The code was missing an escaped dollar sign.
Pick-to: 6.8 6.9
Task-number: QTBUG-122899
Change-Id: I51bff0a128546085e9418682b540d92eacfdbbe4
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Make sure to specify the creator organization when calling reuse to
generate the source SBOM.
This replaces
'Creator: Organization: Anonymous'
with
'Creator: Organization: TheQtCompany (https://qt.io)'
Pick-to: 6.8 6.9
Fixes: QTBUG-133796
Change-Id: I3532d9f35ca3eacd9c20bee7db88f35c76db9672
Reviewed-by: Lucie Gerard <lucie.gerard@qt.io>
Will be used by WebEngine configure checks to check if the
dependencies are met and show an according error message if not.
Pick-to: 6.8 6.9
Task-number: QTBUG-122899
Change-Id: I56d46fe5cf12051903d1aec893336be5ae8983a2
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
When converting a json SPDX document to a tag/value SPDX document, we
need to make sure that the python dependencies are looked up.
After they are looked up, either error out or silently return
depending on whether the operation is required or not.
By default when _qt_internal_sbom_generate_tag_value_spdx_document is
called it is required to succeed and thus requires the python
dependencies to be present. A caller can opt out using the OPTIONAL
argument.
Pick-to: 6.8 6.9
Task-number: QTBUG-122899
Change-Id: Iccb68f900f4892a816360843dd87f9e469104bf7
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
Improve wording when python or some dependency is missing, deduplicate
the strings and make sure to mention what is actually missing.
Pick-to: 6.8 6.9
Task-number: QTBUG-122899
Change-Id: I26af38f0330a5462c6001cae03c46284e742fbda
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
To ensure that when we find the interpreter, but not some python
dependency, we actually show the error about the dependency.
Pick-to: 6.8 6.9
Task-number: QTBUG-122899
Change-Id: Ib4f42e04f071f800d0f5bbe3700a1208e1017a19
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
The license check is only called if VERIFY_SOURCE_SBOM is set to ON
in the module_config.yaml. This way, a module can turn on the check
only when ready.
The license check is done via a perl script. Since no perl is
available for Windows on ARM64, VERIFY_SOURCE_SBOM is set to OFF
in this case.
Task-number: QTBUG-131434
Pick-to: 6.9
Change-Id: I183b7726928bbc925940330d39779a4ac2307254
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
The SBOM implementation got somewhat large. Split the code into
several new QtPublicSbomFooHelpers.cmake files, to make it more
manageable.
No code or behavior was changed.
Pick-to: 6.8 6.9
Task-number: QTBUG-122899
Change-Id: Ia0ca1792eec21d12c4bb4cabe63279e1f5c07e3d
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
