From d84d0c42ec3e9b1f78a1bb38a0c83b38cc237191 Mon Sep 17 00:00:00 2001 From: Louis Maillard <louis.maillard@savoirfairelinux.com> Date: Thu, 27 Jun 2024 16:39:01 -0400 Subject: [PATCH] contrib: add CPE information on packages Added "cpe" field in package.json and PKG_CVE for make rules. GitLab: #1021 Change-Id: I375fe3c224b0578ed702877d236fbc8ed0a5d8d5 --- contrib/src/argon2/package.json | 1 + contrib/src/argon2/rules.mak | 1 + contrib/src/asio/package.json | 1 + contrib/src/asio/rules.mak | 1 + contrib/src/ffmpeg/package.json | 1 + contrib/src/ffmpeg/rules.mak | 1 + contrib/src/ffnvcodec/package.json | 1 + contrib/src/ffnvcodec/rules.mak | 1 + contrib/src/fmt/package.json | 1 + contrib/src/fmt/rules.mak | 1 + contrib/src/freetype/package.json | 1 + contrib/src/freetype/rules.mak | 2 ++ contrib/src/gmp/package.json | 1 + contrib/src/gmp/rules.mak | 1 + contrib/src/gnutls/package.json | 1 + contrib/src/gnutls/rules.mak | 1 + contrib/src/http_parser/package.json | 1 + contrib/src/http_parser/rules.mak | 1 + contrib/src/jsoncpp/package.json | 1 + contrib/src/jsoncpp/rules.mak | 1 + contrib/src/libarchive/package.json | 1 + contrib/src/libarchive/rules.mak | 1 + contrib/src/libgit2/package.json | 1 + contrib/src/libgit2/rules.mak | 1 + contrib/src/libressl/rules.mak | 1 + contrib/src/liburcu/package.json | 1 + contrib/src/liburcu/rules.mak | 1 + contrib/src/llhttp/rules.mak | 1 + contrib/src/lttng-ust/package.json | 6 +++--- contrib/src/lttng-ust/rules.mak | 1 + contrib/src/main.mak | 3 +++ contrib/src/minizip/package.json | 1 + contrib/src/minizip/rules.mak | 1 + contrib/src/msgpack/package.json | 1 + contrib/src/msgpack/rules.mak | 1 + contrib/src/nettle/package.json | 1 + contrib/src/nettle/rules.mak | 1 + contrib/src/onnx/package.json | 1 + contrib/src/onnx/rules.mak | 1 + contrib/src/opencv/package.json | 1 + contrib/src/opencv/rules.mak | 1 + contrib/src/openssl/package.json | 1 + contrib/src/opus/package.json | 1 + contrib/src/opus/rules.mak | 1 + contrib/src/portaudio/package.json | 1 + contrib/src/portaudio/rules.mak | 1 + contrib/src/pthreads/package.json | 1 + contrib/src/restinio/package.json | 1 + contrib/src/restinio/rules.mak | 1 + contrib/src/speex/rules.mak | 5 +++-- contrib/src/speexdsp/package.json | 1 + contrib/src/speexdsp/rules.mak | 4 +++- contrib/src/upnp/package.json | 1 + contrib/src/upnp/rules.mak | 1 + contrib/src/vpx/package.json | 1 + contrib/src/vpx/rules.mak | 5 +++-- contrib/src/yaml-cpp/package.json | 1 + contrib/src/yaml-cpp/rules.mak | 1 + contrib/src/zlib/package.json | 1 + contrib/src/zlib/rules.mak | 1 + 60 files changed, 71 insertions(+), 8 deletions(-) diff --git a/contrib/src/argon2/package.json b/contrib/src/argon2/package.json index b16c8c95f7..2444fa7994 100644 --- a/contrib/src/argon2/package.json +++ b/contrib/src/argon2/package.json @@ -1,6 +1,7 @@ { "name": "argon2", "version": "670229c849b9fe882583688b74eb7dfdc846f9f6", + "cpe": "cpe:2.3:a:argon2_project:argon2:-:*:*:*:*:*:*:*", "url": "https://github.com/P-H-C/phc-winner-argon2/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/argon2/rules.mak b/contrib/src/argon2/rules.mak index 60ef3ddeb3..322d485d66 100644 --- a/contrib/src/argon2/rules.mak +++ b/contrib/src/argon2/rules.mak @@ -1,5 +1,6 @@ # ARGON2 ARGON2_VERSION := 16d3df698db2486dde480b09a732bf9bf48599f9 +PKG_CPE += cpe:2.3:a:argon2_project:argon2:-:*:*:*:*:*:*:* ARGON2_URL := https://github.com/P-H-C/phc-winner-argon2/archive/$(ARGON2_VERSION).tar.gz ifeq ($(call need_pkg,'libargon2 > 20161029'),) diff --git a/contrib/src/asio/package.json b/contrib/src/asio/package.json index 3e9c594e56..44fe06fcbe 100644 --- a/contrib/src/asio/package.json +++ b/contrib/src/asio/package.json @@ -1,6 +1,7 @@ { "name": "asio", "version": "asio-1-28-1", + "cpe": "cpe:2.3:a:*:asio:1.28.1:*:*:*:*:*:*:*", "url": "https://github.com/chriskohlhoff/asio/archive/__VERSION__.tar.gz", "deps": ["openssl"], "patches": [], diff --git a/contrib/src/asio/rules.mak b/contrib/src/asio/rules.mak index d630f18de3..08e19a2b2f 100644 --- a/contrib/src/asio/rules.mak +++ b/contrib/src/asio/rules.mak @@ -19,6 +19,7 @@ # ASIO_VERSION := asio-1-28-1 +PKG_CPE += cpe:2.3:a:*:asio:1.28.1:*:*:*:*:*:*:* ASIO_URL := https://github.com/chriskohlhoff/asio/archive/$(ASIO_VERSION).tar.gz # Pure dependency of restinio: do not add to PKGS. diff --git a/contrib/src/ffmpeg/package.json b/contrib/src/ffmpeg/package.json index c1f73f0756..12b210b864 100644 --- a/contrib/src/ffmpeg/package.json +++ b/contrib/src/ffmpeg/package.json @@ -1,6 +1,7 @@ { "name": "ffmpeg", "version": "6.0.1", + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:6.0.1:*:*:*:*:*:*:*", "url": "https://ffmpeg.org/releases/ffmpeg-__VERSION__.tar.xz", "deps": [ "vpx", diff --git a/contrib/src/ffmpeg/rules.mak b/contrib/src/ffmpeg/rules.mak index 833f8916d3..0204fbb17f 100644 --- a/contrib/src/ffmpeg/rules.mak +++ b/contrib/src/ffmpeg/rules.mak @@ -1,4 +1,5 @@ FFMPEG_HASH := 6.0.1 +PKG_CPE += cpe:2.3:a:ffmpeg:ffmpeg:6.0.1:*:*:*:*:*:*:* FFMPEG_URL := https://ffmpeg.org/releases/ffmpeg-$(FFMPEG_HASH).tar.xz PKGS+=ffmpeg diff --git a/contrib/src/ffnvcodec/package.json b/contrib/src/ffnvcodec/package.json index 2e83aaa3ba..75dec99a6e 100644 --- a/contrib/src/ffnvcodec/package.json +++ b/contrib/src/ffnvcodec/package.json @@ -1,6 +1,7 @@ { "name": "ffnvcodec", "version": "n11.1.5.2", + "cpe": "cpe:2.3:a:videolan:ffnvcodec:11.1.5.2:*:*:*:*:*:*:*", "url": "https://github.com/FFmpeg/nv-codec-headers/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/ffnvcodec/rules.mak b/contrib/src/ffnvcodec/rules.mak index b6ffc4a837..c2671a0600 100644 --- a/contrib/src/ffnvcodec/rules.mak +++ b/contrib/src/ffnvcodec/rules.mak @@ -1,5 +1,6 @@ # ffnvcodec FFNVCODEC_VERSION := n11.1.5.2 +PKG_CPE += cpe:2.3:a:videolan:ffnvcodec:11.1.5.2:*:*:*:*:*:*:* FFNVCODEC_GITURL := https://git.videolan.org/git/ffmpeg/nv-codec-headers.git ifeq ($(call need_pkg,"ffnvcodec >= 8"),) diff --git a/contrib/src/fmt/package.json b/contrib/src/fmt/package.json index 2721cc319a..80d921e38e 100644 --- a/contrib/src/fmt/package.json +++ b/contrib/src/fmt/package.json @@ -1,6 +1,7 @@ { "name": "fmt", "version": "10.1.0", + "cpe": "cpe:2.3:a:fmt:fmt:10.1.0:*:*:*:*:*:*:*", "url": "https://github.com/fmtlib/fmt/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/fmt/rules.mak b/contrib/src/fmt/rules.mak index 0961089979..9b0a5148a2 100644 --- a/contrib/src/fmt/rules.mak +++ b/contrib/src/fmt/rules.mak @@ -1,5 +1,6 @@ # FMT FMT_VERSION := 10.1.0 +PKG_CPE += cpe:2.3:a:fmt:fmt:$(FMT_VERSION):*:*:*:*:*:*:* FMT_URL := https://github.com/fmtlib/fmt/archive/$(FMT_VERSION).tar.gz PKGS += fmt diff --git a/contrib/src/freetype/package.json b/contrib/src/freetype/package.json index ebc164176c..93760a67b7 100644 --- a/contrib/src/freetype/package.json +++ b/contrib/src/freetype/package.json @@ -1,6 +1,7 @@ { "name": "freetype", "version": "39ce3ac499d4cd7371031a062f410953c8ecce29", + "cpe": "cpe:2.3:a:freetype:freetype:2.10.1:*:*:*:*:*:*:*", "url": "https://gitlab.freedesktop.org/freetype/freetype/-/archive/__VERSION__/freetype-__VERSION__.tar.gz", "use_cmake": true } diff --git a/contrib/src/freetype/rules.mak b/contrib/src/freetype/rules.mak index 197626403d..b06454d0b9 100644 --- a/contrib/src/freetype/rules.mak +++ b/contrib/src/freetype/rules.mak @@ -2,6 +2,8 @@ FREETYPE_HASH := 39ce3ac499d4cd7371031a062f410953c8ecce29 FREETYPE_GITURL := https://gitlab.freedesktop.org/freetype/freetype/-/archive/$(FREETYPE_HASH)/freetype-$(FREETYPE_HASH).tar.gz +PKG_CPE += cpe:2.3:a:freetype:freetype:2.10.1:*:*:*:*:*:*:* + ifeq ($(call need_pkg,"freetype2 >= 2.10.1"),) PKGS_FOUND += freetype endif diff --git a/contrib/src/gmp/package.json b/contrib/src/gmp/package.json index 6a897fb551..5a12033367 100644 --- a/contrib/src/gmp/package.json +++ b/contrib/src/gmp/package.json @@ -1,6 +1,7 @@ { "name": "gmp", "version": "eb35fdadc072ecae2b262fd6e6709c308cadc07a", + "cpe": "cpe:2.3:a:gmplib:gmp:6.3.0:*:*:*:*:*:*:*", "url": "https://github.com/ShiftMediaProject/gmp/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/gmp/rules.mak b/contrib/src/gmp/rules.mak index 68be37f740..6b975ceb80 100644 --- a/contrib/src/gmp/rules.mak +++ b/contrib/src/gmp/rules.mak @@ -2,6 +2,7 @@ GMP_VERSION := 6.3.0 +PKG_CPE += cpe:2.3:a:gmplib:gmp:$(GMP_VERSION):*:*:*:*:*:*:* GMP_URL := $(GNU)/gmp/gmp-$(GMP_VERSION).tar.bz2 ifeq ($(call need_pkg,'gmp >= 6.2.0'),) diff --git a/contrib/src/gnutls/package.json b/contrib/src/gnutls/package.json index 4b706dd4ae..e121a5c805 100644 --- a/contrib/src/gnutls/package.json +++ b/contrib/src/gnutls/package.json @@ -1,6 +1,7 @@ { "name": "gnutls", "version": "3.6.7", + "cpe": "cpe:2.3:a:gnu:gnutls:3.6.7:*:*:*:*:*:*:*", "url": "https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-__VERSION__.tar.xz", "deps": [ "iconv", diff --git a/contrib/src/gnutls/rules.mak b/contrib/src/gnutls/rules.mak index 44b2eedea4..8d556f4871 100644 --- a/contrib/src/gnutls/rules.mak +++ b/contrib/src/gnutls/rules.mak @@ -1,6 +1,7 @@ # GnuTLS GNUTLS_VERSION := 3.8.3 +PKG_CPE += cpe:2.3:a:gnu:gnutls:$(GNUTLS_VERSION):*:*:*:*:*:*:* GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-$(GNUTLS_VERSION).tar.xz PKGS += gnutls diff --git a/contrib/src/http_parser/package.json b/contrib/src/http_parser/package.json index 0ae1dc3fee..85e6f67c09 100644 --- a/contrib/src/http_parser/package.json +++ b/contrib/src/http_parser/package.json @@ -1,6 +1,7 @@ { "name": "http_parser", "version": "2.9.4", + "cpe": "cpe:2.3:a:nodejs:http-parser:2.9.4:*:*:*:*:*:*:*", "url": "https://github.com/nodejs/http-parser/archive/v__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/http_parser/rules.mak b/contrib/src/http_parser/rules.mak index 09c347c25d..5c86b260f2 100644 --- a/contrib/src/http_parser/rules.mak +++ b/contrib/src/http_parser/rules.mak @@ -1,5 +1,6 @@ # HTTP_PARSER HTTP_PARSER_VERSION := 2.9.4 +PKG_CPE += cpe:2.3:a:nodejs:http-parser:$(HTTP_PARSER_VERSION):*:*:*:*:*:*:* HTTP_PARSER_URL := https://github.com/nodejs/http-parser/archive/v$(HTTP_PARSER_VERSION).tar.gz PKGS += http_parser diff --git a/contrib/src/jsoncpp/package.json b/contrib/src/jsoncpp/package.json index 48d5aebb06..4eb680cb80 100644 --- a/contrib/src/jsoncpp/package.json +++ b/contrib/src/jsoncpp/package.json @@ -1,6 +1,7 @@ { "name": "jsoncpp", "version": "1.9.3", + "cpe": "cpe:2.3:a:jsoncpp_project:jsoncpp:1.9.3:*:*:*:*:*:*:*", "url": "https://github.com/open-source-parsers/jsoncpp/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/jsoncpp/rules.mak b/contrib/src/jsoncpp/rules.mak index 67ba98d6d2..ed07d40c91 100644 --- a/contrib/src/jsoncpp/rules.mak +++ b/contrib/src/jsoncpp/rules.mak @@ -1,5 +1,6 @@ # JSONCPP JSONCPP_VERSION := 1.9.3 +PKG_CPE += cpe:2.3:a:jsoncpp_project:jsoncpp:$(JSONCPP_VERSION):*:*:*:*:*:*:* JSONCPP_URL := https://github.com/open-source-parsers/jsoncpp/archive/$(JSONCPP_VERSION).tar.gz diff --git a/contrib/src/libarchive/package.json b/contrib/src/libarchive/package.json index f3d616e25a..5de25f9771 100644 --- a/contrib/src/libarchive/package.json +++ b/contrib/src/libarchive/package.json @@ -1,6 +1,7 @@ { "name": "libarchive", "version": "a53d711261f4d5bf2104d9c3616a8602a45ba196", + "cpe": "cpe:2.3:a:libarchive:libarchive:3.6.0:*:*:*:*:*:*:*", "url": "https://github.com/libarchive/libarchive/archive/__VERSION__.tar.gz", "deps": ["iconv"], "patches": [ diff --git a/contrib/src/libarchive/rules.mak b/contrib/src/libarchive/rules.mak index 0f4c45a05e..3958c0854a 100644 --- a/contrib/src/libarchive/rules.mak +++ b/contrib/src/libarchive/rules.mak @@ -1,5 +1,6 @@ # LIBARCHIVE LIBARCHIVE_VERSION := 3.6.0 +PKG_CPE += cpe:2.3:a:libarchive:libarchive:$(LIBARCHIVE_VERSION):*:*:*:*:*:*:* LIBARCHIVE_URL := https://github.com/libarchive/libarchive/releases/download/v$(LIBARCHIVE_VERSION)/libarchive-$(LIBARCHIVE_VERSION).tar.xz ifndef HAVE_MACOSX diff --git a/contrib/src/libgit2/package.json b/contrib/src/libgit2/package.json index 5b74ca49b2..996628f20f 100644 --- a/contrib/src/libgit2/package.json +++ b/contrib/src/libgit2/package.json @@ -1,6 +1,7 @@ { "name": "libgit2", "version": "v1.8.0", + "cpe": "cpe:2.3:a:libgit2:libgit2:1.8.0:*:*:*:*:*:*:*", "url": "https://github.com/libgit2/libgit2/archive/__VERSION__.tar.gz", "use_cmake" : true, "defines": [ diff --git a/contrib/src/libgit2/rules.mak b/contrib/src/libgit2/rules.mak index 80171984e2..88318dbe78 100644 --- a/contrib/src/libgit2/rules.mak +++ b/contrib/src/libgit2/rules.mak @@ -1,5 +1,6 @@ # LIBGIT2 LIBGIT2_VERSION := 1.8.0 +PKG_CPE += cpe:2.3:a:libgit2:libgit2:${LIBGIT2_VERSION}:*:*:*:*:*:*:* LIBGIT2_URL := https://github.com/libgit2/libgit2/archive/v${LIBGIT2_VERSION}.tar.gz PKGS += libgit2 diff --git a/contrib/src/libressl/rules.mak b/contrib/src/libressl/rules.mak index 3e27c4e7bf..5f70a739ba 100644 --- a/contrib/src/libressl/rules.mak +++ b/contrib/src/libressl/rules.mak @@ -19,6 +19,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # SSL_VERSION := 3.7.0 +PKG_CPE += cpe:2.3:a:openbsd:libressl:$(SSL_VERSION):*:*:*:*:*:*:* LIBRESSL_VERSION := libressl-$(SSL_VERSION) LIBRESSL_URL := https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/$(LIBRESSL_VERSION).tar.gz diff --git a/contrib/src/liburcu/package.json b/contrib/src/liburcu/package.json index b0f36c2aa0..4bc205b3e5 100644 --- a/contrib/src/liburcu/package.json +++ b/contrib/src/liburcu/package.json @@ -1,6 +1,7 @@ { "name": "liburcu", "version": "0.13.1", + "cpe": "cpe:2.3:a:lttng:urcu:0.13.1:*:*:*:*:*:*:*", "url": "https://lttng.org/files/urcu/userspace-rcu-__VERSION__.tar.bz2", "deps": [], "patches": [], diff --git a/contrib/src/liburcu/rules.mak b/contrib/src/liburcu/rules.mak index ee91a5d117..ec196d9874 100644 --- a/contrib/src/liburcu/rules.mak +++ b/contrib/src/liburcu/rules.mak @@ -1,6 +1,7 @@ # liburcu LIBURCU_VERSION := 0.13.1 +PKG_CPE += cpe:2.3:a:lttng:urcu:${LIBURCU_VERSION}:*:*:*:*:*:*:* LIBURCU_URL := https://lttng.org/files/urcu/userspace-rcu-${LIBURCU_VERSION}.tar.bz2 ifeq ($(call need_pkg "liburcu >= 0.13.1"),) diff --git a/contrib/src/llhttp/rules.mak b/contrib/src/llhttp/rules.mak index d5d1fddd87..4fdc532766 100644 --- a/contrib/src/llhttp/rules.mak +++ b/contrib/src/llhttp/rules.mak @@ -17,6 +17,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # LLHTTP_VERSION := 9.2.0 +PKG_CPE += cpe:2.3:a:llhttp:llhttp:$(LLHTTP_VERSION):*:*:*:*:*:*:* LLHTTP_URL := https://github.com/nodejs/llhttp/archive/refs/tags/release/v$(LLHTTP_VERSION).tar.gz LLHTTP_CMAKECONF := \ diff --git a/contrib/src/lttng-ust/package.json b/contrib/src/lttng-ust/package.json index a6604d5a5f..0d9abc609b 100644 --- a/contrib/src/lttng-ust/package.json +++ b/contrib/src/lttng-ust/package.json @@ -1,14 +1,14 @@ { "name": "lttng-ust", "version": "2.13.0", + "cpe": "cpe:2.3:a:lttng:ust:2.13.0:*:*:*:*:*:*:*", "url": "https://lttng.org/files/lttng-ust/lttng-ust-__VERSION__.tar.bz2", "deps": [ - "liburcu", + "liburcu" ], "patches": [], "win_patches": [], - "project_paths": [ - ], + "project_paths": [], "with_env" : "", "custom_scripts": { "pre_build": [], diff --git a/contrib/src/lttng-ust/rules.mak b/contrib/src/lttng-ust/rules.mak index a4b65803cf..b02e4d6d2c 100644 --- a/contrib/src/lttng-ust/rules.mak +++ b/contrib/src/lttng-ust/rules.mak @@ -1,6 +1,7 @@ # lttng-ust LTTNG_UST_VERSION := 2.13.1 +PKG_CPE += cpe:2.3:a:lttng:ust:${LTTNG_UST_VERSION}:*:*:*:*:*:*:* LTTNG_UST_URL := https://lttng.org/files/lttng-ust/lttng-ust-${LTTNG_UST_VERSION}.tar.bz2 ifeq ($(call need_pkg "liblttng-ust >= 2.13.0"),) diff --git a/contrib/src/main.mak b/contrib/src/main.mak index 160fd79130..8c0a2fbb4a 100644 --- a/contrib/src/main.mak +++ b/contrib/src/main.mak @@ -55,6 +55,9 @@ GNU := https://ftpmirror.gnu.org SF := https://sourceforge.net/projects CONTRIB_VIDEOLAN ?= https://downloads.videolan.org/pub/contrib +# CPE ID list for generating SBOM +PKG_CPE := + # # Machine-dependent variables # diff --git a/contrib/src/minizip/package.json b/contrib/src/minizip/package.json index 735fbc0300..36f324ffdd 100644 --- a/contrib/src/minizip/package.json +++ b/contrib/src/minizip/package.json @@ -1,6 +1,7 @@ { "name": "minizip", "version": "3.0.0", + "cpe": "cpe:2.3:a:minizip_project:minizip:3.0.0:*:*:*:*:*:*:*", "url": "https://github.com/zlib-ng/minizip-ng/archive/refs/tags/__VERSION__.tar.gz", "deps": ["zlib", "iconv"], "patches": [], diff --git a/contrib/src/minizip/rules.mak b/contrib/src/minizip/rules.mak index 52a131a3c4..cfaf9e264b 100644 --- a/contrib/src/minizip/rules.mak +++ b/contrib/src/minizip/rules.mak @@ -1,5 +1,6 @@ # MINIZIP LIBMINIZIP_VERSION := 4.0.7 +PKG_CPE += cpe:2.3:a:minizip_project:minizip:$(LIBMINIZIP_VERSION):*:*:*:*:*:*:* LIBMINIZIP_URL := https://github.com/zlib-ng/minizip-ng/archive/$(LIBMINIZIP_VERSION).tar.gz ifdef HAVE_MACOSX diff --git a/contrib/src/msgpack/package.json b/contrib/src/msgpack/package.json index f06afa0ffe..889452a4bf 100644 --- a/contrib/src/msgpack/package.json +++ b/contrib/src/msgpack/package.json @@ -1,6 +1,7 @@ { "name": "msgpack-c", "version": "cpp-6.1.0", + "cpe": "cpe:2.3:a:*:msgpack:6.1.0:*:*:*:*:*:*:*", "url": "https://github.com/msgpack/msgpack-c/archive/__VERSION__.tar.gz", "use_cmake" : true, "defines": [ diff --git a/contrib/src/msgpack/rules.mak b/contrib/src/msgpack/rules.mak index a2a7049c63..976b03d338 100644 --- a/contrib/src/msgpack/rules.mak +++ b/contrib/src/msgpack/rules.mak @@ -1,5 +1,6 @@ # MSGPACK MSGPACK_VERSION := cpp-6.1.0 +PKG_CPE += cpe:2.3:a:*:msgpack:6.1.0:*:*:*:*:*:*:* MSGPACK_URL := https://github.com/msgpack/msgpack-c/archive/$(MSGPACK_VERSION).tar.gz PKGS += msgpack diff --git a/contrib/src/nettle/package.json b/contrib/src/nettle/package.json index 9bf61932a6..910cce912e 100644 --- a/contrib/src/nettle/package.json +++ b/contrib/src/nettle/package.json @@ -1,6 +1,7 @@ { "name": "nettle", "version": "c180b4d7afbda4049ad265d1366567f62a7a4a3a", + "cpe": "cpe:2.3:a:nettle_project:nettle:3.9.1:*:*:*:*:*:*:*", "url": "https://github.com/ShiftMediaProject/nettle/archive/__VERSION__.tar.gz", "deps": ["gmp"], "patches": [], diff --git a/contrib/src/nettle/rules.mak b/contrib/src/nettle/rules.mak index 2f8b13eef7..a204aebd6d 100644 --- a/contrib/src/nettle/rules.mak +++ b/contrib/src/nettle/rules.mak @@ -1,6 +1,7 @@ # Nettle NETTLE_VERSION := nettle_3.9.1_release_20230601 +PKG_CPE += cpe:2.3:a:nettle_project:nettle:3.9.1:*:*:*:*:*:*:* NETTLE_URL := https://git.lysator.liu.se/nettle/nettle/-/archive/$(NETTLE_VERSION)/nettle-$(NETTLE_VERSION).tar.gz PKGS += nettle diff --git a/contrib/src/onnx/package.json b/contrib/src/onnx/package.json index f45c0a4fc7..7508129650 100644 --- a/contrib/src/onnx/package.json +++ b/contrib/src/onnx/package.json @@ -1,6 +1,7 @@ { "name": "onnx", "version": "v1.12.0", + "cpe": "cpe:2.3:a:*:onnx:1.12.0:*:*:*:*:*:*:*", "url": "https://github.com/microsoft/onnxruntime/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/onnx/rules.mak b/contrib/src/onnx/rules.mak index a08b38bc33..fa553a0c13 100644 --- a/contrib/src/onnx/rules.mak +++ b/contrib/src/onnx/rules.mak @@ -1,5 +1,6 @@ # ONNX ONNX_VERSION := v1.16.3 +PKG_CPE += cpe:2.3:a:*:onnx:1.16.3:*:*:*:*:*:*:* ONNX_URL := https://github.com/microsoft/onnxruntime.git $(TARBALLS)/onnxruntime-$(ONNX_VERSION).tar.xz: diff --git a/contrib/src/opencv/package.json b/contrib/src/opencv/package.json index c811e8932f..182e83a3ac 100644 --- a/contrib/src/opencv/package.json +++ b/contrib/src/opencv/package.json @@ -1,6 +1,7 @@ { "name": "opencv", "version": "4.6.0", + "cpe": "cpe:2.3:a:opencv:opencv:4.6.0:*:*:*:*:*:*:*", "url": "https://github.com/opencv/opencv/archive/__VERSION__.tar.gz", "deps": ["opencv_contrib"], "patches": [], diff --git a/contrib/src/opencv/rules.mak b/contrib/src/opencv/rules.mak index 52371efb07..bb10b86967 100644 --- a/contrib/src/opencv/rules.mak +++ b/contrib/src/opencv/rules.mak @@ -1,5 +1,6 @@ # OPENCV OPENCV_VERSION := 4.6.0 +PKG_CPE += cpe:2.3:a:opencv:opencv:$(OPENCV_VERSION):*:*:*:*:*:*:* OPENCV_CONTRIB_VERSION := 4.6.0 OPENCV_URL := https://github.com/opencv/opencv/archive/$(OPENCV_VERSION).tar.gz diff --git a/contrib/src/openssl/package.json b/contrib/src/openssl/package.json index d8e458e5ca..9edfda252d 100644 --- a/contrib/src/openssl/package.json +++ b/contrib/src/openssl/package.json @@ -1,6 +1,7 @@ { "name": "openssl", "version": "OpenSSL_1_1_1-stable", + "cpe": "cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*", "url": "https://github.com/openssl/openssl/archive/__VERSION__.tar.gz", "custom_scripts": { "build": [ diff --git a/contrib/src/opus/package.json b/contrib/src/opus/package.json index aeac223efc..f9f2bf396a 100644 --- a/contrib/src/opus/package.json +++ b/contrib/src/opus/package.json @@ -1,6 +1,7 @@ { "name": "opus", "version": "76d2d6dca0a224f3ffb34b7429d7547bdbb1bad7", + "cpe": "cpe:2.3:a:*:opus:1.4:*:*:*:*:*:*:*", "url": "https://github.com/ShiftMediaProject/opus/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/opus/rules.mak b/contrib/src/opus/rules.mak index c7753626e5..036d291260 100644 --- a/contrib/src/opus/rules.mak +++ b/contrib/src/opus/rules.mak @@ -1,6 +1,7 @@ # opus OPUS_VERSION := 1.4 +PKG_CPE += cpe:2.3:a:*:opus:$(OPUS_VERSION):*:*:*:*:*:*:* OPUS_URL := https://github.com/xiph/opus/archive/v$(OPUS_VERSION).tar.gz PKGS += opus diff --git a/contrib/src/portaudio/package.json b/contrib/src/portaudio/package.json index 3720bac1a7..a4e5a468f9 100644 --- a/contrib/src/portaudio/package.json +++ b/contrib/src/portaudio/package.json @@ -1,6 +1,7 @@ { "name": "portaudio", "version": "v190600_20161030", + "cpe": "cpe:2.3:a:*:portaudio:19.6.0:*:*:*:*:*:*:*", "url": "https://github.com/PortAudio/portaudio/archive/refs/tags/pa_stable___VERSION__.tar.gz", "use_cmake" : true, "defines": [ diff --git a/contrib/src/portaudio/rules.mak b/contrib/src/portaudio/rules.mak index a74232a240..859057c831 100644 --- a/contrib/src/portaudio/rules.mak +++ b/contrib/src/portaudio/rules.mak @@ -1,6 +1,7 @@ # PortAudio PORTAUDIO_VERSION := v19_20140130 +PKG_CPE += cpe:2.3:a:*:portaudio:19.5.0:*:*:*:*:*:*:* PORTAUDIO_URL := http://www.portaudio.com/archives/pa_stable_$(PORTAUDIO_VERSION).tgz ifdef HAVE_WIN32 diff --git a/contrib/src/pthreads/package.json b/contrib/src/pthreads/package.json index 98af313cb1..30ca34a24c 100644 --- a/contrib/src/pthreads/package.json +++ b/contrib/src/pthreads/package.json @@ -1,6 +1,7 @@ { "name": "pthreads", "version": "v-2-10-0-rc", + "cpe": "cpe:2.3:a:pthread-win32_project:pthreads-win32:2.10.0:rc:*:*:*:*:*:*", "url": " https://github.com/jwinarske/pthreads4w/archive/refs/tags/__VERSION__.tar.gz", "win_patches": [ "pthreads-windows.patch", diff --git a/contrib/src/restinio/package.json b/contrib/src/restinio/package.json index 5803ade276..9fae80c258 100644 --- a/contrib/src/restinio/package.json +++ b/contrib/src/restinio/package.json @@ -1,6 +1,7 @@ { "name": "restinio", "version": "bbaa034dbcc7555ce67df0f8a1475591a7441733", + "cpe": "cpe:2.3:a:*:restinio:0.7.2:*:*:*:*:*:*:*", "url": "https://github.com/aberaud/restinio/archive/__VERSION__.tar.gz", "deps": [ "fmt", diff --git a/contrib/src/restinio/rules.mak b/contrib/src/restinio/rules.mak index df659d00dc..4cbd13d22d 100644 --- a/contrib/src/restinio/rules.mak +++ b/contrib/src/restinio/rules.mak @@ -1,5 +1,6 @@ # RESTINIO RESTINIO_VERSION := 0.7.2 +PKG_CPE += cpe:2.3:a:*:restinio:$(RESTINIO_VERSION):*:*:*:*:*:*:* RESTINIO_URL := https://github.com/Stiffstream/restinio/releases/download/v.$(RESTINIO_VERSION)/restinio-$(RESTINIO_VERSION).tar.bz2 EXPECTED_LITE_URL := https://raw.githubusercontent.com/martinmoene/expected-lite/master/include/nonstd/expected.hpp diff --git a/contrib/src/speex/rules.mak b/contrib/src/speex/rules.mak index 6b3cbb3664..575892ac8c 100644 --- a/contrib/src/speex/rules.mak +++ b/contrib/src/speex/rules.mak @@ -1,6 +1,7 @@ # speex - -SPEEX_HASH := Speex-1.2.1 +SPEEX_VERSION := 1.2.1 +SPEEX_HASH := Speex-$(SPEEX_VERSION) +PKG_CPE += cpe:2.3:a:xiph:speex:$(SPEEX_VERSION):*:*:*:*:*:*:* SPEEX_GITURL := https://gitlab.xiph.org/xiph/speex/-/archive/$(SPEEX_HASH)/speex-$(SPEEX_HASH).tar.gz PKGS += speex diff --git a/contrib/src/speexdsp/package.json b/contrib/src/speexdsp/package.json index 95d427120b..aa5e3a5b5b 100644 --- a/contrib/src/speexdsp/package.json +++ b/contrib/src/speexdsp/package.json @@ -1,6 +1,7 @@ { "name": "speexdsp", "version": "SpeexDSP-1.2.0", + "cpe": "cpe:2.3:a:xiph:speex:1.2.0:*:*:*:*:*:*:*", "url": "https://github.com/xiph/speexdsp/archive/__VERSION__.tar.gz", "deps": [], "patches": ["speexdsp_vs_proj.patch"], diff --git a/contrib/src/speexdsp/rules.mak b/contrib/src/speexdsp/rules.mak index 3eef299192..e726b0d000 100644 --- a/contrib/src/speexdsp/rules.mak +++ b/contrib/src/speexdsp/rules.mak @@ -1,6 +1,8 @@ # speexdsp -SPEEXDSP_HASH := SpeexDSP-1.2.0 +SPEEXDSP_VERSION := 1.2.0 +SPEEXDSP_HASH := SpeexDSP-$(SPEEXDSP_VERSION) +PKG_CPE += cpe:2.3:a:xiph:speex:$(SPEEXDSP_VERSION):*:*:*:*:*:*:* SPEEXDSP_GITURL := https://gitlab.xiph.org/xiph/speexdsp/-/archive/$(SPEEXDSP_HASH)/speexdsp-$(SPEEXDSP_HASH).tar.gz PKGS += speexdsp diff --git a/contrib/src/upnp/package.json b/contrib/src/upnp/package.json index 44f931129e..e011c35451 100644 --- a/contrib/src/upnp/package.json +++ b/contrib/src/upnp/package.json @@ -1,6 +1,7 @@ { "name": "upnp", "version": "1.8.4", + "cpe": "cpe:2.3:a:pupnp_project:pupnp:1.8.4:*:*:*:*:*:*:*", "url": "https://github.com/mrjimenez/pupnp/archive/release-__VERSION__.tar.gz", "deps": ["pthreads"], "patches": [], diff --git a/contrib/src/upnp/rules.mak b/contrib/src/upnp/rules.mak index b6c9c9c250..0d7d035a6f 100644 --- a/contrib/src/upnp/rules.mak +++ b/contrib/src/upnp/rules.mak @@ -1,5 +1,6 @@ # UPNP UPNP_VERSION := 1.14.18 +PKG_CPE += cpe:2.3:a:pupnp_project:pupnp:$(UPNP_VERSION):*:*:*:*:*:*:* UPNP_URL := https://github.com/pupnp/pupnp/archive/release-$(UPNP_VERSION).tar.gz PKGS += upnp diff --git a/contrib/src/vpx/package.json b/contrib/src/vpx/package.json index 5322b819af..a65d166509 100644 --- a/contrib/src/vpx/package.json +++ b/contrib/src/vpx/package.json @@ -1,6 +1,7 @@ { "name": "vpx", "version": "f4d13145a2c3aea6fbf211dc493ea4e97be6a092", + "cpe": "cpe:2.3:a:webmproject:libvpx:1.14.1:*:*:*:*:*:*:*", "url": "https://github.com/ShiftMediaProject/libvpx/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/vpx/rules.mak b/contrib/src/vpx/rules.mak index 47988432b7..07664ccb1a 100644 --- a/contrib/src/vpx/rules.mak +++ b/contrib/src/vpx/rules.mak @@ -1,6 +1,7 @@ # libvpx - -VPX_HASH := v1.14.1 +VPX_VERSION := 1.14.1 +VPX_HASH := v$(VPX_VERSION) +PKG_CPE += cpe:2.3:a:webmproject:libvpx:$(VPX_VERSION):*:*:*:*:*:*:* VPX_URL := https://github.com/webmproject/libvpx/archive/$(VPX_HASH).tar.gz $(TARBALLS)/libvpx-$(VPX_HASH).tar.gz: diff --git a/contrib/src/yaml-cpp/package.json b/contrib/src/yaml-cpp/package.json index 45adbdbbdc..77c2ed689f 100644 --- a/contrib/src/yaml-cpp/package.json +++ b/contrib/src/yaml-cpp/package.json @@ -1,6 +1,7 @@ { "name": "yaml-cpp", "version": "24fa1b33805c9a91df0f32c46c28e314dd7ad96f", + "cpe": "cpe:2.3:a:*:yaml-cpp:0.8.0:*:*:*:*:*:*:*", "url": "https://github.com/jbeder/yaml-cpp/archive/__VERSION__.tar.gz", "use_cmake": true, "defines": [ diff --git a/contrib/src/yaml-cpp/rules.mak b/contrib/src/yaml-cpp/rules.mak index 0c43ab20c5..f5f01bafd4 100644 --- a/contrib/src/yaml-cpp/rules.mak +++ b/contrib/src/yaml-cpp/rules.mak @@ -1,5 +1,6 @@ # YAML YAML_CPP_VERSION := 0.8.0 +PKG_CPE += cpe:2.3:a:*:yaml-cpp:$(YAML_CPP_VERSION):*:*:*:*:*:*:* YAML_CPP_URL := https://github.com/jbeder/yaml-cpp/archive/$(YAML_CPP_VERSION).tar.gz PKGS += yaml-cpp diff --git a/contrib/src/zlib/package.json b/contrib/src/zlib/package.json index b72c18c403..c5a0cf6fe2 100644 --- a/contrib/src/zlib/package.json +++ b/contrib/src/zlib/package.json @@ -1,6 +1,7 @@ { "name": "zlib", "version": "8e4e3ead55cdd296130242d86b44b92fde3ea4d4", + "cpe": "cpe:2.3:a:zlib:zlib:1.2.8:*:*:*:*:*:*:*", "url": "https://github.com/ShiftMediaProject/zlib/archive/__VERSION__.tar.gz", "deps": [], "patches": [], diff --git a/contrib/src/zlib/rules.mak b/contrib/src/zlib/rules.mak index 6455db4301..7ffdc0cb58 100644 --- a/contrib/src/zlib/rules.mak +++ b/contrib/src/zlib/rules.mak @@ -1,5 +1,6 @@ # ZLIB ZLIB_VERSION := 1.2.8 +PKG_CPE += cpe:2.3:a:zlib:zlib:$(ZLIB_VERSION):*:*:*:*:*:*:* ZLIB_URL := https://github.com/madler/zlib/archive/v$(ZLIB_VERSION).tar.gz PKGS += zlib -- GitLab