diff mbox series

[2/3] sbom30.py: use file-license-relationship as spdxid_name of hasDeclaredLicense relationship

Message ID 20241110030741.4108407-2-hongxu.jia@windriver.com
State New
Headers show
Series [1/3] sbom30.py: reduce redundant spdxid-hash symlinks to save inode on host | expand

Commit Message

Hongxu Jia Nov. 10, 2024, 3:07 a.m. UTC 
In order to distinguish the spdxId of hasDeclaredLicense relationship
with other relationship, use file-license-relationship as spdxid_name,
and filter it out for spdxid-hash symlink creation

While SPDX_INCLUDE_SOURCES = "1", N hasDeclaredLicense's Relationship
for N source files in one recipe will share one spdxid-hash symlink

- spdxId of hasDeclaredLicense relationship:
http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/0838759b8d71923d250a0813dda7356ffd309576115bbf8ed7e266cf4aed86a5/file-license-relationship/00395f9e72c7f872e29a4a5e6a22981e

- spdxId of other relationship:
http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/0838759b8d71923d250a0813dda7356ffd309576115bbf8ed7e266cf4aed86a5/relationship/1808c755cc8a41ddaa39d708a4de1022

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
 meta/lib/oe/sbom30.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py
index 4efeaae3a0..64b357ea92 100644
--- a/meta/lib/oe/sbom30.py
+++ b/meta/lib/oe/sbom30.py
@@ -548,8 +548,8 @@  class ObjectSet(oe.spdx30.SHACLObjectSet):
 
         return ret
 
-    def new_relationship(self, from_, typ, to):
-        return self._new_relationship(oe.spdx30.Relationship, from_, typ, to)
+    def new_relationship(self, from_, typ, to, spdxid_name="relationship"):
+        return self._new_relationship(oe.spdx30.Relationship, from_, typ, to, spdxid_name=spdxid_name)
 
     def new_scoped_relationship(self, from_, typ, scope, to):
         return self._new_relationship(
@@ -624,6 +624,7 @@  class ObjectSet(oe.spdx30.SHACLObjectSet):
             [spdx_file],
             oe.spdx30.RelationshipType.hasDeclaredLicense,
             file_licenses,
+            spdxid_name="file-license-relationship"
         )
         spdx_file.extension.append(OELicenseScannedExtension())
 
@@ -912,7 +913,7 @@  def jsonld_arch_path(d, arch, subdir, name, deploydir=None):
 
 def jsonld_hash_path(_id):
     # For the spdId added by add_package_files, remove suffix count number
-    if re.match(r".*/(sourcefile|sysroot|file)/\w+$", _id):
+    if re.match(r".*/(sourcefile|sysroot|file|file-license-relationship)/\w+$", _id):
         _id = os.path.dirname(_id)
 
     h = hashlib.sha256(_id.encode("utf-8")).hexdigest()