mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-08 17:19:20 +00:00
Code Issues Projects Releases Wiki Activity

ref-manual: classes: add cve status check for oe.qa

Browse Source 
With a new check was added for oe.qa for CVE_STATUS via commit
3c5b7605acd9cd68b ("cve-check: Log if CVE_STATUS set but not
reported for component")
in poky. Add related documentation here.

(From yocto-docs rev: 04e1ff01e1b43daa0e5832904a82f95d0cfab678)

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Simone Weiß
2024-02-24 17:22:14 +00:00
committed by Richard Purdie
parent c60038b721
commit aaa609ac2b
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/ref-manual/classes.rst
+5
View File
@@ -1297,6 +1297,11 @@ The tests you can list with the :term:`WARN_QA` and
paths to locations on the build host were used. Using such paths paths to locations on the build host were used. Using such paths
might result in host contamination of the build output. might result in host contamination of the build output.
- ``cve_status_not_in_db:`` Checks for each component if CVEs that are ignored
via :term:`CVE_STATUS`, that those are (still) reported for this component
in the NIST database. If not, a warning is printed. This check is disabled
by default.
- ``debug-deps:`` Checks that all packages except ``-dbg`` packages - ``debug-deps:`` Checks that all packages except ``-dbg`` packages
do not depend on ``-dbg`` packages, which would cause a packaging do not depend on ``-dbg`` packages, which would cause a packaging
bug. bug.