- [layer] Make layer compatible with scarthgap release
- [vigiles.bbclass] Add custom annotations to packages in generated SBOM
- [vigiles.bbclass] Add feature to disable sbom and report generation for initramfs image
- [checkcves.py] Fix API key parsing in 'check_linuxlink_key' function
- [layer] Make layer compatible with nanbield release
- [CHANGELOG.md] add changelog
- [vigiles.conf] add vigiles tool version - VIGILES_TOOL_VERSION
- [vigiles.bbclass] populate info of packages included as build dependencies in SBOM
- [README.md] Update link to Yocto's Reference Manual
- [vigiles.bbclass] add packages related to Trusted OS as components
- [checkcves.py] Display error message if invalid linuxlink key is used
- [checkcves.py] Display error message if dashboard config is invalid
- [vigiles.bbclass] Report runtime dependencies against PN
- [vigiles. bbclass] Resolve circular dependency with meta-tegra
- [general] update get_recipe_pv_without_srcpv to get_recipe_pv_with_pfx_sfx
- [vigiles.bbclass] add default values to mandatory fields in SBOM
- [vigiles.bbclass] Rename function to avoid conflict between vigiles.bbclass and create-spdx.bbclass
- [tsmeta.bbclass] Improve error handling in the get_manifest_pkgs() function for when the ""IMAGE_MANIFEST"" does not contain a valid path
- [vigiles.bbclass] Include build and runtime dependencies in generated SBOM
- [vigiles.bbclass] Include package checksum in generated SBOM
- [vigiles.bbclass] Add components to make SBOM NTIA minimum elements compliant
- [llapi] Implement retry handling for API calls
- [vigiles.bbclass] Sort package dependencies and component_type
- [tsmeta.bbclass] fix multiubi build errors due to ""override"" syntax change
- [llapi] add enterprise vigiles support
- [vigiles.bbclass] dont include packages with ""CLOSED"" License in the SBOM
- [vigiles.bbclass] added VIGILES_INCLUDE_CLOSED_LICENSES config to toggle adding packages with ""CLOSED"" Licenses
- [vigiles.bbclass] include closed license check to extra packages added through VIGILES_EXTRA_PACKAGES CSV files
- [vigiles.bbclass] warn for general exceptions while running checkcves
- [README.md] update readme to be relative to the release
- [tsmeta.bbclass] Get external u-boot version from Makefile for more accurate version string
- [vigiles.conf] Set default value to VIGILES_INCLUDE_CLOSED_LICENSES as '1' to include packages with 'CLOSED' licenses by default
- [layer] Make compatible with honister and kirkstone
- [classes] add support for cve_check_ignore
- [README] added U-Boot config filter section
- [bbclass] fix 'no pkg entry found' warnings
- [bbclass] fix do_vigiles_uboot_config hang issue on external u-boot config
- [checkcves] remove arch_count and arch_cves from demo summary
- [llapi] remove deprecated parameter when loading json
- [bbclass] add package supplier
- [bbclass] add package download location to manifest
- [bbclass] add cpe_id to manifest
- [tasks] Flag vigiles-check task as needing network access
- [llapi] use v1 api route for manifest upload
- [bbclass] truncate manifest name to 256 characters
- [readme] update instructions for dashboard config
- [layer] Make compatible with gatesgarth and hardknott
- [llapi] added subfolder name option
- [kernel] Add extra check against falsely identifying package.
- [misc] Remove deprecated scripts and modules
- [tsmeta] Make sure we don't rename libubootenv
- [bbclass] Add support for new backend features
- [llapi] Updates for new Vigiles Service / LinuxLink features
- [u-boot] Gather u-boot metadata explicitly, rather than as dependency.
- [kernel] Use better checking for back-filling kernel dependencies
- [debug] Add VIGILES_DISABLE_CHECK flag to generate (but not submit) manifests.
- Add SUMMARY from recipe into JSON output
- Add HOMEPAGE from recipe into JSON output
- [llapi] Add support for Folders via Dashboard Config.
- [images] Add INITRAMFS_IMAGE to manifest if its set.
- [manifest] Add CVE_CHECK_WHITELIST to our own before submission.
- [images] Streamline task dependencies for multiple image manifests/reports
- [layers] Clean up error path when getting git info fails.
- [readme] Update for new Folder Config.
- [tsmeta] Fix for issues with host-installed Python 3.8
- [u-boot] Fix for issues with host-installed Python 3.8
- [vigiles-chevck] Fix for issues with host-installed Python 3.8
- [do_vigiles_check] Make sure we use the host-installed python3
- [conf] Add dunfell to LAYERSERIES_COMPAT.
- [tsmeta] Remove PACKAGECONFIG variable handling.
- [feature] Add support for excluding packages via CSV files.
- [layers] Fixups for gathering git repo info
- [u-boot] Fixup for an unset PREFERRED_PROVIDERS_virtual/bootloader
- [fixup] bb.info() -> bb.note().
- [feature] Add support for including extra packages via .csv files.
- [tsmeta] Safeguard against recipes that don't have a layer
- [tsmeta] Fixup str.split() parameter.
- [extras] Fixup parsing and Readme to match LinuxLink behavior.
- [tsmeta] Cleanup and fix git layer metadata
- [bbclass] Cleanup vigiles_pkg() and streamline metadata
- [tsmeta] Add timesys layer backfill.
- [uboot] Check if virtual/bootloader is set before proceeding.
- [tsmeta/layers] Filter current git branch better.
- [tsmeta/layers] Do better check for valid git repo.
- fixup bb.warning() -> bb.warn()
- [bbclass] exists() -> lexists() for symlinks we control.
- [tsmeta] Cleanup layer metadata
- Add dashboard config capability
- [vigiles] Add support for uploading U-Boot configuration.
- [tsmeta] Add License info to metadata and manifest.
- [vigiles/kernel] Re-use helper for kernel version accuracy.
- [bbclass] Tweak dependencies to better support using rootfs manifests.
- [tsmeta] Cleanup tsmeta_pn_list() and build our manifest from the rootfs.
- [pkg] Be sure to include extended runtime packages
- [image] Make a missed-package-mapping a warning.
- [vigiles/bbclass] Make config copying generic
- [readme] Remove note about manual execution.
- [bbclass] Change task articulation to prevent circular dependency
[tsmeta] Parse kernel Makefile for accurate cve_version inference.
[vigiles/kconfig] Make sure there is a kernel config file before copying
- [conf] Add compatibility string for 'zeus'.
- [vigiles/config] Make kernel config auto-detection the default.
- [tsmeta] Remove existing tsmeta_dir on startup.
- [vigiles/bbclass] Prevent racing against rm_work
- [vigiles/tsmeta] Work around yocto bug for getting cve_version
- [scripts/imx] Add setup script for i.MX BSP's
- [vigiles/manifest] Scrape patches for CVE info and send in manifest.
- [vigiles/bbclass] Add kernel config auto-detection
- [config/whitelist] Make sure we don't overwrite local.conf settings.
- [vigiles/tsmeta] Clean up src dictionary creation with oe library routines.
- [vigiles] Update Readme.
- [vigiles/bbclass] Sort patches and patched_cves in manifest.
- [vigiles] Bump manifest version.
- [vigiles/class] Add fixup to normalize u-boot cve_product name.
- [vigiles/bbclass] Minor fixups for do_vigiles_{image,check}
- [tsmeta] Add debugging hook
- [vigiles] Export proxies before running check.
- [tsmeta] Add variables to collect for image metadata
- [tsmeta] Re-factor + improve tsmeta_pn_list()
- [vigiles] Re-fixup dependencies so we catch all images for a target
- [tsmeta] Also include patches ending in .diff
- [tsmeta] Fixup parsing for (> 1) instance of '://' in URIs.
- [vigiles] Backfill pn metadata with virtual/{bootloader,kernel,libc}
- [tsmeta] 3 bug fixes
- [vigiles] Add task-based Yocto CVE Scanner
- [vigiles] Update README and file preamble in vigiles files.
- [vigiles] Minor updates for release
- [vigiles] README fixup.
- [vigiles] Fix CVSSv2 -> CVSSv3 typos
- Bump LAYERSERIES_COMPAT to 'thud'
- checkcves: Add -k option to upload kernel config with manifest
- Update README for kernel config filter section and maintainers
- manifest: expand DISTRO_VERSION
- Add whitelist of recipes and CVEs to manifest
- Print whitelisted recipes / CVE IDs in checkcves results
- include version without git revs even when cve_product isn't set
- checkcves: Print summary of results
- manifest: Include all files from SRC_URI that look like patches
- Add SRCREV to manifest when there is one
- checkcves: report patches available in meta-timesys-security in results
- layer.conf: Set LAYERSERIES_COMPAT_timesys to sumo
*Remove unused demos and mirroring config
*llapi: Fix read call on HTTPResponse
- Add option to write results to file instead of stdout
- checkcves: Add image selection so that a second manifest step isn't needed
- Update README for manifest/checkcves changes
- Add CVE_PRODUCT to image manifest, bump manifest version
- checkcves: take subscription arg, always show report URL
- Create README.md
- Update README.md
- checkcves: Update no-sub message
- cvecheck: Support web-only results without a subscription
- Rework manifest.py for Pyro
- Use new extra_features parameter of tinfoil.prepare()
- Use tinfoil's logger in manifest.py
- Remove backports, no longer needed!
- Quiet stderr on git operations
- utils: fix image list,cleanup unused and outdated things
- update cve fields, add date
- Add manifest version
- Move list of patched cves to be per package
- Check if image is valid before creating manifest
- Check if manifest contains packages before subimitting
- Update checkcve print based on result changes
- Move generatePkgDepTreeData to backport.py from TimesysCooker
- Update layer git info in lib/utils.py
- General cleanup in lib/utis.py
- Rewrite scripts/manifest.py to use Tinfoil
- Move lib/ to scripts/lib
- Update for morty and python3
- Backport generatePkgDepTreeData fix
- checkcves: Don't exit silently when there were no results
- checkcves: Update for new results format
- Add machine and distro version to manifest
- Track CVEs that are already fixed by patches
- manifest: skip native
- manifest: Don't dump output to the terminal
- manifest: Don't append patches more than once
- Add script to check CVEs with LinuxLink
- Add premirrors to layer conf
- Initial commit: add layer.conf
- mcc-pingpong: Add demo package
- add vybrid-demo-mcc-pingpong image.
- add scripts for generating a json manifest
- Add linuxlink API module to lib
- rename TIMESYS_MIRROR var to TIMESYS_REPO