Message ID | 20200724154356.2607639-4-gregory.clement@bootlin.com |
---|---|
State | Accepted |
Headers | show |
Series | Improving CVE reporting | expand |
On Fri, 24 Jul 2020 17:43:51 +0200 Gregory CLEMENT <gregory.clement@bootlin.com> wrote: > Add the list of the CVEs to ignore for each package because they > already have a fix for it. > > This information will be useful for a cve-checker. > > Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> Hello, I have applied to next, after tweaking a bit the code. > --- > package/pkg-utils.mk | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/package/pkg-utils.mk b/package/pkg-utils.mk > index d88a14ab0f..21b415cbf3 100644 > --- a/package/pkg-utils.mk > +++ b/package/pkg-utils.mk > @@ -117,7 +117,10 @@ define _json-info-pkg > $(call make-comma-list,$(sort $($(1)_FINAL_ALL_DEPENDENCIES))) > ], > "reverse_dependencies": [ > - $(call make-comma-list,$(sort $($(1)_RDEPENDENCIES))) > + $(call make-comma-list,$(sort $($(1)_RDEPENDENCIES))), Adding the final comma on this line was not needed. > + ], > + "ignore_cves": [ > + $(call make-comma-list,$(sort $($(1)_IGNORE_CVES))) > ] I changed to only emit the ignore_cves property if there are ignored CVEs, like this: + $(if $($(1)_IGNORE_CVES), + $(comma) "ignore_cves": [ + $(call make-comma-list,$(sort $($(1)_IGNORE_CVES))) + ] + ) Do not hesitate to check if it still works for you. It does for me :-) Thanks, Thomas
diff --git a/package/pkg-utils.mk b/package/pkg-utils.mk index d88a14ab0f..21b415cbf3 100644 --- a/package/pkg-utils.mk +++ b/package/pkg-utils.mk @@ -117,7 +117,10 @@ define _json-info-pkg $(call make-comma-list,$(sort $($(1)_FINAL_ALL_DEPENDENCIES))) ], "reverse_dependencies": [ - $(call make-comma-list,$(sort $($(1)_RDEPENDENCIES))) + $(call make-comma-list,$(sort $($(1)_RDEPENDENCIES))), + ], + "ignore_cves": [ + $(call make-comma-list,$(sort $($(1)_IGNORE_CVES))) ] endef
Add the list of the CVEs to ignore for each package because they already have a fix for it. This information will be useful for a cve-checker. Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> --- package/pkg-utils.mk | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)