Skip to content

Meta Diff Tool

Frieder Schrempf requested to merge feature/meta-diff-tool into master

This is useful for getting an overview of all the changes in the layers referenced by repo.conf. It compares the current repo.conf file with an older version from the git history of the build repository.

The meta-diff script can either print a raw changelog listing all the commits in the style of git log --oneline or it can produce output in markdown format to be used as a changelog including web links for the individual commits.

The output is not usable as a customer-facing changelog as-is, but it can be used as a template for manually creating a proper changelog.

Example Output
user@dab5efdc1777:/yocto-ktn/build-ktn-imx$ meta-diff HEAD^^^^^

 * Changes for layer poky:
d695bd0d3d build-appliance-image: Update to dunfell head revision
08bd8cc114 poky.conf: bump version for 3.1.18 release
eb32f7f5e6 linux-yocto-rt/5.4: fixup -rt build breakage
88be415b10 linux-yocto/5.4: update to v5.4.205
24fc40faef curl: Fix CVE-2022-32206, CVE-2022-32207, and CVE-2022-32208
868ebed326 cve-extra-exclusions.inc: Use CVE_CHECK_WHITELIST
17c23e485e ref-manual: variables: remove sphinx directive from literal block
61ea9f7665 ref-manual: Add XZ_THREADS and XZ_MEMLIMIT
b38628041b documentation: update for 3.1.18 release
dee08141f2 classes/cve-check: Move get_patches_cves to library
61023f9e61 vim: upgrade to 9.0.0021
7350f515b3 openssl: security upgrade 1.1.1p to 1.1.1q
50aa474c84 bitbake: fetch/wget: Move files into place atomically
9c5b33ccba bitbake: fetch/git: Fix usehead for non-default names
eb12590623 qemu: add PACKAGECONFIG for capstone
35bcc28983 IMAGE_LOCALES_ARCHIVE: add option to prevent locale archive creation
48ea7812c7 dropbear: break dependency on base package for -dev package
010094a2ae openssh: break dependency on base package for -dev package
43980058ca oe-selftest-image: Ensure the image has sftp as well as dropbear
a985415ec2 packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
79ac8cf161 oeqa/runtime/scp: Disable scp test for dropbear
3860414240 efivar: change branch name to main
387d23c02e linux-yocto/5.4: update to v5.4.203
232fdbf0e5 linux-yocto/5.4: update to v5.4.199
60a98feb86 vim: 8.2.5083 -> 9.0.0005
6a3d60d873 openssl: Minor security upgrade 1.1.1o to 1.1.1p
1c38d0d3d6 cve-check: hook cleanup to the BuildCompleted event, not CookerExit
ca90350d13 cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
159a2de146 insane.bbclass: host-user-contaminated: Correct per package home path
684c5d4c12 wic: fix WicError message
8dfc7162e3 initramfs-framework: move storage mounts to actual rootfs
d2f8a57a30 lttng-modules: Backport Linux 5.18+, 5.15.44+, 5.10.119+ fixes
0a0e0663ab wireless-regdb: upgrade 2022.04.08 -> 2022.06.06
79b3e05767 oeqa/selftest/cve_check: add tests for Ignored and partial reports
b6f4778e37 grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow unprivileged user to read the file content
6e79d96c6d cve-check: add support for Ignored CVEs
31b4392e6e unzip: Port debian fixes for two CVEs
4bc2324a25 unzip: fix CVE-2021-4217
6013fc2606 golang: CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse when reading a very large header
3f2da49c2b golang: CVE-2022-24675 encoding/pem: fix stack overflow in Decode
02867c9039 manuals: switch to the sstate mirror shared between all versions
33a08f7b8f bitbake: knotty: reduce keep-alive timeout from 5000s (83 minutes) to 10 minutes
07eca06c71 bitbake: knotty: display active tasks when printing keepAlive() message
9f20f682ff bitbake: bin/bitbake-getvar: Add a new command to query a variable value (with history)
6d1f8412be bitbake: tinfoil/data_smart: Allow variable history emit() to function remotely
872caf23ad linux-firmware: upgrade 20220509 -> 20220610
b9bffd7650 linux-firmware: add support for building snapshots
0b84202a2b systemd: systemd-systemctl: Support instance conf files during enable
ae90fa778a dpkg: update to 1.19.8
fe6c34c48d golang: CVE-2021-44717 syscall: don't close fd 0 on ForkExec error
2ae3d43628 python-pip: CVE-2021-3572 Incorrect handling of unicode separators in git references
5582ab6aae archiver: don't use machine variables in shared recipes
d4c7b40039 gcc-source: Fix incorrect task dependencies from ${B}
a2805141e9 e2fsprogs: add alternatives handling of lsattr as well
7d9d97368b oescripts: change compare logic in OEListPackageconfigTests
69fb63b4fc archiver: use bb.note instead of echo
9638dc4826 rootfs.py: close kernel_abi_ver_file
f51a254415 license.bbclass: Bound beginline and endline in copy_license_files()
1487d68388 alsa-plugins: fix libavtp vs. avtp packageconfig
8a382d8655 kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
8d6f9680e4 vim: Upgrade 8.2.5034 -> 8.2.5083
23ed0037b6 openssh: Whitelist CVE-2021-36368
95cda9d091 cups: fix CVE-2022-26691

 * No changes for layer meta-qt5

 * No changes for layer meta-ktn

 * No changes for layer meta-ktn-imx

 * No changes for layer meta-arm

 * Changes for layer meta-freescale:
a3667f03 classes: fsl-kernel-localversion: fix usage with devtool
b4a26cce imx-boot: Use public key injected DTB when FIT signature is enabled

 * Changes for layer meta-openembedded:
52cee67833 ntfs-3g-ntfsprogs: upgrade to 2021.8.22
9f3d116fdd cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
b406297d3b xterm: CVE-2022-24130 Buffer overflow in set_sixel in graphics_sixel.c
a24773d39e openldap: CVE-2022-29155 OpenLDAP SQL injection
1d0b2d78c2 ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g"
d6795ab0ee php: move to version v7.4.28
512a3caee4 iperf: Set CVE_PRODUCT to "iperf_project:iperf"
245a1ab46b grpc: switch from master branch to main for upb
96e9636f7d leveldb: switch from master branch to main
d865d97f9b bridge-utils: Switch to use the main branch
2526b14d39 tesseract-lang: switch from master branch to main
986bb14aaf python3-matplotlib: add missing dependency
04212afa12 mariadb: update to 10.4.25

 * No changes for layer meta-python2

 * Changes for layer meta-swupdate:
ee77800 swupdate-common.bbclass: Handle empty IMAGE_LINK_NAME
Example Markdown Output

Changes for layer poky

  • [d695bd0d3d] build-appliance-image: Update to dunfell head revision
  • [08bd8cc114] poky.conf: bump version for 3.1.18 release
  • [eb32f7f5e6] linux-yocto-rt/5.4: fixup -rt build breakage
  • [88be415b10] linux-yocto/5.4: update to v5.4.205
  • [24fc40faef] curl: Fix CVE-2022-32206, CVE-2022-32207, and CVE-2022-32208
  • [868ebed326] cve-extra-exclusions.inc: Use CVE_CHECK_WHITELIST
  • [17c23e485e] ref-manual: variables: remove sphinx directive from literal block
  • [61ea9f7665] ref-manual: Add XZ_THREADS and XZ_MEMLIMIT
  • [b38628041b] documentation: update for 3.1.18 release
  • [dee08141f2] classes/cve-check: Move get_patches_cves to library
  • [61023f9e61] vim: upgrade to 9.0.0021
  • [7350f515b3] openssl: security upgrade 1.1.1p to 1.1.1q
  • [50aa474c84] bitbake: fetch/wget: Move files into place atomically
  • [9c5b33ccba] bitbake: fetch/git: Fix usehead for non-default names
  • [eb12590623] qemu: add PACKAGECONFIG for capstone
  • [35bcc28983] IMAGE_LOCALES_ARCHIVE: add option to prevent locale archive creation
  • [48ea7812c7] dropbear: break dependency on base package for -dev package
  • [010094a2ae] openssh: break dependency on base package for -dev package
  • [43980058ca] oe-selftest-image: Ensure the image has sftp as well as dropbear
  • [a985415ec2] packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
  • [79ac8cf161] oeqa/runtime/scp: Disable scp test for dropbear
  • [3860414240] efivar: change branch name to main
  • [387d23c02e] linux-yocto/5.4: update to v5.4.203
  • [232fdbf0e5] linux-yocto/5.4: update to v5.4.199
  • [60a98feb86] vim: 8.2.5083 -> 9.0.0005
  • [6a3d60d873] openssl: Minor security upgrade 1.1.1o to 1.1.1p
  • [1c38d0d3d6] cve-check: hook cleanup to the BuildCompleted event, not CookerExit
  • [ca90350d13] cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
  • [159a2de146] insane.bbclass: host-user-contaminated: Correct per package home path
  • [684c5d4c12] wic: fix WicError message
  • [8dfc7162e3] initramfs-framework: move storage mounts to actual rootfs
  • [d2f8a57a30] lttng-modules: Backport Linux 5.18+, 5.15.44+, 5.10.119+ fixes
  • [0a0e0663ab] wireless-regdb: upgrade 2022.04.08 -> 2022.06.06
  • [79b3e05767] oeqa/selftest/cve_check: add tests for Ignored and partial reports
  • [b6f4778e37] grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow unprivileged user to read the file content
  • [6e79d96c6d] cve-check: add support for Ignored CVEs
  • [31b4392e6e] unzip: Port debian fixes for two CVEs
  • [4bc2324a25] unzip: fix CVE-2021-4217
  • [6013fc2606] golang: CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse when reading a very large header
  • [3f2da49c2b] golang: CVE-2022-24675 encoding/pem: fix stack overflow in Decode
  • [02867c9039] manuals: switch to the sstate mirror shared between all versions
  • [33a08f7b8f] bitbake: knotty: reduce keep-alive timeout from 5000s (83 minutes) to 10 minutes
  • [07eca06c71] bitbake: knotty: display active tasks when printing keepAlive() message
  • [9f20f682ff] bitbake: bin/bitbake-getvar: Add a new command to query a variable value (with history)
  • [6d1f8412be] bitbake: tinfoil/data_smart: Allow variable history emit() to function remotely
  • [872caf23ad] linux-firmware: upgrade 20220509 -> 20220610
  • [b9bffd7650] linux-firmware: add support for building snapshots
  • [0b84202a2b] systemd: systemd-systemctl: Support instance conf files during enable
  • [ae90fa778a] dpkg: update to 1.19.8
  • [fe6c34c48d] golang: CVE-2021-44717 syscall: don't close fd 0 on ForkExec error
  • [2ae3d43628] python-pip: CVE-2021-3572 Incorrect handling of unicode separators in git references
  • [5582ab6aae] archiver: don't use machine variables in shared recipes
  • [d4c7b40039] gcc-source: Fix incorrect task dependencies from ${B}
  • [a2805141e9] e2fsprogs: add alternatives handling of lsattr as well
  • [7d9d97368b] oescripts: change compare logic in OEListPackageconfigTests
  • [69fb63b4fc] archiver: use bb.note instead of echo
  • [9638dc4826] rootfs.py: close kernel_abi_ver_file
  • [f51a254415] license.bbclass: Bound beginline and endline in copy_license_files()
  • [1487d68388] alsa-plugins: fix libavtp vs. avtp packageconfig
  • [8a382d8655] kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
  • [8d6f9680e4] vim: Upgrade 8.2.5034 -> 8.2.5083
  • [23ed0037b6] openssh: Whitelist CVE-2021-36368
  • [95cda9d091] cups: fix CVE-2022-26691

No changes for layer meta-qt5

No changes for layer meta-ktn

No changes for layer meta-ktn-imx

No changes for layer meta-arm

Changes for layer meta-freescale

  • [a3667f03] classes: fsl-kernel-localversion: fix usage with devtool
  • [b4a26cce] imx-boot: Use public key injected DTB when FIT signature is enabled

Changes for layer meta-openembedded

  • [52cee67833] ntfs-3g-ntfsprogs: upgrade to 2021.8.22
  • [9f3d116fdd] cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
  • [b406297d3b] xterm: CVE-2022-24130 Buffer overflow in set_sixel in graphics_sixel.c
  • [a24773d39e] openldap: CVE-2022-29155 OpenLDAP SQL injection
  • [1d0b2d78c2] ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g"
  • [d6795ab0ee] php: move to version v7.4.28
  • [512a3caee4] iperf: Set CVE_PRODUCT to "iperf_project:iperf"
  • [245a1ab46b] grpc: switch from master branch to main for upb
  • [96e9636f7d] leveldb: switch from master branch to main
  • [d865d97f9b] bridge-utils: Switch to use the main branch
  • [2526b14d39] tesseract-lang: switch from master branch to main
  • [986bb14aaf] python3-matplotlib: add missing dependency
  • [04212afa12] mariadb: update to 10.4.25

No changes for layer meta-python2

Changes for layer meta-swupdate

  • [ee77800] swupdate-common.bbclass: Handle empty IMAGE_LINK_NAME
Edited by Frieder Schrempf

Merge request reports