[v2,5/6] sbom-cve-check: add recipe

Message ID	20260225-add-sbom-cve-check-v2-5-eeffa285b901@bootlin.com
State	New
Headers	show Return-Path: <benjamin.robin@bootlin.com> ip: 185.171.202.116, mailfrom: benjamin.robin@bootlin.com) From: Benjamin Robin <benjamin.robin@bootlin.com> Date: Wed, 25 Feb 2026 13:36:33 +0100 Subject: [PATCH v2 5/6] sbom-cve-check: add recipe MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20260225-add-sbom-cve-check-v2-5-eeffa285b901@bootlin.com> References: <20260225-add-sbom-cve-check-v2-0-eeffa285b901@bootlin.com> In-Reply-To: <20260225-add-sbom-cve-check-v2-0-eeffa285b901@bootlin.com> To: openembedded-core@lists.openembedded.org Cc: ross.burton@arm.com, peter.marko@siemens.com, jpewhacker@gmail.com, olivier.benjamin@bootlin.com, antonin.godard@bootlin.com, mathieu.dubois-briand@bootlin.com, thomas.petazzoni@bootlin.com, Benjamin Robin <benjamin.robin@bootlin.com>
Series	sbom-cve-check: add CVE analysis tool and class \| expand [v2,0/6] sbom-cve-check: add CVE analysis tool and class [v2,1/6] maintainers.inc: Sort list in alphabetical order [v2,2/6] python3-shacl2code: add recipe [v2,3/6] python3-hatch-build-scripts: add recipe [v2,4/6] python3-spdx-python-model: add recipe [v2,5/6] sbom-cve-check: add recipe [v2,6/6] sbom-cve-check.bbclass: Add class for post-build CVE analysis

Message ID

20260225-add-sbom-cve-check-v2-5-eeffa285b901@bootlin.com

State

New

Headers

From: Benjamin Robin <benjamin.robin@bootlin.com>
Date: Wed, 25 Feb 2026 13:36:33 +0100
Subject: [PATCH v2 5/6] sbom-cve-check: add recipe
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <20260225-add-sbom-cve-check-v2-5-eeffa285b901@bootlin.com>
References: <20260225-add-sbom-cve-check-v2-0-eeffa285b901@bootlin.com>
In-Reply-To: <20260225-add-sbom-cve-check-v2-0-eeffa285b901@bootlin.com>
To: openembedded-core@lists.openembedded.org
Cc: ross.burton@arm.com, peter.marko@siemens.com, jpewhacker@gmail.com,
 olivier.benjamin@bootlin.com, antonin.godard@bootlin.com,
 mathieu.dubois-briand@bootlin.com, thomas.petazzoni@bootlin.com,
 Benjamin Robin <benjamin.robin@bootlin.com>

Series

sbom-cve-check: add CVE analysis tool and class | expand

Commit Message

Benjamin Robin Feb. 25, 2026, 12:36 p.m. UTC

Provide sbom-cve-check (native) executable.

Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
---
 meta/conf/distro/include/maintainers.inc                |  1 +
 .../python/python3-sbom-cve-check_1.1.0.bb              | 17 +++++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 3bc1d00bc1c7..c43107ccdccd 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -714,6 +714,7 @@  RECIPE_MAINTAINER:pn-python3-rfc3987 = "Bruce Ashfield <bruce.ashfield@gmail.com
 RECIPE_MAINTAINER:pn-python3-roman-numerals = "Trevor Gamblin <tgamblin@baylibre.com>"
 RECIPE_MAINTAINER:pn-python3-rpds-py = "Tim Orling <tim.orling@konsulko.com>"
 RECIPE_MAINTAINER:pn-python3-ruamel-yaml = "Bruce Ashfield <bruce.ashfield@gmail.com>"
+RECIPE_MAINTAINER:pn-python3-sbom-cve-check = "Benjamin Robin <benjamin.robin@bootlin.com>"
 RECIPE_MAINTAINER:pn-python3-scons = "Tim Orling <tim.orling@konsulko.com>"
 RECIPE_MAINTAINER:pn-python3-semantic-version = "Tim Orling <tim.orling@konsulko.com>"
 RECIPE_MAINTAINER:pn-python3-setuptools = "Trevor Gamblin <tgamblin@baylibre.com>"
diff --git a/meta/recipes-devtools/python/python3-sbom-cve-check_1.1.0.bb b/meta/recipes-devtools/python/python3-sbom-cve-check_1.1.0.bb
new file mode 100644
index 000000000000..3d1c581e9f86
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-sbom-cve-check_1.1.0.bb
@@ -0,0 +1,17 @@ 
+SUMMARY = "Lightweight SBOM CVE analysis tool"
+HOMEPAGE = "https://github.com/bootlin/sbom-cve-check"
+SECTION = "devel/python"
+LICENSE = "GPL-2.0-only"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=570a9b3749dd0463a1778803b12a6dce"
+
+PYPI_PACKAGE = "sbom_cve_check"
+SRC_URI[sha256sum] = "953256ac99851ba59bc8649b8023303007ff2981edbc4ee395011bd91c118095"
+
+inherit pypi python_hatchling
+
+RDEPENDS:${PN} += " \
+    python3-spdx-python-model \
+    python3-pyyaml \
+"
+
+BBCLASSEXTEND = "native nativesdk"

[v2,5/6] sbom-cve-check: add recipe

Commit Message

Patch