To enable
newer kernel development against the LTS, it is worth pulling these
in while we wait for an upstream release.
(From OE-Core rev: 8a7237a47488442513741930ea55d69dd6bd7be4)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
5.18-rc2 has been released, so we bump the -dev kernel to allow
easier testing of our components against the latest korg.
(From OE-Core rev: 091f1356d0245dcafe2f01bd5dcccf3802aaccfb)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The renaming left a broken desktop file behind (the others are overwritten).
Fix this by removing it.
(From OE-Core rev: 60925ef384f8c9966499b0d7e67927f1906be495)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There was no icon being displayed for this, fix the name so that
is corrected.
(From OE-Core rev: 3bf3d123e1c62d1811039328f1f557ae35dec3fd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use bitwise operators to manipulate the received event mask in
_ProcessEvent.
Also minor clarification & clean up of the related comments.
(Bitbake rev: 2ab60c7be124d928d304ab1fb73f0dbff29964ae)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In `runtaskhashes`, the keys contain the absolute paths to the recipe. When
working with shared sstate caches (where these absolute paths can be different)
we see that compare_sigfiles does not identifiy a changed hash of a dependent
task as "changed", but instead as "removed"&"added", preventing the function
from recursing and continuing the comparison.
By calling `clean_basepaths` before comparing the `runtaskhashes` dicts, we
avoid this.
(Bitbake rev: 7358378b90b68111779e6ae72948e5e7a3de00a9)
Signed-off-by: Adriaan Schmidt <adriaan.schmidt@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
