NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs/manual: document <pkg>_CPE_ID variables

Browse Source 
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
Thomas Petazzoni 2020-11-04 15:51:38 +01:00
parent 97a54c33c9
commit db24c08bea
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
docs/manual/adding-packages-generic.txt
View File

@ -502,6 +502,45 @@ LIBFOO_IGNORE_CVES += CVE-2020-12345
LIBFOO_IGNORE_CVES += CVE-2020-54321
----------------------
* +LIBFOO_CPE_ID_*+ variables is a set of variables that allows the
package to define its https://nvd.nist.gov/products/cpe[CPE
identifier]. The available variables are:
+
--
** +LIBFOO_CPE_ID_PREFIX+, specifies the prefix of the CPE identifier,
i.e the first three fields. When not defined, the default value is
+cpe:2.3:a+.
** +LIBFOO_CPE_ID_VENDOR+, specifies the vendor part of the CPE
identifier. When not defined, the default value is
+<pkgname>_project+.
** +LIBFOO_CPE_ID_PRODUCT+, specifies the product part of the CPE
identifier. When not defined, the default value is +<pkgname>+.
** +LIBFOO_CPE_ID_VERSION+, specifies the version part of the CPE
identifier. When not defined the default value is
+$(LIBFOO_VERSION)+.
** +LIBFOO_CPE_ID_VERSION_MINOR+ specifies the _update_ part of the
CPE identifier. When not defined the default value is +*+.
--
+
If any of those variables is defined, then the generic package
infrastructure assumes the package provides valid CPE information. In
this case, +LIBFOO_CPE_ID_VALID = YES+ will be set, and the generic
package infrastructure will define +LIBFOO_CPE_ID+.
+
Alternatively, a package can also explicitly set +LIBFOO_CPE_ID_VALID
= YES+ if the default values for +LIBFOO_CPE_ID_PREFIX+,
+LIBFOO_CPE_ID_VENDOR+, +LIBFOO_CPE_ID_PRODUCT+,
+LIBFOO_CPE_ID_VERSION+, +LIBFOO_CPE_ID_VERSION_MINOR+ are all correct
for this package and don't need to be explicitly overridden.
+
For a host package, if its +LIBFOO_CPE_ID_*+ variables are not
defined, it inherits the value of those variables from the
corresponding target package.
The recommended way to define these variables is to use the following
syntax: