Loading core/main.mk +8 −1 Original line number Diff line number Diff line Loading @@ -2196,12 +2196,19 @@ $(PRODUCT_OUT)/sbom.spdx: $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM) $(call dist-for-goals,droid,$(PRODUCT_OUT)/sbom.spdx.json:sbom/sbom.spdx.json) else apps_only_sbom_files := $(sort $(patsubst %,%.spdx,$(apps_only_installed_files))) apps_only_sbom_files := $(sort $(patsubst %,%.spdx.json,$(filter %.apk,$(apps_only_installed_files)))) $(apps_only_sbom_files): $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM) rm -rf $@ $(GEN_SBOM) --output_file $@ --metadata $(PRODUCT_OUT)/sbom-metadata.csv --product_out_dir=$(PRODUCT_OUT) --build_version $(BUILD_FINGERPRINT_FROM_FILE) --product_mfr="$(PRODUCT_MANUFACTURER)" --unbundled sbom: $(apps_only_sbom_files) $(foreach f,$(apps_only_sbom_files),$(eval $(patsubst %.spdx.json,%-fragment.spdx,$f): $f)) apps_only_fragment_files := $(patsubst %.spdx.json,%-fragment.spdx,$(apps_only_sbom_files)) $(foreach f,$(apps_only_fragment_files),$(eval apps_only_fragment_dist_files += :sbom/$(notdir $f))) $(foreach f,$(apps_only_sbom_files),$(eval apps_only_sbom_dist_files += :sbom/$(notdir $f))) $(call dist-for-goals,apps_only,$(join $(apps_only_sbom_files),$(apps_only_sbom_dist_files)) $(join $(apps_only_fragment_files),$(apps_only_fragment_dist_files))) endif $(call dist-write-file,$(KATI_PACKAGE_MK_DIR)/dist.mk) Loading tools/sbom/generate-sbom.py +5 −2 Original line number Diff line number Diff line Loading @@ -397,7 +397,7 @@ def generate_sbom_for_unbundled(): creators=['Organization: ' + args.product_mfr]) for installed_file_metadata in reader: installed_file = installed_file_metadata['installed_file'] if args.output_file != args.product_out_dir + installed_file + ".spdx": if args.output_file != args.product_out_dir + installed_file + '.spdx.json': continue module_path = installed_file_metadata['module_path'] Loading @@ -418,7 +418,10 @@ def generate_sbom_for_unbundled(): doc.created = datetime.datetime.now(tz=datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%SZ') break with open(args.output_file, 'w', encoding="utf-8") as file: with open(args.output_file, 'w', encoding='utf-8') as file: sbom_writers.JSONWriter.write(doc, file) fragment_file = args.output_file.removesuffix('.spdx.json') + '-fragment.spdx' with open(fragment_file, 'w', encoding='utf-8') as file: sbom_writers.TagValueWriter.write(doc, file, fragment=True) Loading Loading
core/main.mk +8 −1 Original line number Diff line number Diff line Loading @@ -2196,12 +2196,19 @@ $(PRODUCT_OUT)/sbom.spdx: $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM) $(call dist-for-goals,droid,$(PRODUCT_OUT)/sbom.spdx.json:sbom/sbom.spdx.json) else apps_only_sbom_files := $(sort $(patsubst %,%.spdx,$(apps_only_installed_files))) apps_only_sbom_files := $(sort $(patsubst %,%.spdx.json,$(filter %.apk,$(apps_only_installed_files)))) $(apps_only_sbom_files): $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM) rm -rf $@ $(GEN_SBOM) --output_file $@ --metadata $(PRODUCT_OUT)/sbom-metadata.csv --product_out_dir=$(PRODUCT_OUT) --build_version $(BUILD_FINGERPRINT_FROM_FILE) --product_mfr="$(PRODUCT_MANUFACTURER)" --unbundled sbom: $(apps_only_sbom_files) $(foreach f,$(apps_only_sbom_files),$(eval $(patsubst %.spdx.json,%-fragment.spdx,$f): $f)) apps_only_fragment_files := $(patsubst %.spdx.json,%-fragment.spdx,$(apps_only_sbom_files)) $(foreach f,$(apps_only_fragment_files),$(eval apps_only_fragment_dist_files += :sbom/$(notdir $f))) $(foreach f,$(apps_only_sbom_files),$(eval apps_only_sbom_dist_files += :sbom/$(notdir $f))) $(call dist-for-goals,apps_only,$(join $(apps_only_sbom_files),$(apps_only_sbom_dist_files)) $(join $(apps_only_fragment_files),$(apps_only_fragment_dist_files))) endif $(call dist-write-file,$(KATI_PACKAGE_MK_DIR)/dist.mk) Loading
tools/sbom/generate-sbom.py +5 −2 Original line number Diff line number Diff line Loading @@ -397,7 +397,7 @@ def generate_sbom_for_unbundled(): creators=['Organization: ' + args.product_mfr]) for installed_file_metadata in reader: installed_file = installed_file_metadata['installed_file'] if args.output_file != args.product_out_dir + installed_file + ".spdx": if args.output_file != args.product_out_dir + installed_file + '.spdx.json': continue module_path = installed_file_metadata['module_path'] Loading @@ -418,7 +418,10 @@ def generate_sbom_for_unbundled(): doc.created = datetime.datetime.now(tz=datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%SZ') break with open(args.output_file, 'w', encoding="utf-8") as file: with open(args.output_file, 'w', encoding='utf-8') as file: sbom_writers.JSONWriter.write(doc, file) fragment_file = args.output_file.removesuffix('.spdx.json') + '-fragment.spdx' with open(fragment_file, 'w', encoding='utf-8') as file: sbom_writers.TagValueWriter.write(doc, file, fragment=True) Loading
