spdx_common: Fix invalid SPDX downloadLocation for Rust crates - linux/poky.git

diff options

author	Jayasurya Maganuru <Maganuru.Jayasurya@Windriver.com>	2025-10-20 00:22:28 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-10-27 11:37:43 +0000
commit	3d67ec276262d8f694be6bc9b492c504d12ae399 (patch)
tree	5f35b64096e71b46d20c18b9784a34438e2c4a65 /meta/recipes-devtools/syslinux/files/syslinux-libupload-depend-lib.patch
parent	a23d913daa8ff59ac27b46c27158df0b5a617b05 (diff)
download	poky-3d67ec276262d8f694be6bc9b492c504d12ae399.tar.gz

spdx_common: Fix invalid SPDX downloadLocation for Rust crates

Fixes [YOCTO #15909] SPDX validation was failing due to the use of `crate://crates.io/...` as the `downloadLocation`, which is not a valid SPDX URL as per the 2.2 specification. This patch updates `fetch_data_to_uri()` in `spdx_common.py` to detect when the fetcher type is "crate" and instead use the `url` attribute, which contains a valid HTTP(S) URL in the expected format, e.g.: https://crates.io/api/v1/crates/<name>/<version>/download This aligns the SPDX metadata for Rust crates with the specification and avoids validation errors in tools consuming SPDX documents. Tested with the `python3-bcrypt` recipe and verified that the generated `spdx.json` contains a valid `software_downloadLocation`. Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15909 (From OE-Core rev: 7cadbd1a22e18847d03b5baa902f5581d3e0aafa) Signed-off-by: Jayasurya Maganuru <Maganuru.Jayasurya@Windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-devtools/syslinux/files/syslinux-libupload-depend-lib.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: