From: Khem Raj Date: Thu, 21 May 2020 15:18:47 +0000 (-0700) Subject: cve-check: Run it after do_fetch X-Git-Tag: 2020-04.1-dunfell~30 X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=dbf143d79476e54e8da93101fc16eaedeec88362;p=openembedded-core.git cve-check: Run it after do_fetch Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in metadata, this could fail cve_check ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001 This patch ensures that download is done before running CVE scan, even though these will be external patches and may not contain CVE tags as it expects, but it will fix the run failures as seen above Signed-off-by: Khem Raj Signed-off-by: Richard Purdie (cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2) Signed-off-by: Steve Sakoman --- diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 2a530a0489..556ac6e67f 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -65,7 +65,7 @@ python do_cve_check () { } -addtask cve_check before do_build +addtask cve_check before do_build after do_fetch do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db" do_cve_check[nostamp] = "1"