diff options
| author | Alexandru Croitor <[email protected]> | 2025-05-28 18:44:52 +0200 |
|---|---|---|
| committer | Alexandru Croitor <[email protected]> | 2025-06-04 17:03:29 +0200 |
| commit | 92dceea85ef77c0dddef28917c543902e0f85478 (patch) | |
| tree | 9dcd644198112af61baaf2e6af0b5e1a31e788a6 | |
| parent | 893192a9f4b5ab2ab0a60522f4c7d0b3169f7b03 (diff) | |
CMake: Add PURL and CPE info to 3rd party attribution files
[ChangeLog][Third-Party Code] Added PURL and CPE information to the
attribution files of 3rd party sources.
Pick-to: 6.5 6.8 6.9 6.10
Fixes: QTBUG-137262
Task-number: QTBUG-129602
Change-Id: I1a5691ff042c47461fe4769399c3bd2d6ec52160
Reviewed-by: Joerg Bornemann <[email protected]>
| -rw-r--r-- | src/3rdparty/masm/qt_attribution.json | 1 | ||||
| -rw-r--r-- | src/3rdparty/yoga/qt_attribution.json | 4 | ||||
| -rw-r--r-- | src/quickcontrols/material/qt_attribution.json | 1 |
3 files changed, 6 insertions, 0 deletions
diff --git a/src/3rdparty/masm/qt_attribution.json b/src/3rdparty/masm/qt_attribution.json index 77b144d738..1c98ab8b26 100644 --- a/src/3rdparty/masm/qt_attribution.json +++ b/src/3rdparty/masm/qt_attribution.json @@ -5,6 +5,7 @@ "QtUsage": "Used in Qt QML.", "Homepage": "https://trac.webkit.org/wiki/JavaScriptCore", + "Comment": "no relevant PURL or CPE set, because the dependency is huge, and would show a lot of false positives, at this point it should be considered as part of Qt", "License": "BSD 2-clause \"Simplified\" License", "LicenseId": "BSD-2-Clause", "LicenseFile": "LICENSE", diff --git a/src/3rdparty/yoga/qt_attribution.json b/src/3rdparty/yoga/qt_attribution.json index dfac6b9475..a4997c97ed 100644 --- a/src/3rdparty/yoga/qt_attribution.json +++ b/src/3rdparty/yoga/qt_attribution.json @@ -7,6 +7,10 @@ "Version": "2.0.1", "DownloadLocation": "https://github.com/facebook/yoga/tree/v2.0.1", "Description": "Facebook's Yoga is an open-source layout engine written in C/C++ that implements a subset of CSS Flexbox. It's designed to be embedded into various frameworks and platforms, providing a fast and efficient way to manage user interface layouts across different environments.", + "PURL": [ + "pkg:github/facebook/yoga@v$<VERSION>" + ], + "Comment": "No relevant CPE found", "License": "MIT License", "LicenseId": "MIT", "LicenseFile": "LICENSE", diff --git a/src/quickcontrols/material/qt_attribution.json b/src/quickcontrols/material/qt_attribution.json index a68a6081c9..9e2b90e1ec 100644 --- a/src/quickcontrols/material/qt_attribution.json +++ b/src/quickcontrols/material/qt_attribution.json @@ -6,6 +6,7 @@ "Files": "impl/ElevationEffect.qml", "Description": "Shadow values for the elevation effect.", "Homepage": "https://angularjs.org/", + "Comment": "no relevant PURL or CPE set, because the dependency is a single file", "License": "MIT License", "LicenseId": "MIT", "LicenseFile": "LICENSE.ANGULARJS.txt", |