From patchwork Sun Jul 12 06:31:29 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: auh@yoctoproject.org X-Patchwork-Id: 92302 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B62CAC43458 for ; Sun, 12 Jul 2026 06:31:39 +0000 (UTC) Received: from a27-193.smtp-out.us-west-2.amazonses.com (a27-193.smtp-out.us-west-2.amazonses.com [54.240.27.193]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.9633.1783837890566120880 for ; Sat, 11 Jul 2026 23:31:30 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@yoctoproject.org header.s=lvjh2tk576v2ro5mi6k4dt3mc6wpqbky header.b=q62vMmKt; dkim=pass header.i=@amazonses.com header.s=hsbnp7p3ensaochzwyq5wwmceodymuwv header.b=sbSNMOq+; spf=pass (domain: us-west-2.amazonses.com, ip: 54.240.27.193, mailfrom: 0101019f550613ce-d48e07f5-358f-4c77-92f7-69b88a4e0489-000000@us-west-2.amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=lvjh2tk576v2ro5mi6k4dt3mc6wpqbky; d=yoctoproject.org; t=1783837889; h=Content-Type:MIME-Version:From:To:Cc:Subject:Message-Id:Date; bh=q0SLwlKVPWZbptnksap4Z/3ixTRnsbxF3PtsXCy0Lzs=; b=q62vMmKtzgpH7N24JlHwwU9Eur6ABawqcDLnGuZ14ruuTWyFGxGMwH/jN6OD8lJi KhKuDTZI6OTCF3h92lmhwNXGEARkG2NmctZZvnlvcO0RQJskc66Sv0KXEnYEvJ9IEix TIINJzWARar0j+/PcvDIYUqnaGpMDS2lJtXTvLJY= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=hsbnp7p3ensaochzwyq5wwmceodymuwv; d=amazonses.com; t=1783837889; h=Content-Type:MIME-Version:From:To:Cc:Subject:Message-Id:Date:Feedback-ID; bh=q0SLwlKVPWZbptnksap4Z/3ixTRnsbxF3PtsXCy0Lzs=; b=sbSNMOq+z4nGjYy+K8zy30Fx/ZaJzQsprt7wa0YK6tPnJ/PiyHwh4Ul15aYNM8R1 DfhqpESN++Mo1+ZBQoqTLpz549AVr8hU80VdTGjqiIdXcm5Ah/+yPeDuqGPEmXNYClS a2YNqveMVdOXl26ftG0uWmyWCvJ3pfkHIOgeNZyI= MIME-Version: 1.0 From: auh@yoctoproject.org To: Benjamin Robin , Benjamin Robin Cc: openembedded-core@lists.openembedded.org Subject: [AUH] sbom-cve-check-update-nvd-native,sbom-cve-check-update-cvelist-native: upgrading to 2026.07.12-000007,2026-07-12 SUCCEEDED Message-ID: <0101019f550613ce-d48e07f5-358f-4c77-92f7-69b88a4e0489-000000@us-west-2.amazonses.com> Date: Sun, 12 Jul 2026 06:31:29 +0000 Feedback-ID: ::1.us-west-2.9np3MYPs3fEaOBysGKSlUD4KtcmPijcmS9Az2Hwf7iQ=:AmazonSES X-SES-Outgoing: 2026.07.12-54.240.27.193 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sun, 12 Jul 2026 06:31:39 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/240752 Hello, this email is a notification from the Auto Upgrade Helper that the automatic attempt to upgrade the recipe(s) *sbom-cve-check-update-nvd-native,sbom-cve-check-update-cvelist-native* to *2026.07.12-000007,2026-07-12* has Succeeded. Next steps: - apply the patch: git am 0001-sbom-cve-check-update-nvd-native-sbom-cve-check-upda.patch - check the changes to upstream patches and summarize them in the commit message, - compile an image that contains the package - perform some basic sanity tests - amend the patch and sign it off: git commit -s --reset-author --amend - send it to the appropriate mailing list Alternatively, if you believe the recipe should not be upgraded at this time, you can fill RECIPE_NO_UPDATE_REASON in respective recipe file so that automatic upgrades would no longer be attempted. Please review the attached files for further information and build/update failures. Any problem please file a bug at https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Automated%20Update%20Handler Regards, The Upgrade Helper -- >8 -- From fa1dd6a7e787b3a2136e0a047a3e45903052131a Mon Sep 17 00:00:00 2001 From: Upgrade Helper Date: Sun, 12 Jul 2026 05:20:32 +0000 Subject: [PATCH] sbom-cve-check-update-nvd-native,sbom-cve-check-update-cvelist-native: upgrade 2026.06.24-000003 -> 2026.07.12-000007,2026-06-24 -> 2026-07-12 --- ...24.bb => sbom-cve-check-update-cvelist-native_2026-07-12.bb} | 2 +- ...bb => sbom-cve-check-update-nvd-native_2026.07.12-000007.bb} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-devtools/sbom-cve-check/{sbom-cve-check-update-cvelist-native_2026-06-24.bb => sbom-cve-check-update-cvelist-native_2026-07-12.bb} (89%) rename meta/recipes-devtools/sbom-cve-check/{sbom-cve-check-update-nvd-native_2026.06.24-000003.bb => sbom-cve-check-update-nvd-native_2026.07.12-000007.bb} (89%) diff --git a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-06-24.bb b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-07-12.bb similarity index 89% rename from meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-06-24.bb rename to meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-07-12.bb index ca192bc9cf..7efaf6e490 100644 --- a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-06-24.bb +++ b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-cvelist-native_2026-07-12.bb @@ -6,7 +6,7 @@ HOMEPAGE = "https://github.com/CVEProject/cvelistV5" SRC_URI = "git://github.com/CVEProject/cvelistV5.git;branch=main;protocol=https;destsuffix=" SBOM_CVE_CHECK_DB_NAME = "cvelist" -SRCREV = "966bddf787997b471325e065cae82702a60c64ff" +SRCREV = "69911b32ff8b0e45ff9c5e6a4f55ee5ab458339a" UPSTREAM_CHECK_GITTAGREGEX = "(?P.+)_baseline" require sbom-cve-check-update-db.inc diff --git a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.06.24-000003.bb b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.07.12-000007.bb similarity index 89% rename from meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.06.24-000003.bb rename to meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.07.12-000007.bb index 73d9e77692..54f3b18445 100644 --- a/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.06.24-000003.bb +++ b/meta/recipes-devtools/sbom-cve-check/sbom-cve-check-update-nvd-native_2026.07.12-000007.bb @@ -6,7 +6,7 @@ HOMEPAGE = "https://github.com/fkie-cad/nvd-json-data-feeds" SRC_URI = "git://github.com/fkie-cad/nvd-json-data-feeds.git;branch=main;protocol=https;destsuffix=" SBOM_CVE_CHECK_DB_NAME = "nvd-fkie" -SRCREV = "11e62eba27133a54836b7a081d05ff96f72d879b" +SRCREV = "b17f7478aaeea80d61e5933e077802908fa51fea" UPSTREAM_CHECK_GITTAGREGEX = "v(?P.+)" require sbom-cve-check-update-db.inc