Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-129602

Annotate all qt_attribution.json files with CPE and PURL values

    XMLWordPrintable

Details

    • e1cd2447e (tqtc/lts-6.8), 15ff24d9d (tqtc/lts-6.5), 8bbbee503 (dev), c473d782e (6.10), d7ec075c0 (6.9), 50f941b20 (tqtc/lts-6.8), aba340532 (dev), 66d963ba4 (6.10), dc1de9afe (6.9), 6c210e751 (tqtc/lts-6.8), 115eed85a (tqtc/lts-6.5)

    Description

      All our 3rd party sources have (or should have) an accompanying qt_attribution.json file.

      To more easily track our 3rd party supply chain, we should add relevant CPE and PURL values to the qt_attribution.json files in all our repositories.

      What CPE and PURL means can be found at https://wiki.qt.io/SBOM#CPE_and_PURL_values_in_qt_attribution.json_files

      qtbase is handled via https://codereview.qt-project.org/c/qt/qtbase/+/578553

      We need to the same for the following repos:

      • qt3d attribution reference
      • qt5compat attribution reference
      • qtapplicationmanager attribution reference
      • qtconnectivity attribution reference
      • qtdeclarative attribution reference
      • qtgrpc attribution reference
      • qtimageformats attribution reference
      • qtinterfaceframework attribution reference
      • qtmultimedia attribution reference
      • qtopcua attribution reference
      • qtpositioning attribution reference
      • qtquick3d attribution reference
      • qtsensors attribution reference
      • qtshadertools attribution reference
      • qtsvg attribution reference
      • qttools attribution reference
      • qtvehicleservices attribution reference
      • qtvirtualkeyboard attribution reference
      • qtwayland attribution reference

      Attachments

        Issue Links

          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. QTQAINFRA-6637 Update provisioned qdoc, qtattributionsscanner to Qt 6.8.0

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; Flaky tests; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed
          split from

          User Story - Created by Jira Software - do not edit or delete. Issue type for a user story. QTBUG-122899 Generate SBOM from Qt build system

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          mentioned in

          Page Loading...

          1.
          		 Add CPE and PURL info for qtimageformats Technical task Closed Qt Build System Team
          2.
          		 Add CPE and PURL info for qtsvg Technical task Closed Qt Build System Team
          3.
          		 Add CPE and PURL info for qtconnectivity Technical task Closed Qt Build System Team
          4.
          		 Add CPE and PURL info for qtshadertools Technical task Closed Qt Build System Team
          5.
          		 Add CPE and PURL info for qt5compat Technical task Closed Qt Build System Team
          6.
          		 Add CPE and PURL info for qtopcua Technical task Closed Qt Build System Team
          7.
          		 Add CPE and PURL info for qtpositioning Technical task Closed Qt Build System Team
          8.
          		 Add CPE and PURL info for qtsensors Technical task Closed Qt Build System Team
          9.
          		 Add CPE and PURL info for qtquick3d Technical task Closed Qt Build System Team
          10.
          		 Add CPE and PURL info for qtmultimedia Technical task Closed Qt Build System Team
          11.
          		 Add CPE and PURL info for qttools Technical task Closed Qt Build System Team
          12.
          		 Add CPE and PURL info for qtdeclarative Technical task Closed Qt Build System Team
          13.
          		 Add CPE and PURL info for qtgrpc Technical task Closed Qt Build System Team
          14.
          		 Add CPE and PURL info for qtgrpc Technical task Closed Qt Build System Team
          15.
          		 Add CPE and PURL info for qt3d Technical task Closed Qt Build System Team
          16.
          		 Add CPE and PURL info for qt3d Technical task Closed Qt Build System Team
          17.
          		 Add CPE and PURL info for qtwayland Technical task Closed Qt Build System Team
          18.
          		 Add CPE and PURL info for qtvirtualkeyboard Technical task Closed Qt Build System Team
          19.
          		 Add CPE and PURL info for qtvehicleservices Technical task Reported Qt Build System Team
          20.
          		 Add CPE and PURL info for qtinterfaceframework Technical task Closed Qt Build System Team
          21.
          		 Add CPE and PURL info for qtapplicationmanager Technical task Closed Qt Build System Team
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              qtbuildsystem Qt Build System Team
              alexandru.croitor Alexandru Croitor
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes