On Tue, Dec 10, 2024 at 1:33 PM Marko, Peter <[email protected]>
wrote:
> This should probably be made configurable so we can switch to a source
> which is reliable/available/up-to-date at time of build.
>
> Maybe something like
> CVE_CHECK_DB_FETCHER ?= "cve-update-db-native2"
> CVE_CHECK_DB_FILENAME ?= "${@'nvdcve_2-2.db' if
> d.getVar('CVE_CHECK_DB_FETCHER') == 'cve-update-nvd2-native' else
> 'nvdcve_1-3.db'}"
> do_cve_check[depends] = "${CVE_CHECK_DB_FETCHER}:do_unpack"
>
>
You're right here. There will be an additional variable in the next version
of the patch adding yet another source, so that you can choose from three
of them.
Kind regards,
Marta
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#208531):
https://lists.openembedded.org/g/openembedded-core/message/208531
Mute This Topic: https://lists.openembedded.org/mt/110023796/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
