diff options
| author |   Marta Rybczynska <rybczynska@gmail.com> | 2022-03-29 14:54:31 +0200 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-03-30 13:07:38 +0100 |
| commit | df567de36ae5964bee433ebb97e8bf702034994a (patch) | |
| tree | 973bcddc853b4f8ac6e55120677228556e0507a1 /meta/lib | |
| parent | 6dd0012846c22478c96655216a8bce44147956f8 (diff) | |
| download | openembedded-core-contrib-df567de36ae5964bee433ebb97e8bf702034994a.tar.gz | |
cve-check: add json format
Add an option to output the CVE check in a JSON-based format.
This format is easier to parse in software than the original
text-based one and allows post-processing by other tools.
Output formats are now handed by CVE_CHECK_FORMAT_TEXT and
CVE_CHECK_FORMAT_JSON. Both of them are enabled by default.
The JSON output format gets generated in a similar way to the
text format with the exception of the manifest: appending to
JSON arrays requires parsing the file. Because of that we
first write JSON fragments and then assemble them in one pass
at the end.
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Diffstat (limited to 'meta/lib')
| -rw-r--r-- | meta/lib/oe/cve_check.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index 0302beeb4a..e445b7a6ae 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py @@ -146,3 +146,19 @@ def get_cpe_ids(cve_product, version): cpe_ids.append(cpe_id) return cpe_ids + +def cve_check_merge_jsons(output, data): + """ + Merge the data in the "package" property to the main data file + output + """ + if output["version"] != data["version"]: + bb.error("Version mismatch when merging JSON outputs") + return + + for product in output["package"]: + if product["name"] == data["package"][0]["name"]: + bb.error("Error adding the same package twice") + return + + output["package"].append(data["package"][0]) |