From 5d32fd15c203a7efedd8619e87ad66ac96000091 Mon Sep 17 00:00:00 2001
From: Antonin Godard <antonin.godard@bootlin.com>
Date: Tue, 29 Jul 2025 11:56:47 +0200
Subject: [PATCH] ref-manual/variables.rst: document
 CVE_CHECK_VEX_JUSTIFICATION

Added by commit c0fa3d92cefa ("spdx30: Allow VEX Justification to be
configurable") in OE-Core.

(From yocto-docs rev: cee3eb30cc736d990f2232ede0bc6d9686a63713)

Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 documentation/ref-manual/variables.rst | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst
index d918446db2..3369bf67f7 100644
--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -2054,6 +2054,13 @@ system and gives an overview of their function and contents.
 
          CVE_CHECK_STATUSMAP[cpe-incorrect] = "Ignored"
 
+   :term:`CVE_CHECK_VEX_JUSTIFICATION`
+      Mapping variable for :term:`CVE_STATUS` reasons
+      (for example ``not-applicable-platform``) to :ref:`ref-classes-vex`
+      justifications. Should be set as follows::
+
+         CVE_CHECK_VEX_JUSTIFICATION[not-applicable-config] = "vulnerableCodeNotPresent"
+
    :term:`CVE_VERSION`
       In a recipe, defines the version used to match the recipe version
       against the version in the `NIST CVE database <https://nvd.nist.gov/>`__