[v2,09/18] spdx30: Add image root metadata package with describes relationship

From: Stefano Tondo <stefano.tondo.ext@siemens.com>

From: Stefano Tondo <stondo@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: stefano.tondo.ext@siemens.com,
	adrian.freihofer@siemens.com,
	Peter.Marko@siemens.com,
	jpewhacker@gmail.com,
	Ross.Burton@arm.com
Subject: [PATCH v2 09/18] spdx30: Add image root metadata package with
 describes relationship
Date: Sat, 21 Feb 2026 06:09:57 +0100
Message-ID: <20260221051006.335141-10-stondo@gmail.com>
In-Reply-To: <20260221051006.335141-1-stondo@gmail.com>
References: <20260221051006.335141-1-stondo@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message ID	20260221051006.335141-10-stondo@gmail.com
State	Under Review
Headers	show Return-Path: <stondo@gmail.com> ip: 209.85.221.50, mailfrom: stondo@gmail.com) From: Stefano Tondo <stondo@gmail.com> To: openembedded-core@lists.openembedded.org Cc: stefano.tondo.ext@siemens.com, adrian.freihofer@siemens.com, Peter.Marko@siemens.com, jpewhacker@gmail.com, Ross.Burton@arm.com Subject: [PATCH v2 09/18] spdx30: Add image root metadata package with describes relationship Date: Sat, 21 Feb 2026 06:09:57 +0100 Message-ID: <20260221051006.335141-10-stondo@gmail.com> In-Reply-To: <20260221051006.335141-1-stondo@gmail.com> References: <20260221051006.335141-1-stondo@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	spdx30: SBOM enrichment, lifecycle scope, and documentation \| expand [v2,00/18] spdx30: SBOM enrichment, lifecycle scope, and documentation [v2,01/18] spdx30: Add configurable file filtering support [v2,02/18] spdx30: Add supplier support for image and SDK SBOMs [v2,03/18] spdx30: Add ecosystem-specific PURL generation [v2,04/18] spdx30: Add version extraction from SRCREV for Git source components [v2,05/18] spdx30: Add SPDX_GIT_PURL_MAPPINGS for Git hosting [v2,06/18] sbom30: Fix object deduplication to preserve complete data [v2,07/18] spdx30: Enrich source downloads with external refs and PURLs [v2,08/18] spdx30: Include recipe base PURL in package external identifiers [v2,09/18] spdx30: Add image root metadata package with describes relationship [v2,10/18] spdx30_tasks: Fix non-deterministic BUILDNAME in image package version [v2,11/18] spdx30: Add rootfs version and dependency scope classification [v2,12/18] oeqa/selftest: Add test for download_location defensive handling [v2,13/18] spdx.py: Add test for version extraction patterns [v2,14/18] cve_check: Escape special characters in CPE 2.3 formatted strings [v2,15/18] spdx-common: Declare SPDX_FORCE_*_SCOPE override variables [v2,16/18] oeqa/selftest: Add test for lifecycle scope classification [v2,17/18] spdx-common: Add documentation for undocumented SPDX variables [v2,18/18] spdx-common: Clarify documentation and make SPDX_LICENSES extensible

[v2,09/18] spdx30: Add image root metadata package with describes relationship

Commit Message

Patch