We don't want this warning causing problems on the AB, so leave it
comment out for now
(From OE-Core rev: d41018311abf91899645b8f3160db540abdb5398)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Native recipes do not produce packages and should not process them,
otherwise it can trigger an error in read_subpackage_metadata
(From OE-Core rev: ea077b1ff6a4ccd5241a085bf9a3f67011e0f7bf)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stop filtering the runtime dependencies based on do_create_sdpx (makes
it only pick up things in DEPENDS) and instead include all task
dependencies that are not the current PN. This allows other dependency
methods to be picked up correctly, for example the dependency on the
kernel used by kernel modules.
(From OE-Core rev: c9659562cf88a820c668ff1eb20814dcb4829392)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The Public Domain license (PD) needs a special exception in the license
processing since there is no common license text to be extracted for
these licenses.
(From OE-Core rev: fe5b757712aa99ff1ff10d2304ac320100635200)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
file:// URIs should not be included as the downloadLocation. Instead,
loop until a non-file:// URI is found, or set the location to
NOASSERTION if none is found
(From OE-Core rev: 19c61ec3986213b336d965d90b1329085e7d6179)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use the bb.utils.sha* utilities to hash files since they are much faster
than the loops we were rolling ourselves
(From OE-Core rev: a6d9de5350937c7e25899491db59f473345f0b69)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Licenses reported in the SPDX documents should be either:
A) A valid SPDX identifier cross referenced from the SPDX license
database
B) A "LicenseRef" to a license described in the SPDX document
The licensing code will now add a placeholder extracted license with
corresponding "LicenseRef" for any licenses that are not matched to the
SPDX database
Parenthesis in the license expression are now handled correctly
(From OE-Core rev: 28d9d035c0ff8fcaf28bc96a976a43a602a47e94)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This will create a more uniq DocumentRef, which will allow
the individual spdx files to be merged into a single SBOM
file reflecting the image. Do the same with the runtime dependencies
also
(From OE-Core rev: df7c88a48621d32c02f328eedc314f10d475b758)
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes another creator that was missed earlier
(From OE-Core rev: 046c05fec9fc5162d7a14971ed1402d86605d229)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If a debug source cannot be found, mark it as NOASSERTION so that other
tools at least know we were unable to locate it.
(From OE-Core rev: 0e6bdd3f208c50153087c2baca67e9fd64a458d0)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add the index to DEPLOYDIR in addition to adding it to the SPDX archive
(From OE-Core rev: 374dc08c0f22e98a267676f71308592d17f77d64)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update the creator name since this no longer lives in meta-doubleopen
(From OE-Core rev: 6fdea64ef53eb4de3d0e58e70ae6b391fdff6cd0)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
