cve_check: skip remote patches that haven't been fetched when searching for CVE tags - linux/poky.git

diff options

author	Ross Burton <ross.burton@arm.com>	2022-04-27 12:43:39 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-08-18 17:52:23 +0100
commit	c4499b85f70bb6224f048ec9fd48ad195fd08cca (patch)
tree	8496b8ea4aa5a6a8cffe85f09d7d12f56485878e /documentation/sdk-manual/sdk-appendix-customizing-standard.rst
parent	c35c1e15f0e9903079691981f49540aeef1f39b6 (diff)
download	poky-c4499b85f70bb6224f048ec9fd48ad195fd08cca.tar.gz

cve_check: skip remote patches that haven't been fetched when searching for CVE tags

If a remote patch is compressed we need to have run the unpack task for the file to exist locally. Currently cve_check only depends on fetch so instead of erroring out, emit a warning that this file won't be scanned for CVE references. Typically, remote compressed patches won't contain our custom tags, so this is unlikely to be an issue. (From OE-Core rev: a2d03f445c45558997484240d2549eaa1e103692) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cefc8741438c91f74264da6b59dece2e31f9e5a5) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'documentation/sdk-manual/sdk-appendix-customizing-standard.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: