Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-129602

Annotate all qt_attribution.json files with CPE and PURL values

XMLWordPrintable

    • e1cd2447e (tqtc/lts-6.8), 15ff24d9d (tqtc/lts-6.5), 8bbbee503 (dev), c473d782e (6.10), d7ec075c0 (6.9), 50f941b20 (tqtc/lts-6.8), aba340532 (dev), 66d963ba4 (6.10), dc1de9afe (6.9), 6c210e751 (tqtc/lts-6.8), 115eed85a (tqtc/lts-6.5)

      All our 3rd party sources have (or should have) an accompanying qt_attribution.json file.

      To more easily track our 3rd party supply chain, we should add relevant CPE and PURL values to the qt_attribution.json files in all our repositories.

      What CPE and PURL means can be found at https://wiki.qt.io/SBOM#CPE_and_PURL_values_in_qt_attribution.json_files

      qtbase is handled via https://codereview.qt-project.org/c/qt/qtbase/+/578553

      We need to the same for the following repos:

      • qt3d attribution reference
      • qt5compat attribution reference
      • qtapplicationmanager attribution reference
      • qtconnectivity attribution reference
      • qtdeclarative attribution reference
      • qtgrpc attribution reference
      • qtimageformats attribution reference
      • qtinterfaceframework attribution reference
      • qtmultimedia attribution reference
      • qtopcua attribution reference
      • qtpositioning attribution reference
      • qtquick3d attribution reference
      • qtsensors attribution reference
      • qtshadertools attribution reference
      • qtsvg attribution reference
      • qttools attribution reference
      • qtvehicleservices attribution reference
      • qtvirtualkeyboard attribution reference
      • qtwayland attribution reference

        1.
        		 Add CPE and PURL info for qtimageformats Technical task Closed Qt Build System Team
        2.
        		 Add CPE and PURL info for qtsvg Technical task Closed Qt Build System Team
        3.
        		 Add CPE and PURL info for qtconnectivity Technical task Closed Qt Build System Team
        4.
        		 Add CPE and PURL info for qtshadertools Technical task Closed Qt Build System Team
        5.
        		 Add CPE and PURL info for qt5compat Technical task Closed Qt Build System Team
        6.
        		 Add CPE and PURL info for qtopcua Technical task Closed Qt Build System Team
        7.
        		 Add CPE and PURL info for qtpositioning Technical task Closed Qt Build System Team
        8.
        		 Add CPE and PURL info for qtsensors Technical task Closed Qt Build System Team
        9.
        		 Add CPE and PURL info for qtquick3d Technical task Closed Qt Build System Team
        10.
        		 Add CPE and PURL info for qtmultimedia Technical task Closed Qt Build System Team
        11.
        		 Add CPE and PURL info for qttools Technical task Closed Qt Build System Team
        12.
        		 Add CPE and PURL info for qtdeclarative Technical task Closed Qt Build System Team
        13.
        		 Add CPE and PURL info for qtgrpc Technical task Closed Qt Build System Team
        14.
        		 Add CPE and PURL info for qtgrpc Technical task Closed Qt Build System Team
        15.
        		 Add CPE and PURL info for qt3d Technical task Closed Qt Build System Team
        16.
        		 Add CPE and PURL info for qt3d Technical task Closed Qt Build System Team
        17.
        		 Add CPE and PURL info for qtwayland Technical task Closed Qt Build System Team
        18.
        		 Add CPE and PURL info for qtvirtualkeyboard Technical task Closed Qt Build System Team
        19.
        		 Add CPE and PURL info for qtvehicleservices Technical task Reported Qt Build System Team
        20.
        		 Add CPE and PURL info for qtinterfaceframework Technical task Closed Qt Build System Team
        21.
        		 Add CPE and PURL info for qtapplicationmanager Technical task Closed Qt Build System Team
        For Gerrit Dashboard: QTBUG-129602
        # Subject Branch Project Status CR V
        578553,44 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtbase Status: MERGED +2 0
        604618,3 CMake: Add PURL and CPE info to 3rd party attribution files 6.8 qt/qtbase Status: MERGED +2 0
        619761,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtbase Status: MERGED +2 0
        648203,6 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtimageformats Status: MERGED +2 0
        648208,4 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtshadertools Status: MERGED +2 +1
        648212,2 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtopcua Status: MERGED +2 +1
        648213,2 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtpositioning Status: MERGED +2 +1
        648217,2 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtsensors Status: MERGED +2 0
        648220,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtquick3d Status: MERGED +2 +1
        648367,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtsensors Status: MERGED +2 0
        648454,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtsensors Status: MERGED +2 0
        648540,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtimageformats Status: MERGED +2 0
        648541,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtpositioning Status: MERGED +2 0
        648542,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtopcua Status: MERGED +2 0
        648552,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtquick3d Status: MERGED +2 0
        648582,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtshadertools Status: MERGED +2 0
        648585,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtimageformats Status: MERGED +2 0
        648586,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtpositioning Status: MERGED +2 0
        648587,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtopcua Status: MERGED +2 0
        648589,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtquick3d Status: MERGED +2 0
        648633,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtshadertools Status: MERGED +2 0
        648779,6 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtmultimedia Status: MERGED +2 0
        648782,2 CMake: Add PURL and CPE info to 3rd party attribution files master playground/qlitehtml Status: MERGED +2 0
        648783,2 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qttools Status: MERGED +2 0
        648784,9 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtdeclarative Status: MERGED +2 0
        648789,5 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtgrpc Status: MERGED +2 0
        649113,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qttools Status: MERGED +2 0
        649346,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qttools Status: MERGED +2 0
        650004,4 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qt3d Status: MERGED +2 0
        650007,1 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtwayland Status: ABANDONED 0 0
        650012,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtvirtualkeyboard Status: MERGED +2 0
        650013,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt-labs/qtvehicleservices Status: DEFERRED +2 -1
        650034,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtinterfaceframework Status: MERGED +2 0
        650035,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtapplicationmanager Status: MERGED +2 0
        650036,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtwayland Status: MERGED +2 0
        650039,3 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qt5compat Status: MERGED +2 0
        650252,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtsensors Status: MERGED +2 0
        650269,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtimageformats Status: MERGED +2 0
        650278,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtpositioning Status: MERGED +2 0
        650279,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtopcua Status: MERGED +2 0
        650280,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtquick3d Status: MERGED +2 0
        650283,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtshadertools Status: MERGED +2 0
        650284,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qttools Status: MERGED +2 0
        650288,2 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtsvg Status: MERGED +2 0
        650292,2 CMake: Add PURL and CPE info to 3rd party attribution files dev qt/qtconnectivity Status: MERGED +2 0
        650305,2 CMake: Add missing attribution file paths for yoga dev qt/qtdeclarative Status: MERGED +2 0
        650313,2 CMake: Create an SBOM package for the ifcodegen tool dev qt/qtinterfaceframework Status: MERGED +2 +1
        650359,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtwayland Status: MERGED +2 0
        650361,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtsvg Status: MERGED +2 0
        650362,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtvirtualkeyboard Status: MERGED +2 0
        650366,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtgrpc Status: MERGED +2 0
        650367,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtinterfaceframework Status: MERGED +2 0
        650368,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qt5compat Status: MERGED +2 0
        650369,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtconnectivity Status: MERGED +2 0
        650370,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtapplicationmanager Status: MERGED +2 0
        650373,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qt3d Status: MERGED +2 0
        650435,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtconnectivity Status: MERGED +2 0
        650437,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtmultimedia Status: MERGED +2 0
        650462,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtwayland Status: MERGED +2 0
        650464,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtsvg Status: MERGED +2 0
        650466,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtmultimedia Status: MERGED +2 0
        650479,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.10 qt/qtdeclarative Status: MERGED +2 0
        650480,2 CMake: Add missing attribution file paths for yoga 6.10 qt/qtdeclarative Status: MERGED +2 0
        650481,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtvirtualkeyboard Status: MERGED +2 0
        650482,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qt5compat Status: MERGED +2 0
        650483,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtinterfaceframework Status: MERGED +2 0
        650484,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtgrpc Status: MERGED +2 0
        650491,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qt3d Status: MERGED +2 0
        650521,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtconnectivity Status: MERGED +2 0
        650528,3 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtdeclarative Status: MERGED +2 0
        650529,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtsvg Status: MERGED +2 0
        650531,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtwayland Status: MERGED +2 0
        650535,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtmultimedia Status: MERGED +2 0
        650541,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtvirtualkeyboard Status: MERGED +2 0
        650542,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qt5compat Status: MERGED +2 0
        650544,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtinterfaceframework Status: MERGED +2 0
        650545,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtgrpc Status: MERGED +2 0
        650547,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qt3d Status: MERGED +2 0
        650582,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtconnectivity Status: MERGED +2 0
        650631,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtsvg Status: MERGED +2 0
        650673,1 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtwayland Status: ABANDONED 0 0
        650695,2 CMake: Add PURL and CPE info to 3rd party attribution files 6.9 qt/qtapplicationmanager Status: MERGED +2 0
        650851,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtvirtualkeyboard Status: MERGED +2 0
        650889,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qt5compat Status: MERGED +2 0
        650961,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtinterfaceframework Status: ABANDONED +2 0
        650997,1 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtgrpc Status: ABANDONED 0 0
        651007,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qt3d Status: MERGED +2 0
        651079,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtapplicationmanager Status: MERGED +2 0
        651154,3 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtapplicationmanager Status: MERGED +2 0
        651419,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtmultimedia Status: MERGED +2 0
        651483,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.8 qt/tqtc-qtdeclarative Status: MERGED +2 0
        651536,2 CMake: Add PURL and CPE info to 3rd party attribution files tqtc/lts-6.5 qt/tqtc-qtdeclarative Status: MERGED +2 0
        652468,2 CMake: Create an SBOM package for the ifcodegen tool 6.10 qt/qtinterfaceframework Status: MERGED +2 0
        652612,2 CMake: Create an SBOM package for the ifcodegen tool 6.9 qt/qtinterfaceframework Status: MERGED +2 0
        652718,2 CMake: Create an SBOM package for the ifcodegen tool tqtc/lts-6.8 qt/tqtc-qtinterfaceframework Status: MERGED +2 0
        653603,3 Make: Fix incorrect PURL version for clip2tri dev qt/qtpositioning Status: MERGED +2 0
        653660,2 Make: Fix incorrect PURL version for clip2tri 6.10 qt/qtpositioning Status: MERGED +2 0
        653804,2 Make: Fix incorrect PURL version for clip2tri 6.9 qt/qtpositioning Status: MERGED +2 0
        653918,2 Make: Fix incorrect PURL version for clip2tri tqtc/lts-6.8 qt/tqtc-qtpositioning Status: MERGED +2 0
        653980,2 Make: Fix incorrect PURL version for clip2tri tqtc/lts-6.5 qt/tqtc-qtpositioning Status: MERGED +2 0

            qtbuildsystem Qt Build System Team
            alexandru.croitor Alexandru Croitor
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes