This class has been deleted now, so remove the references to it and the file that it writes.
This is effectively a no-op change, as the recommended way to run sbom-cve-check is with SPDX_INCLUDE_VEX="all", which includes all of the data in the SPDX that the vex class would have generated. Signed-off-by: Ross Burton <[email protected]> --- meta/classes-recipe/sbom-cve-check.bbclass | 7 ------- 1 file changed, 7 deletions(-) diff --git a/meta/classes-recipe/sbom-cve-check.bbclass b/meta/classes-recipe/sbom-cve-check.bbclass index a5dc262c6aa..2a8429d0b1c 100644 --- a/meta/classes-recipe/sbom-cve-check.bbclass +++ b/meta/classes-recipe/sbom-cve-check.bbclass @@ -48,7 +48,6 @@ python do_sbom_cve_check() { bb.fatal("Cannot execute sbom-cve-check missing create-spdx-3.0 inherit.") sbom_path = d.expand("${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.spdx.json") - vex_manifest_path = d.expand("${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.vex.json") dl_db_dir = d.getVar("SBOM_CVE_CHECK_DEPLOY_DB_DIR") deploy_dir = d.getVar("SBOM_CVE_CHECK_DEPLOYDIR") img_link_name = d.getVar("IMAGE_LINK_NAME") @@ -72,12 +71,6 @@ python do_sbom_cve_check() { "--disable-auto-updates" ] - # Assume that SPDX_INCLUDE_VEX is set globally to "all", and not only for the - # image recipe, which is very unlikely. This is not an issue to include the - # VEX manifest even if not needed. - if bb.data.inherits_class("vex", d) and d.getVar("SPDX_INCLUDE_VEX") != "all": - cmd_args.extend(["--yocto-vex-manifest", vex_manifest_path]) - for export_file in export_files: cmd_args.extend( ["--export-type", export_file[0], "--export-path", export_file[1]] -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#234286): https://lists.openembedded.org/g/openembedded-core/message/234286 Mute This Topic: https://lists.openembedded.org/mt/118596050/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
