[oe-commits] [openembedded-core] 10/18: cve-update-db-native: don't refresh more than once an hour
git at git.openembedded.org
git at git.openembedded.org
Mon Dec 16 23:11:39 UTC 2019
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch thud
in repository openembedded-core.
commit 091a35cfbd2f3e82a7783ba9c8fd5586433ba59f
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Sun Dec 8 20:35:51 2019 +0200
cve-update-db-native: don't refresh more than once an hour
We already fetch the yearly CVE metadata and check that for updates before
downloading the full data, but we can speed up CVE checking further by only
checking the CVE metadata once an hour.
(From OE-Core rev: 50d898fd360c58fe85460517d965f62b7654771a)
Signed-off-by: Ross Burton <ross.burton at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-core/meta/cve-update-db-native.bb | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 2c427a5..19875a4 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -31,8 +31,16 @@ python do_populate_cve_db() {
db_dir = os.path.join(d.getVar("DL_DIR"), 'CVE_CHECK')
db_file = os.path.join(db_dir, 'nvdcve_1.0.db')
json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')
- proxy = d.getVar("https_proxy")
+ # Don't refresh the database more than once an hour
+ try:
+ import time
+ if time.time() - os.path.getmtime(db_file) < (60*60):
+ return
+ except OSError:
+ pass
+
+ proxy = d.getVar("https_proxy")
if proxy:
# instantiate an opener but do not install it as the global
# opener unless if we're really sure it's applicable for all
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list