summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* spdx: add option to include only compiled sourcesDaniel Turull2025-06-174-0/+63
| | | | | | | | | | | | | | | | | | | | | | | | When SPDX_INCLUDE_COMPILED_SOURCES is enabled, only include the source code files that are used during compilation. It uses debugsource information generated during do_package. This enables an external tool to use the SPDX information to disregard vulnerabilities that are not compiled. As example, when used with the default config with linux-yocto, the spdx size is reduced from 156MB to 61MB. Tested with bitbake world on oe-core. CC: Quentin Schulz <quentin.schulz@cherry.de> CC: Joshua Watt <JPEWhacker@gmail.com> CC: Peter Marko <peter.marko@siemens.com> (From OE-Core rev: c6a2f1fca76fae4c3ea471a0c63d0b453beea968) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cross/crosssdk: Allow deferring of these classes tooRichard Purdie2025-06-162-1/+2
| | | | | | (From OE-Core rev: 2e568ba8607a6f65caea891df9bc9341988aaf37) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Automatically defer native and nativesdk inheritsRichard Purdie2025-06-161-0/+2
| | | | | | (From OE-Core rev: ede97945ccabc7ace79a380be400357bbb8df80d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* toolchain/gcc/clang: Update PREFERRED_PROVIDER to work with multilibsRichard Purdie2025-06-162-17/+26
| | | | | | | | | | | | | As currently written, the PREFERRED_PROVIDER entries don't work with multilib since they are added after the manipulations by multilib_global at ConfigParsed time. We therefore need to spell out the configs correctly for multilib. To avoid variable overwritten warnings from the expansion, we then have to expand out the nativesdk providers usng class overrides. (From OE-Core rev: 1f69850b62d1e022055d0f3b93ad270c2980462e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* toolchain: Provide abstraction for recipe specific toolchain selectionRichard Purdie2025-06-168-3/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change implements a toolchain selection mechanism. Selection is made using a set of variables, primarily PREFERRED_TOOLCHAIN_TARGET which defaults to gcc. It uses the familiar name for toolchain e.g. "gcc" which selects GNU compiler + binutils as default C/C++ toolchain or "clang" which will use LLVM/Clang Compiler. Layers an add their own toolchain definitions too. There are also PREFERRED_TOOLCHAIN_NATIVE and PREFERRED_TOOLCHAIN_SDK which will ulitmately allow selection of the toolchain used for the native/cross and nativesdk/crosssdk compilers. This currently isn't functional but is essential to the patch to ensure things are set to the existing gcc support in those cases. Users would most commonly want to set: PREFERRED_TOOLCHAIN_TARGET ?= "clang" in local.conf or other distro specific global configuration metadata. It is also selectable at recipe scope, since not all packages are buildable with either clang or gcc, a recipe can explicitly require a given toolchain using the TOOLCAHIN variable, e.g. glibc can not be built with clang therefore glibc recipe sets: TOOLCHAIN = "gcc" The TOOLCHAIN variable is distinct from the user preference so recipes with specific requirements can be identified. This also allows different polcies to be be specified for native/SDK cases in the future. (From OE-Core rev: 45bdedd213aff8df3214b95ef2a8551c0abd93a0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base: Add deferred class event handlerRichard Purdie2025-06-161-1/+10
| | | | | | | | | | | | | Use the new deferred class event to set the class overrides earlier. This improves interaction of the override with PACKAGECONFIG values that control conditional inherits (such as python support). This also allows toolchain configuration in an easier and more user friendly way. (From OE-Core rev: d58f94d5684332bd4fac3747688558bb261b9c63) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity.conf: Bump bitbake requirement to 2.15.0Richard Purdie2025-06-161-1/+1
| | | | | | | | This brings in the features we need to toolchain selection. (From OE-Core rev: 78c1061dc3916677bd9c2825820a1bab7e75f28a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wic: Update after plugin name changesRichard Purdie2025-06-162-6/+6
| | | | | | | | Update the plugin names to account for the "-" to "_" plugin name change. (From OE-Core rev: afa1b5c9f6ed17c021e37a54d0d6abee50a60bf9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wayland-protocols: upgrade 1.44 -> 1.45Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 6d158db297a1b790fdf7f201eb3a1e47bb9bc272) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* repo: upgrade 2.55 -> 2.55.2Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 38cd05c628b3528db360ac2d3b8f40de124cda74) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-typing-extensions: upgrade 4.13.2 -> 4.14.0Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 590cac310ae962aade2bc2c8c1dcdd83d5c548b0) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-ruamel-yaml: upgrade 0.18.12 -> 0.18.14Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: bb219001f206b437fdf862b29a403db4bb65055c) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pdm: upgrade 2.24.2 -> 2.25.1Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | | | | | | Changelog: ============= - Fix duplicated dependencies added to the lock file when the same dependency with extras is requested. - Stabilize order of the extras and dependency-groups fields in pylock output. - Fix Windows 11 install pdm error, which is because of msgpack install failure. - Change the return type of array_of_inline_tables to list[dict] from list[str] - Ensure uv resolver to include hash for package files. - Avoid infinite recursion when reading pyproject.toml with circular file dependencies. - Support pylock as alternative lock format and make it opt-in by config. - Search for package metadata in lock file first when reuse strategy is used. (From OE-Core rev: 121c609e91dd7eb72670513eef8c31a5f2271c89) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-numpy: upgrade 2.2.6 -> 2.3.0Wang Mingyu2025-06-161-2/+2
| | | | | | | | | License-Update: Copyright year updated to 2025 (From OE-Core rev: 2ac6a959f32214d958a7a0cf1973a9bc66839a9b) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-hypothesis: upgrade 6.132.0 -> 6.135.9Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 9e861a62b8bd86419b93b1dc697ea990d03b565a) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-dtschema: upgrade 2025.2 -> 2025.6.1Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | | | | Changelog: =========== - Fix a longstanding ordering issue with extracting type information from properties which have a reference to another property. 'mac-mode' is the one in the Linux kernel. - Fix a false positive warning about missing unevaluatedProperties/additionalProperties (From OE-Core rev: e36601ca6454ec62ad2dd0db47724e2ad4c240cd) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cython: upgrade 3.1.1 -> 3.1.2Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bugs fixed ---------- * Attribute lookups failed on the "bool" builtin type. * Type checks on or-ed union types could incorrectly return false. * Negative list indexing could accidentally wrap around twice in PyPy and the Limited API. * Iterating over literal sequences with starred (unpacked) items could infer a wrong type for the loop variable and fail to assign the values. * Calls to C functions taking exception types failed to check for a 'None' argument. * Fused functions had an incorrect "__module__" attribute. * The type of Cython implemented functions had an incorrect "__module__" attribute. * Errors while indexing into "bytearray" or "str" in "nogil" sections could crash. * "bytearray.append()" could silently accept some invalid character numbers. * The C++11 "<type_traits>" header was included regardless of the C++ version. * "PyDict_GetItemStringRef()" was accidentally used in older Limited API versions. * "abort()" was used but not always available in the Limited API. * Some dependencies were missing from the "depfile". * Embedded function signatures were not always separated from the existing docstring. * "numpy.math" was missing from "Cython/Includes/" and could not be cimported. * Some tests were adapted for NumPy 2.x. * Some C compiler warnings were fixed. * "Cython.Build" was not officially exposing the "cythonize" function. (From OE-Core rev: ad9e2ba3d7c1af3f7084427eb9ddb0822460b108) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pixman: upgrade 0.46.0 -> 0.46.2Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: d2175b47535ef684779ce9c454dca81255781420) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mpg123: upgrade 1.32.10 -> 1.33.0Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 9753a910240a5040af8f3a5ff679fcc1c3cfa6ef) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: upgrade 1.8.1 -> 1.8.2Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: b585d1cb1d655f191018a50fe3483a5228e68ad6) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-modules: upgrade 2.13.18 -> 2.13.19Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | | | | | Changelog: =========== * Fix missing override when CONFIG_COMPAT_OLD_SIGACTION is not defined * fix: writeback: 'balance_dirty_pages' Respect 'CONFIG_CGROUP_WRITEBACK' * Fix: scsi: RESERVE and RELEASE renamed in Linux v6.15-rc1 * Fix: del_timer[_sync] deleted in linux v6.15-rc1 * Fix: Use 'nonseekable_open' for proc files * Fix: trace_balance_dirty_pages in Linux v6.14.2 * fix: version constraint for building lttng-probe-9p (From OE-Core rev: 8f8b8e72ff4ea562630b428ff8ab7f163d0c7084) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsolv: upgrade 0.7.32 -> 0.7.33Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | | | | Changelog: =========== - selected bug fixes: * improve transaction ordering by allowing more uninst->uninst edges * implement color filtering when adding update targets - new features: * support orderwithrequires dependencies in susedata.xml (From OE-Core rev: 000d105135c6ae871bfa8699d9008a1f4324c7f7) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsdl2: upgrade 2.32.6 -> 2.32.8Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 69e484a295676be0dfb1037006e9748cdc937b50) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libjpeg-turbo: upgrade 3.1.0 -> 3.1.1Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | Changelog: - Hardened the libjpeg API against hypothetical calling applications that may erroneously change the value of the 'data_precision' field in 'jpeg_compress_struct' or 'jpeg_decompress_struct' after calling 'jpeg_start_compress()' or 'jpeg_start_decompress()'. (From OE-Core rev: 49a69532bc2b4a7d6ae8136123e92b10b5e657f5) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libffi: upgrade 3.4.8 -> 3.5.1Wang Mingyu2025-06-162-5/+5
| | | | | | | | | | | | License-Update: Copyright year updated to 2025 not-win32.patch refreshed for 3.5.1 (From OE-Core rev: 4c32496a8b89cb1355672d6b7159aff09c69797b) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libdrm: upgrade 2.4.124 -> 2.4.125Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 04d9c957d70d1ea8861c0b85a8df2f7952cd80f8) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* hwdata: upgrade 0.395 -> 0.396Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 7244dd4cd46ed8cd2a99b353e53937045ddf96cf) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gtk4: upgrade 4.18.5 -> 4.18.6Wang Mingyu2025-06-161-1/+1
| | | | | | | | | | | | | Bugs fixed: - Wrong behavior of GdkKeymap on macOS - cups: NULL-terminate array of choices - Fix the android build - icontheme: Load the missing image icon from the theme (From OE-Core rev: 1a31f269130429b7c690340c688c1f503f6473d3) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffoscope: upgrade 297 -> 298Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 3c8eb3db55c7bc757a0426d7682dc29dfa9c68dd) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* debianutils: upgrade 5.22 -> 5.23.1Wang Mingyu2025-06-161-1/+1
| | | | | | | (From OE-Core rev: 786bbdf0ae6e30c09040d3dbdc226e2fe5296148) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: fix CVE-2025-6021hongxu2025-06-162-0/+60
| | | | | | | | | | | | | | | | | | | | According to [1] A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. Refer debian [2], backport a fix [3] from upstream [1] https://nvd.nist.gov/vuln/detail/CVE-2025-6021 [2] https://security-tracker.debian.org/tracker/CVE-2025-6021 [3] https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0 (From OE-Core rev: e3a6bf785656243b5adc0775f7480a1eb0e4ae4c) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: support extra hashes being passed to find_licensesRoss Burton2025-06-161-3/+4
| | | | | | | | | | | | | When using the license finder the caller might know some more license hashes, for example if it is updating existing metadata. Allow the caller to pass more hashes that can be used when identifying licenses. (From OE-Core rev: 9011bc307fcdccb144b75d77b36bbc5c8d4bd96d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: rewrite license checksum loading, scan more licensesRoss Burton2025-06-161-36/+29
| | | | | | | | | | | | | Rewrite the license checksum generation and loading of CSV files to be clearer. This also expands the scan of COMMON_LICENSE_DIR to include LICENSE_PATH, which can be extended by layers to provide more license texts. (From OE-Core rev: 417240ba7a9b3985530988940a222b079b503b64) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: don't return the "crunched" license text in crunch_licenseRoss Burton2025-06-161-7/+6
| | | | | | | | | | | | | | crunch_license() will perform some basic text manipulation to try and canonicalise the license texts. It also returns the new license text but none of the callers use this, and as a slightly mangled version of the original it has no real purpose. Remove this return value and clean up the callers. (From OE-Core rev: 34603ed3b4919dcfba19ef57db11a6d3bb2704f1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: remove unused arguments in get_license_md5sumsRoss Burton2025-06-161-14/+9
| | | | | | | | | | | | | | | get_license_md5sums() has two optional arguments: - static_only: if set, don't checksum the licenses in COMMON_LICENSE_DIR - linenumbers: if set, the CSV file can contain begin/end/md5 values as used in LIC_FILES_CHKSUM. Neither of these are used and complicate the logic, so remove them. (From OE-Core rev: 148e501bd4fe65e7bed68d086ba98180a9b2483c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: consolidate hash->license mapsRoss Burton2025-06-162-59/+41
| | | | | | | | | | | | | | There are two locations where mappings of checksums to license names are: the license-hashes.csv file and a hard-coded set of assignments in the code. There's no need for two, so remove the assignments and move the hashes into the CSV file. (From OE-Core rev: a775c6cb5a2bf1f30a94ba3b88af9aa491e98b1a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: add first_only argument to find_licenses()Ross Burton2025-06-161-4/+12
| | | | | | | | | | | | It may be desired to find only the "top-level" license file instead of every potential candidate, so add a first_only argument (defaulting to False to preserve existing behaviour) to return just the first license found. (From OE-Core rev: 995936ffda02a1def1863490ec315783a7470c72) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: skip .sh files when looking for licensesRoss Burton2025-06-161-1/+1
| | | | | | | | | Shell scripts are not licenses, so skip them. (From OE-Core rev: 0ce9ad80d3b90edc1d1e690763e8f3d9f0cd523d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/license_finder: extract license finding code from recipetoolRoss Burton2025-06-162-0/+279
| | | | | | | | | | | | This code is 99% identical to the original code in recipetool/create.py, but with two minor changes: - The implicit recipetool logger is changed to an explicit logger - The CSV of license hashes is moved to meta/files/ (From OE-Core rev: b132652c6e520121c6b0e7e873b0d33ede0309b5) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* default-distrovars: set an empty default for LICENSE_PATHRoss Burton2025-06-161-0/+1
| | | | | | | | | | This variable is a list of paths that contain extra license texts. It doesn't have a default so can be unset. (From OE-Core rev: 9c8e180d8d2637307cd7deeec5b2df7dbc946221) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-selftest: fitimage: replace cleansstate with compile -fAdrian Freihofer2025-06-161-1/+1
| | | | | | | | | | | | | | | | Avoid using "cleansstate" in tests, as it can remove files from SSTATE_DIR and disrupt parallel builds on autobuilders. Use "bitbake kernel-signing-keys-native -c compile -f" to force key regeneration without affecting shared state. This issue was introduced in: oe-selftest: fitimage: cleanup FIT_GENERATE_KEYS OE-Core rev: 97e58d7c2bc1943f0696fc72984788f459f7f7c4 (From OE-Core rev: 917e2989f34fde12d3f039744fca1d5ab5b4a7a8) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: upgrade 257.5 -> 257.6Peter Marko2025-06-169-15/+14
| | | | | | | | | | | Handles CVE-2025-4598 Rebase patches (From OE-Core rev: fddfca638818e16bf4d2486f5a5e0bbaaaa0a20f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-selftest: fitimage: fix new parser compatibilityAdrian Freihofer2025-06-161-3/+3
| | | | | | | | | | Recent parser changes throw a warning if there is no space around the = operator. (From OE-Core rev: 518df809354a745deebe3c85b1390557398c8893) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-base: fix override syntaxAdrian Freihofer2025-06-161-1/+1
| | | | | | | | | Looks like one more left over from the override syntax change. (From OE-Core rev: 2c83ae62584f73a09a6201541cac27910513e554) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe: Move vardepexclude entries alongside functionsRichard Purdie2025-06-166-9/+15
| | | | | | | | | Now we have decorators that can do this, move the variable dependencies exclusions alongside the code that needs them for maintainability. (From OE-Core rev: e522169c5f95de6fc74b43672573700d8eb8e082) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* weston: upgrade 14.0.1 -> 14.0.2Gyorgy Sarvari2025-06-161-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While at it, also add libpam as a dependency to the vnc pkgconf, to avoid the following error: | Run-time dependency pam found: NO (tried pkgconfig and cmake) | | ../weston-14.0.2/libweston/meson.build:95:15: ERROR: C shared or static library 'pam' not found Changelog: - frontend: Fix crash in output resize handler - libweston: fix bitshift in weston_idalloc_get_id() - libweston: fix realloc in weston_idalloc - libweston: refactor update_lowest_free_bucket() - libweston-desktop: don't try to move child surfaces to not existing layer - libweston/input.c: Fix weston crash with the mouse event - windowed-output-api.h: Provide ARRAY_LENGH() for windowed-output-api - drm: Fix underlay test - compositor: Mark pnode accordingly when buffer type is direct - compositor: re-order paint node placeholder checks - gl-renderer: Take direct-display into consideration - shared: fix binding-modifier none - vnc: Allow neatvnc in version 0.9.0 - compositor: Prevent startup crash when hdcp mode is set on display - libweston/desktop: Avoid a potential crash on invalid resource - libweston/desktop: Don't destroy the xdg_surface (From OE-Core rev: 0ebf7dc82498e7dfabb45fd4e6f7b80375a93835) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane: Fix debug-deps checkRyan Eatmon2025-06-161-1/+1
| | | | | | | | | | | | | | | | | | | | Fixes bug: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15901 The cheeck for debug-deps is looking for the mere existence of the substring "-dbg" inside of the name of an RDEPENDS package, but it should be an endswith check. This helps with some eroneous errors in kernel module names like: ERROR: linux-xxx do_package_qa: QA Issue: kernel-modules rdepends on kernel-module-g-dbgp-6.12.22-ti [debug-deps] and ERROR: QA Issue: kernel-module-mtk-vcodec-dec-6.16.0-rc1-next-20250610-dirty rdepends on kernel-module-mtk-vcodec-dbgfs-6.16.0-rc1-next-20250610-dirty [debug-deps] (From OE-Core rev: 1b85d84c736a0fa5cb27b8716ca37f181464c85a) Signed-off-by: Ryan Eatmon <reatmon@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* net-tools: patch CVE-2025-46836Peter Marko2025-06-163-0/+124
| | | | | | | | | Backport patch for this CVE and also patch for its regression. (From OE-Core rev: 2d7662e5359b7490b3028ae2e7b002de5faa84da) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtheora: disable all 32-bit arm assemblerRoss Burton2025-06-161-0/+5
| | | | | | | | | | | | | The 32-bit Arm assembler is mostly broken. In 1.1.0 it was never used, and 1.2.0 tries to enable it and there are a number of different ways it can fail (some gcc/architecture combinations, and all clang builds). Until this is fixed upstream, simply disable assembler entirely. (From OE-Core rev: 0ee2166f9d03ab01f2ea3dd29b8e76ae168fa9aa) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-requests: upgrade 2.32.3 -> 2.32.4Jiaying Song2025-06-161-1/+1
| | | | | | | | | | Changelog: https://requests.readthedocs.io/en/latest/community/updates/#release-history (From OE-Core rev: 5d54d99fe6613062c7597fb2bbd23a641c76d8d4) Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>