@@ -48,7 +48,6 @@ python do_sbom_cve_check() {
bb.fatal("Cannot execute sbom-cve-check missing create-spdx-3.0 inherit.")
sbom_path = d.expand("${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.spdx.json")
- vex_manifest_path = d.expand("${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.vex.json")
dl_db_dir = d.getVar("SBOM_CVE_CHECK_DEPLOY_DB_DIR")
deploy_dir = d.getVar("SBOM_CVE_CHECK_DEPLOYDIR")
img_link_name = d.getVar("IMAGE_LINK_NAME")
@@ -72,12 +71,6 @@ python do_sbom_cve_check() {
"--disable-auto-updates"
]
- # Assume that SPDX_INCLUDE_VEX is set globally to "all", and not only for the
- # image recipe, which is very unlikely. This is not an issue to include the
- # VEX manifest even if not needed.
- if bb.data.inherits_class("vex", d) and d.getVar("SPDX_INCLUDE_VEX") != "all":
- cmd_args.extend(["--yocto-vex-manifest", vex_manifest_path])
-
for export_file in export_files:
cmd_args.extend(
["--export-type", export_file[0], "--export-path", export_file[1]]
This class has been deleted now, so remove the references to it and the file that it writes. This is effectively a no-op change, as the recommended way to run sbom-cve-check is with SPDX_INCLUDE_VEX="all", which includes all of the data in the SPDX that the vex class would have generated. Signed-off-by: Ross Burton <ross.burton@arm.com> --- meta/classes-recipe/sbom-cve-check.bbclass | 7 ------- 1 file changed, 7 deletions(-)