mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-11 04:19:50 +00:00
Code Issues Projects Releases Wiki Activity

cve-update-db-native: don't refresh more than once an hour

Browse Source 
We already fetch the yearly CVE metadata and check that for updates before
downloading the full data, but we can speed up CVE checking further by only
checking the CVE metadata once an hour.

(From OE-Core rev: 50d898fd360c58fe85460517d965f62b7654771a)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
2019-11-07 23:58:30 +00:00
committed by Richard Purdie
parent dbc090ef68
commit 96c15d3426
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-core/meta/cve-update-db-native.bb
+9 -1
View File
@@ -31,8 +31,16 @@ python do_populate_cve_db() {
db_dir = os.path.join(d.getVar("DL_DIR"), 'CVE_CHECK')
db_file = os.path.join(db_dir, 'nvdcve_1.0.db')
json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')
proxy = d.getVar("https_proxy")
# Don't refresh the database more than once an hour
try:
import time
if time.time() - os.path.getmtime(db_file) < (60*60):
return
except OSError:
pass
proxy = d.getVar("https_proxy")
if proxy:
# instantiate an opener but do not install it as the global
# opener unless if we're really sure it's applicable for all