From: "Joshua Watt" <JPEWhacker@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: ross.burton@arm.com, saul.wold@windriver.com,
Joshua Watt <JPEWhacker@gmail.com>
Subject: [OE-core][PATCH 00/31] Add initial SBoM support
Date: Wed, 1 Sep 2021 08:44:39 -0500 [thread overview]
Message-ID: <20210901134510.29561-1-JPEWhacker@gmail.com> (raw)
Adds initial support for generating SBoMs in SPDX json format. SBoM
generation can be enabled by adding:
INHERIT += "create-spdx"
to local.conf
Joshua Watt (30):
classes/package: Add extended packaged data
classes/create-spdx: Add class
classes/create-spdx: Change creator
classes/create-spdx: Add SHA1 to index file
classes/create-spdx: Add index to DEPLOYDIR
classes/create-spdx: Add runtime dependency mapping
classes/create-spdx: Add NOASSERTION for unknown debug sources
classes/create-spdx: Fix another creator
Add SPDX licenses
classes/create-spdx: Fix up license reporting
classes/create-spdx: Speed up hash calculations
classes/create-spdx: Fix file:// in downloadLocation
classes/create-spdx: Add special exception for Public Domain license
classes/create-spdx: Collect all task dependencies
classes/create-spdx: Skip package processing for native recipes
classes/create-spdx: Comment out placeholder license warning
conf/licenses: Add FreeType SPDX mapping
tzdata: Remove BSD License specifier
glib-2.0: Use specific BSD license variant
e2fsprogs: Use specific BSD license variant
shadow: Use specific BSD license variant
sudo: Use specific BSD license variant
libcap: Use specific BSD license variant
libpam: Use specific BSD license variant
libxfont2: Use specific BSD license variant
libjitterentropy: Use specific BSD license variant
libx11: Use specific BSD license variant
font-util: Use specific BSD license variant
flac: Use specific BSD license variant
swig: Use specific BSD license variant
Saul Wold (1):
classes/create-spdx: extend DocumentRef to include name
meta/classes/create-spdx.bbclass | 901 +++
meta/classes/package.bbclass | 39 +-
meta/conf/licenses.conf | 1 +
meta/files/spdx-licenses.json | 5938 +++++++++++++++++
meta/lib/oe/packagedata.py | 12 +
meta/lib/oe/sbom.py | 74 +
meta/lib/oe/spdx.py | 271 +
meta/recipes-core/glib-2.0/glib.inc | 2 +-
meta/recipes-devtools/e2fsprogs/e2fsprogs.inc | 2 +-
meta/recipes-devtools/swig/swig.inc | 2 +-
meta/recipes-extended/pam/libpam_1.5.1.bb | 2 +-
meta/recipes-extended/shadow/shadow.inc | 2 +-
meta/recipes-extended/sudo/sudo.inc | 2 +-
meta/recipes-extended/timezone/timezone.inc | 2 +-
.../xorg-font/font-util_1.3.2.bb | 2 +-
.../recipes-graphics/xorg-lib/libx11_1.7.2.bb | 2 +-
.../xorg-lib/libxfont2_2.0.5.bb | 2 +-
meta/recipes-multimedia/flac/flac_1.3.3.bb | 2 +-
meta/recipes-support/libcap/libcap_2.51.bb | 2 +-
.../libjitterentropy_3.1.0.bb | 2 +-
20 files changed, 7246 insertions(+), 16 deletions(-)
create mode 100644 meta/classes/create-spdx.bbclass
create mode 100644 meta/files/spdx-licenses.json
create mode 100644 meta/lib/oe/sbom.py
create mode 100644 meta/lib/oe/spdx.py
--
2.32.0
next reply other threads:[~2021-09-01 13:45 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-01 13:44 Joshua Watt [this message]
2021-09-01 13:44 ` [OE-core][PATCH 01/31] classes/package: Add extended packaged data Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 02/31] classes/create-spdx: Add class Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 03/31] classes/create-spdx: Change creator Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 04/31] classes/create-spdx: Add SHA1 to index file Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 05/31] classes/create-spdx: Add index to DEPLOYDIR Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 06/31] classes/create-spdx: Add runtime dependency mapping Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 07/31] classes/create-spdx: Add NOASSERTION for unknown debug sources Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 08/31] classes/create-spdx: Fix another creator Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 09/31] classes/create-spdx: extend DocumentRef to include name Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 10/31] Add SPDX licenses Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 11/31] classes/create-spdx: Fix up license reporting Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 12/31] classes/create-spdx: Speed up hash calculations Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 13/31] classes/create-spdx: Fix file:// in downloadLocation Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 14/31] classes/create-spdx: Add special exception for Public Domain license Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 15/31] classes/create-spdx: Collect all task dependencies Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 16/31] classes/create-spdx: Skip package processing for native recipes Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 17/31] classes/create-spdx: Comment out placeholder license warning Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 18/31] conf/licenses: Add FreeType SPDX mapping Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 19/31] tzdata: Remove BSD License specifier Joshua Watt
2021-09-01 23:00 ` Denys Dmytriyenko
2021-09-02 6:52 ` Richard Purdie
2021-09-01 13:44 ` [OE-core][PATCH 20/31] glib-2.0: Use specific BSD license variant Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 21/31] e2fsprogs: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 22/31] shadow: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 23/31] sudo: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 24/31] libcap: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 25/31] libpam: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 26/31] libxfont2: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 27/31] libjitterentropy: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 28/31] libx11: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 29/31] font-util: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 30/31] flac: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 31/31] swig: " Joshua Watt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210901134510.29561-1-JPEWhacker@gmail.com \
--to=jpewhacker@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=ross.burton@arm.com \
--cc=saul.wold@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.