diff mbox series

[v2,08/18] ref-manual/variables.rst: document the SBOM_CVE_CHECK_SHOW_WARNINGS variable

Message ID 20260424-third-release-notes-6-0-v2-8-4feacf138e13@bootlin.com
State Under Review
Headers show
Series Updates for upcoming Wrynose release (2) | expand

Commit Message

Antonin Godard April 24, 2026, 8:28 a.m. UTC 
Added by commit 5a5162406ffe ("sbom-cve-check-common: print warnings
on unpatched CVEs") in OE-Core.

Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---
 documentation/ref-manual/variables.rst | 13 +++++++++++++
 1 file changed, 13 insertions(+)
diff mbox series

Patch

diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst
index 0fcf81299..4341e27fc 100644
--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -8710,6 +8710,19 @@  system and gives an overview of their function and contents.
       -  ``both``: recipes are scanned in both their target and
          :ref:`ref-classes-native` context
 
+   :term:`SBOM_CVE_CHECK_SHOW_WARNINGS`
+      When inheriting the :ref:`ref-classes-sbom-cve-check` class, this
+      variable controls whether to show warnings when CVEs with the
+      ``Unpatched`` status are found. Example output:
+
+      .. code-block:: text
+
+         WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: glibc-2.43+git: Found unpatched CVEs: CVE-2010-4756
+
+      Set to "1" to show the warnings, "0" otherwise.
+
+      See :doc:`/security-manual/vulnerabilities` for more information.
+
    :term:`SDK_ARCH`
       The target architecture for the SDK. Typically, you do not directly
       set this variable. Instead, use :term:`SDKMACHINE`.