[Bf-blender-cvs] [16fc021ec56] tmp_libs_34: deps_builder: cve_check small QOL tweak

Tue Oct 18 18:48:35 CEST 2022

Commit: 16fc021ec5614cd990df89dd3c033656111c2318
Author: Ray Molenkamp
Date:   Tue Oct 18 10:48:29 2022 -0600
Branches: tmp_libs_34
https://developer.blender.org/rB16fc021ec5614cd990df89dd3c033656111c2318

deps_builder: cve_check small QOL tweak

Hardcoding the versions is going to be real
annoying to maintain. use @DEP_ID@ to get the
token with the vendor,product,version parts
of the dep.

===================================================================

M	build_files/build_environment/cmake/cve_check.cmake
M	build_files/build_environment/cmake/cve_check.csv.in

===================================================================

diff --git a/build_files/build_environment/cmake/cve_check.cmake b/build_files/build_environment/cmake/cve_check.cmake
index bd8f73a1e64..ac42444aef1 100644
--- a/build_files/build_environment/cmake/cve_check.cmake
+++ b/build_files/build_environment/cmake/cve_check.cmake
@@ -27,9 +27,11 @@ get_cmake_property(_variableNames VARIABLES)
 foreach (_variableName ${_variableNames})
   if(_variableName MATCHES "CPE$")
       string(REPLACE ":" ";" CPE_LIST ${${_variableName}})
+      string(REPLACE "_CPE" "_ID" CPE_DEPNAME ${_variableName})
       list(GET CPE_LIST 3 CPE_VENDOR)
       list(GET CPE_LIST 4 CPE_NAME)
       list(GET CPE_LIST 5 CPE_VERSION)
+      set(${CPE_DEPNAME} "${CPE_VENDOR},${CPE_NAME},${CPE_VERSION}")
       set(SBOMCONTENTS "${SBOMCONTENTS}${CPE_VENDOR},${CPE_NAME},${CPE_VERSION},,,\n")
   endif()
 endforeach()
diff --git a/build_files/build_environment/cmake/cve_check.csv.in b/build_files/build_environment/cmake/cve_check.csv.in
index bd7d8373c74..3797b7ce218 100644
--- a/build_files/build_environment/cmake/cve_check.csv.in
+++ b/build_files/build_environment/cmake/cve_check.csv.in
@@ -1,3 +1,3 @@
 vendor,product,version,cve_number,remarks,comment
-python,python,3.10.8,CVE-2009-2940,Ignored,Does not apply to Blender we do not ship pygresql 
+ at PYTHON_ID@,CVE-2009-2940,Ignored,Does not apply to Blender we do not ship pygresql 
 @SBOMCONTENTS@

