Typo in comment (was: tool to list source files)


Joseph Reynolds
 

There seems to a typo in a comment in archiver.bbclass; ARCHIVE_MODE should be ARCHIVER_MODE for "mirror" (letter R is missing).

https://github.com/openembedded/openembedded-core/blob/master/meta/classes/archiver.bbclass#L8

Joseph

P.S. The archiver class is awesome.  Thank you!


-------- Forwarded Message --------
Subject: Re: [yocto-security] Unicode Bidi CVE-2021-42574 - tool to list source files?
Date: Wed, 02 Feb 2022 09:39:06 +0000
From: Richard Purdie <richard.purdie@...>
To: Joseph Reynolds <jrey@...>, Mark Hatle <mark.hatle@...>, yocto-security@..., Armin Kuster <akuster808@...>



On Tue, 2022-02-01 at 21:20 -0600, Joseph Reynolds wrote:
On 1/23/22 5:34 PM, Joseph Reynolds wrote:
On 1/20/22 4:16 PM, Mark Hatle wrote:
Any protection on the compiler side would come from the compiler
of > > choice.  It is my understanding this has not yet been merged into the > > included GCC version.
But in the end, the issue is someone hiding code via unicode >
characters so...
Mark and Richard,
Thanks for your detailed review of Bitbake/OE/Yocto capabilities
in > this area, and for your guidance.
I have no further questions at this time, and will let you know if
we > come up with a scanner for this.

Does OE/bitbakle have best practices, guidelines, or tooling for developers who perform a bitbake build and then want the get a list of all the (fetched, unpacked, and patched) source code which was used in that build?  Would it be something like iterating all packages included in the build, and looking through the "S" directory?
Algorithm (sketch):
  for package in allPackagesInMyBuild:
    cd to the `S` directory for the package
    find . -type '*.cpp'
Have a look at archiver.bbclass. I think it has some documentation in the manual
too.

Cheers,

Richard

Join openembedded-core@lists.openembedded.org to automatically receive all group messages.