diff mbox series

[kirkstone,23/31] pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE

Message ID 80a1de36bc86a864d52292ef9770b77480f3c67b.1652811454.git.steve@sakoman.com
State Accepted, archived
Commit 80a1de36bc86a864d52292ef9770b77480f3c67b
Headers show
Series [kirkstone,01/31] freetype: backport patch for CVE-2022-27404 | expand

Commit Message

Steve Sakoman May 17, 2022, 6:24 p.m. UTC 
From: Alex Kiernan <alex.kiernan@gmail.com>

The CVE product name for PyPI packages is (usually) the same as the PyPI
package name (and not our recipe name), so use that as the default.

Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 61f6b0ad09bf87cdc2d3f08770b7c44cad1d0e58)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/pypi.bbclass | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/classes/pypi.bbclass b/meta/classes/pypi.bbclass
index 9405d58601..5fa7b8a6ae 100644
--- a/meta/classes/pypi.bbclass
+++ b/meta/classes/pypi.bbclass
@@ -24,3 +24,5 @@  S = "${WORKDIR}/${PYPI_PACKAGE}-${PV}"
 
 UPSTREAM_CHECK_URI ?= "https://pypi.org/project/${PYPI_PACKAGE}/"
 UPSTREAM_CHECK_REGEX ?= "/${PYPI_PACKAGE}/(?P<pver>(\d+[\.\-_]*)+)/"
+
+CVE_PRODUCT ?= "python:${PYPI_PACKAGE}"