[yocto] [patchtest-oe][PATCH] test_patch_cve.py: fix cve tag checking logic
Mittal, Anuj
anuj.mittal at intel.com
Thu Nov 8 23:38:17 PST 2018
On Wed, 2018-11-07 at 09:01 +0000, Richard Purdie wrote:
> On Fri, 2018-11-02 at 14:03 +0800, Chen Qi wrote:
> > The current logic for checking cve tag is not correct. It errors
> > out if and only if the patch contains a line which begins with
> > CVE-YYYY-XXXX and contains nothing else.
> >
> > It will not error out if the patch contains no CVE information, nor
> > will it error out if the patch contains line like below.
> >
> > 'Fix CVE-YYYY-XXXX'
> >
> > I can see that the cve tag checking logic tries to ensure the patch
> > contains something like 'CVE: CVE-YYYY-XXXX'. So fix to implement
> > such
> > logic.
> >
> > Signed-off-by: Chen Qi <Qi.Chen at windriver.com>
> > ---
> > tests/test_patch_cve.py | 15 ++++++++-------
> > 1 file changed, 8 insertions(+), 7 deletions(-)
>
> Thanks, good find.
>
> I've merged this and I believe the instance should have it applied
> now
> too.
>
Not sure if this is related but it looks like the tests aren't running
at all now ...
https://patchwork.openembedded.org/project/oe-core/series/?ordering=-last_updated
Thanks,
Anuj
More information about the yocto
mailing list