All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Joshua Watt" <JPEWhacker@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: ross.burton@arm.com, saul.wold@windriver.com,
	Joshua Watt <JPEWhacker@gmail.com>
Subject: [OE-core][PATCH 00/31] Add initial SBoM support
Date: Wed,  1 Sep 2021 08:44:39 -0500	[thread overview]
Message-ID: <20210901134510.29561-1-JPEWhacker@gmail.com> (raw)

Adds initial support for generating SBoMs in SPDX json format. SBoM
generation can be enabled by adding:

  INHERIT += "create-spdx"

to local.conf

Joshua Watt (30):
  classes/package: Add extended packaged data
  classes/create-spdx: Add class
  classes/create-spdx: Change creator
  classes/create-spdx: Add SHA1 to index file
  classes/create-spdx: Add index to DEPLOYDIR
  classes/create-spdx: Add runtime dependency mapping
  classes/create-spdx: Add NOASSERTION for unknown debug sources
  classes/create-spdx: Fix another creator
  Add SPDX licenses
  classes/create-spdx: Fix up license reporting
  classes/create-spdx: Speed up hash calculations
  classes/create-spdx: Fix file:// in downloadLocation
  classes/create-spdx: Add special exception for Public Domain license
  classes/create-spdx: Collect all task dependencies
  classes/create-spdx: Skip package processing for native recipes
  classes/create-spdx: Comment out placeholder license warning
  conf/licenses: Add FreeType SPDX mapping
  tzdata: Remove BSD License specifier
  glib-2.0: Use specific BSD license variant
  e2fsprogs: Use specific BSD license variant
  shadow: Use specific BSD license variant
  sudo: Use specific BSD license variant
  libcap: Use specific BSD license variant
  libpam: Use specific BSD license variant
  libxfont2: Use specific BSD license variant
  libjitterentropy: Use specific BSD license variant
  libx11: Use specific BSD license variant
  font-util: Use specific BSD license variant
  flac: Use specific BSD license variant
  swig: Use specific BSD license variant

Saul Wold (1):
  classes/create-spdx: extend DocumentRef to include name

 meta/classes/create-spdx.bbclass              |  901 +++
 meta/classes/package.bbclass                  |   39 +-
 meta/conf/licenses.conf                       |    1 +
 meta/files/spdx-licenses.json                 | 5938 +++++++++++++++++
 meta/lib/oe/packagedata.py                    |   12 +
 meta/lib/oe/sbom.py                           |   74 +
 meta/lib/oe/spdx.py                           |  271 +
 meta/recipes-core/glib-2.0/glib.inc           |    2 +-
 meta/recipes-devtools/e2fsprogs/e2fsprogs.inc |    2 +-
 meta/recipes-devtools/swig/swig.inc           |    2 +-
 meta/recipes-extended/pam/libpam_1.5.1.bb     |    2 +-
 meta/recipes-extended/shadow/shadow.inc       |    2 +-
 meta/recipes-extended/sudo/sudo.inc           |    2 +-
 meta/recipes-extended/timezone/timezone.inc   |    2 +-
 .../xorg-font/font-util_1.3.2.bb              |    2 +-
 .../recipes-graphics/xorg-lib/libx11_1.7.2.bb |    2 +-
 .../xorg-lib/libxfont2_2.0.5.bb               |    2 +-
 meta/recipes-multimedia/flac/flac_1.3.3.bb    |    2 +-
 meta/recipes-support/libcap/libcap_2.51.bb    |    2 +-
 .../libjitterentropy_3.1.0.bb                 |    2 +-
 20 files changed, 7246 insertions(+), 16 deletions(-)
 create mode 100644 meta/classes/create-spdx.bbclass
 create mode 100644 meta/files/spdx-licenses.json
 create mode 100644 meta/lib/oe/sbom.py
 create mode 100644 meta/lib/oe/spdx.py

-- 
2.32.0


             reply	other threads:[~2021-09-01 13:45 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-01 13:44 Joshua Watt [this message]
2021-09-01 13:44 ` [OE-core][PATCH 01/31] classes/package: Add extended packaged data Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 02/31] classes/create-spdx: Add class Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 03/31] classes/create-spdx: Change creator Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 04/31] classes/create-spdx: Add SHA1 to index file Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 05/31] classes/create-spdx: Add index to DEPLOYDIR Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 06/31] classes/create-spdx: Add runtime dependency mapping Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 07/31] classes/create-spdx: Add NOASSERTION for unknown debug sources Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 08/31] classes/create-spdx: Fix another creator Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 09/31] classes/create-spdx: extend DocumentRef to include name Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 10/31] Add SPDX licenses Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 11/31] classes/create-spdx: Fix up license reporting Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 12/31] classes/create-spdx: Speed up hash calculations Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 13/31] classes/create-spdx: Fix file:// in downloadLocation Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 14/31] classes/create-spdx: Add special exception for Public Domain license Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 15/31] classes/create-spdx: Collect all task dependencies Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 16/31] classes/create-spdx: Skip package processing for native recipes Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 17/31] classes/create-spdx: Comment out placeholder license warning Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 18/31] conf/licenses: Add FreeType SPDX mapping Joshua Watt
2021-09-01 13:44 ` [OE-core][PATCH 19/31] tzdata: Remove BSD License specifier Joshua Watt
2021-09-01 23:00   ` Denys Dmytriyenko
2021-09-02  6:52     ` Richard Purdie
2021-09-01 13:44 ` [OE-core][PATCH 20/31] glib-2.0: Use specific BSD license variant Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 21/31] e2fsprogs: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 22/31] shadow: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 23/31] sudo: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 24/31] libcap: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 25/31] libpam: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 26/31] libxfont2: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 27/31] libjitterentropy: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 28/31] libx11: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 29/31] font-util: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 30/31] flac: " Joshua Watt
2021-09-01 13:45 ` [OE-core][PATCH 31/31] swig: " Joshua Watt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210901134510.29561-1-JPEWhacker@gmail.com \
    --to=jpewhacker@gmail.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=ross.burton@arm.com \
    --cc=saul.wold@windriver.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.