| Message ID | 20231031224733.367227-4-louis.rannou@syslinbit.com |
|---|---|
| State | New |
| Headers | show |
| Series | SPDX3 Proof-of-Concept | expand |
On Tue, 2023-10-31 at 23:47 +0100, Louis Rannou wrote: > This changes the prototype of write_doc as the SPDX3 documentation does not > specify yet which is the root element. > > Signed-off-by: Louis Rannou <louis.rannou@syslinbit.com> > Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> > Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com> > --- > meta/classes/create-spdx.bbclass | 2 +- > meta/lib/oe/sbom.py | 6 ++++-- > 2 files changed, 5 insertions(+), 3 deletions(-) I was looking through the patches and a couple of things jumped out below. > > diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass > index 19c6c0ff0b..b604973ae0 100644 > --- a/meta/classes/create-spdx.bbclass > +++ b/meta/classes/create-spdx.bbclass > @@ -5,4 +5,4 @@ > # > # Include this class when you don't care what version of SPDX you get; it will > # be updated to the latest stable version that is supported > -inherit create-spdx-2.2 > +inherit create-spdx-3.0 This change probably doesn't belong in this commit but a separate one? > diff --git a/meta/lib/oe/sbom.py b/meta/lib/oe/sbom.py > index 824839378a..ec543fa43d 100644 > --- a/meta/lib/oe/sbom.py > +++ b/meta/lib/oe/sbom.py > @@ -68,7 +68,9 @@ def doc_path(spdx_deploy, doc_name, arch, subdir): > return spdx_deploy / arch / subdir / (doc_name + ".spdx.json") > > > -def write_doc(d, spdx_doc, arch, subdir, spdx_deploy=None, indent=None): > +# WARNING: This is for SPDX3. As long as we don't know which is the root > +# element, this suggest a virtual graph as top of the tree > +def write_doc(d, spdx_graph, spdx_doc, arch, subdir, spdx_deploy=None, indent=None): > from pathlib import Path > > if spdx_deploy is None: > @@ -77,7 +79,7 @@ def write_doc(d, spdx_doc, arch, subdir, spdx_deploy=None, indent=None): > dest = doc_path(spdx_deploy, spdx_doc.name, arch, subdir) > dest.parent.mkdir(exist_ok=True, parents=True) > with dest.open("wb") as f: > - doc_sha1 = spdx_doc.to_json(f, sort_keys=False, indent=indent) > + doc_sha1 = spdx_graph.to_json(f, sort_keys=False, indent=indent) > > l = _doc_path_by_namespace(spdx_deploy, arch, spdx_doc.documentNamespace) > l.parent.mkdir(exist_ok=True, parents=True) Shouldn't this patch also change users of write_doc in spdx 2.2? Cheers, Richard
diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index 19c6c0ff0b..b604973ae0 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -5,4 +5,4 @@ # # Include this class when you don't care what version of SPDX you get; it will # be updated to the latest stable version that is supported -inherit create-spdx-2.2 +inherit create-spdx-3.0 diff --git a/meta/lib/oe/sbom.py b/meta/lib/oe/sbom.py index 824839378a..ec543fa43d 100644 --- a/meta/lib/oe/sbom.py +++ b/meta/lib/oe/sbom.py @@ -68,7 +68,9 @@ def doc_path(spdx_deploy, doc_name, arch, subdir): return spdx_deploy / arch / subdir / (doc_name + ".spdx.json") -def write_doc(d, spdx_doc, arch, subdir, spdx_deploy=None, indent=None): +# WARNING: This is for SPDX3. As long as we don't know which is the root +# element, this suggest a virtual graph as top of the tree +def write_doc(d, spdx_graph, spdx_doc, arch, subdir, spdx_deploy=None, indent=None): from pathlib import Path if spdx_deploy is None: @@ -77,7 +79,7 @@ def write_doc(d, spdx_doc, arch, subdir, spdx_deploy=None, indent=None): dest = doc_path(spdx_deploy, spdx_doc.name, arch, subdir) dest.parent.mkdir(exist_ok=True, parents=True) with dest.open("wb") as f: - doc_sha1 = spdx_doc.to_json(f, sort_keys=False, indent=indent) + doc_sha1 = spdx_graph.to_json(f, sort_keys=False, indent=indent) l = _doc_path_by_namespace(spdx_deploy, arch, spdx_doc.documentNamespace) l.parent.mkdir(exist_ok=True, parents=True)