@@ -13,6 +13,9 @@ deltask do_install
deltask do_populate_sysroot
NVDCVE_URL ?= "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-"
+# CVE database update interval, in seconds. By default: once a day (24*60*60).
+# Use 0 to force the update
+CVE_DB_UPDATE_INTERVAL ?= "86400"
python () {
if not bb.data.inherits_class("cve-check", d):
@@ -44,11 +47,16 @@ python do_fetch() {
os.remove(db_file)
# The NVD database changes once a day, so no need to update more frequently
+ # Allow the user to force-update
try:
import time
- if time.time() - os.path.getmtime(db_file) < (24*60*60):
+ update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL"))
+ if (update_interval < 0):
+ update_interval = 0
+ if time.time() - os.path.getmtime(db_file) < update_interval:
bb.debug(2, "Recently updated, skipping")
return
+
except OSError:
pass
Add a new variable CVE_DB_UPDATE_INTERVAL allowing the user to set the database update interval. - a positive value sets an interval (in seconds) - a zero ("0") forces the database update Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> --- Changes from v1: - allow to set the interval, not only force the update --- meta/recipes-core/meta/cve-update-db-native.bb | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)