Skip to content
Snippets Groups Projects
Commit 41c71113 authored by Marta Rybczynska's avatar Marta Rybczynska Committed by Marta Rybczynska
Browse files

cve-check: add coverage statistics on recipes without CVEs

Until now the CVE checker was giving information about CVEs found for
a product (or more products) contained in a recipe. However, there was
no easy way to find out which products or recipes have no CVEs. Having
no reported CVEs might mean there are simply none, but can also mean
a product name (CPE) mismatch.

This patch adds CVE_CHECK_COVERAGE option enabling a new type of
statistics. A new file (*.cves_coverage) shows if a recipe has any
CVEs found in the NVD database, and if so, for which products.

This option is expected to help with an identification of recipes with
mismatched CPEs, issues in the database and more.

An example entry:
LAYER: meta
PACKAGE NAME: libsdl2-native
PACKAGE VERSION: 2.0.14
CVES FOUND IN RECIPE: Yes
    PRODUCT: simple_directmedia_layer (Yes)
    PRODUCT: sdl (No)

Upstream-Status: Submitted [openembedded-core] [1]

[1] https://lists.openembedded.org/g/openembedded-core/message/154677



Signed-off-by: default avatarMarta Rybczynska <marta.rybczynska@huawei.com>
parent 2996f259
No related branches found
No related tags found
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment