ci: base.lock: update layers to latest (all but meta-oe).#2186
Merged
Conversation
oe-core commit 5e97f3c1e2cf ("u-boot-tools: drop yaml in DT validation")
is incomplete: the wrong version of the patch was merged and it does
not fully cover u-boot-tools. As a result, u-boot-tools still depends
on libyaml during the build, causing failures when the dependency is
not present.
An upstream fix has been proposed:
https://lists.openembedded.org/g/openembedded-core/message/236619
Work around the issue in meta-qcom by explicitly adding a
libyaml-native dependency to u-boot-tools (and u-boot-tools-native),
which is safe and won't cause conflicts once oe-core is fixed. Bringing
the patch removing the dependency would cause the patch task to fail,
while the extra dependency won't really cause any harm.
As there is no override for class-native we can't have it applied with
:qcom.
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Just holding meta-oe as there is a known test regression with the updated pipewire. Relevant changes for bitbake: - 2b47c2fc4 toaster/fixtures: Drop kirkstone/whinlatter - 044fec2e1 fetch2/crate: replace instance method monkey-patching with URL dispatch - 02368bb89 fetch2/crate: move cmp_to_key import to module level - ffdc2a026 fetch2/crate: guard against empty version list - 0d757e8df fetch2/crate: skip yanked versions when reading cargo index - df3295f01 layerindexlib: restapi.py: fix unbound variable - 8ab71d0ce bitbake: fix issue with varflag exclusion - fdfb4925f doc/setversions.py: add --get-latest-branch argument - 102fa94a1 doc: bitbake-user-manual-metadata: explain inherit_defer example - 9339d93ad doc: bitbake-user-manual-metadata: remove invalid anonymous Python example - d89a2eded doc: bitbake-user-manual-metadata: remove incorrect claim - 0325a5bc4 doc/sphinx-static/theme_overrides.css: switch to a fixed width documentation - c6b34296a bitbake-user-manual: Fix bitbake-setup settings command - da4776d5a fetch/git: Improve temporary directory handling - c7ebe03c7 fetch/git: Fix leaking of temporary directory - 0460038e4 fetch2: reraise IOError during download Relevant changes for oe-core: - 3724b93538 sbom-cve-check-update-nvd-native: Update source revision - 30b1f91d2a sbom-cve-check-update-cvelist-native: Update source revision - f8bdcebd01 python3-sbom-cve-check: Update to version 1.3.1 - d74fb7dd7f ffmpeg: upgrade 8.0.1 -> 8.1.1 - 8999a94dd8 glibc: stable 2.43 branch updates - 3d8258a8d3 go: upgrade 1.26.2 -> 1.26.3 - 767cdcffb1 time: 1.9 -> 1.10 - 66e76b6846 features-check.bbclass: add reference to required TUNE_FEATURES - b0ce3150e4 shadow-native: Change upstream status of disable_syslog.patch - 7782a9bfc4 utils: Handle unexpanded variables in DISTRO_FEATURES - 1c644ecf81 initramfs-framework: overlayroot: Don't assume rootfs location - cd29626535 gstreamer1.0-plugins-bad: disble vulkan when x11/wayland not enabled - a912153bae go: ptest: fix GOROOT detection and improve cleanup/exit handling - f51d48c9eb kernel: Disable module deploy tarball by default - 7261144785 busybox: patch CVE-2024-58251 - 7f84f2e79b libsoup: patch CVE-2026-2708 - e8cef838eb xserver-xorg: set status for CVE-2026-34000 and CVE-2026-34002 - 20b7136a29 gdk-pixbuf: set status for 2.44.6 - 7a75c7c848 libxml2: set status for CVE-2026-6732 - c8cf896959 rpm-sequoia: set status for CVE-2026-2625 - 4f7d1a0885 python3-requests: update to 2.33.1 - 678c1c2077 oe-pkgdata-util: fix empty runtime-rprovides directory handling - 089e2571b1 perf: make libraries for install_headers configurable - 683e2531be efivar: Backport patch to fix -march issue for ppc64le - 43f0602ede glibc: Fix recipe bug that disabled stack protector - a359aed2a8 go: ptest: improvements and multiple fixes in golang ptest - c9df140bf5 u-boot-tools: drop the hardlink workaround in do_compile - a3f38d68bd libarchive: set status of CVE-2026-5745 - 36bdd32ebd inetutils: patch CVE-2026-32772 - 8bc37ca4fd libssh2: patch CVE-2026-7598 - 4cef4ef8d0 sudo: patch CVE-2026-35535 - 091df08450 tiff: patch CVE-2026-4775 - 0ffd5a71db weston: upgrade 15.0.0 -> 15.0.1 - 6900f1ed1d wayland: upgrade 1.24.0 -> 1.25.0 - cdd245ecb7 harfbuzz: upgrade 12.3.2 -> 14.2.0 - fb39870f27 harfbuzz: improve packaging - 5e97f3c1e2 u-boot-tools: drop yaml in DT validation - 97a940bfde wireless-regdb: upgrade 2026.02.04 -> 2026.03.18 - b5c84b07b8 devtool: Disable gpg signing when setting up source tree repos - dda7d55396 tzdata/tzcode-native: upgrade 2026a -> 2026b - a3f206406e python3-lxml: upgrade 6.0.4 -> 6.1.0 - 31725b7411 libpng: upgrade 1.6.56 -> 1.6.58 - 815030f397 libgcrypt: upgrade 1.12.1 -> 1.12.2 - ab127fa9d3 libarchive: set status for CVE-2026-4426 - 3b0714aa26 libcap: set status for CVE-2026-4878 - fef169063e libsdl2: set status for CVE-2026-35444 - 4c63dd2f8b libmicrohttpd: set status for CVE-2025-59777 and CVE-2025-62689 - 14d6ba9a0f libsoup: set status for CVE-2026-2369 - 18a930da22 wireless-regdb: use ${firmwaredir} instead of ${nonarch_base_libdir}/firmware - 43da9b93bd classes/kernel-module-split: return list of values in extract_modinfo - 1b3d1cb7b7 classes/kernel-module-split: skip .debug files early - 04d17bfd88 linux-firmware: split out MediaTek mt7996 firmare - 0dea54a5f2 linux-firmware: delink some tegra firmware to avoid pulling in full nvidia firmware - 1837c82447 wpa_supplicant: recommend the wireless regulatory database - c1085f93ef linux-firmware: use ${firmwaredir} instead of ${nonarch_base_libdir}/firmware - d683da53a4 bluez5: use ${firmwaredir} instead of ${nonarch_base_libdir}/firmware - 3e1a43b99c classes/kernel: use ${firmwaredir} instead of ${nonarch_base_libdir}/firmware - 2b75c7ba5e bitbake.conf: add firmwaredir - 22318654ad xz: upgrade 5.8.2 -> 5.8.3 - 3ceb5b2836 vulkan-samples: upgrade to latest revision - 929c0a7556 ttyrun: upgrade 2.41.0 -> 2.42.0 - 16abb46759 spirv-llvm-translator: upgrade 22.1.1 -> 22.1.2 - 6a703f070e shaderc: upgrade 2026.1 -> 2026.2 - 7837045238 ruby: upgrade 4.0.2 -> 4.0.3 - 7ae818a6c3 rsync: upgrade 3.4.1 -> 3.4.2 - 86018004b8 rpm-sequoia: upgrade 1.10.1 -> 1.10.2 - ccf58433eb rpm-sequoia-crypto-policy: upgrade to latest revision - cba85fc9b6 repo: upgrade 2.62 -> 2.63 - 75019aa9ac python3-wheel: upgrade 0.46.3 -> 0.47.0 - 717edb4ce2 python3-uv-build: upgrade 0.10.10 -> 0.11.8 - 1177b2285c python3-uritools: upgrade 6.0.1 -> 6.1.0 - 786079f993 python3-trove-classifiers: upgrade 2026.1.14.14 -> 2026.4.28.13 - 73c5339e45 python3-testtools: upgrade 2.9.0 -> 2.9.1 - b62cd05ac2 python3-pyopenssl: upgrade 26.0.0 -> 26.1.0 - 3913d9f84b python3-pygobject: upgrade 3.56.1 -> 3.56.2 - 3944e5c37b python3-pip: upgrade 26.0.1 -> 26.1 - 5e399b1392 python3-pdm: upgrade 2.26.7 -> 2.26.8 - 8de0d8c453 python3-pathspec: upgrade 1.0.4 -> 1.1.1 - db87272fc1 python3-numpy: upgrade 2.4.3 -> 2.4.4 - 439b05aa55 python3-mako: upgrade 1.3.10 -> 1.3.12 - 8edf587797 python3-jsonpointer: upgrade 3.0.0 -> 3.1.1 - f0048e3be1 python3-idna: upgrade 3.11 -> 3.13 - ff75e411a6 python3-hypothesis: upgrade 6.151.9 -> 6.152.4 - 002ede0d89 python3-click: upgrade 8.3.1 -> 8.3.3 - cde7975e3e python3-certifi: upgrade 2026.2.25 -> 2026.4.22 - 660e65e060 python3-build: upgrade 1.4.3 -> 1.5.0 - 71ba73ede2 python3-attrs: upgrade 25.4.0 -> 26.1.0 - 460d36bf95 puzzles: upgrade to latest revision - bc5f6df337 nghttp2: upgrade 1.68.1 -> 1.69.0 - a1fb1e0e81 mpg123: upgrade 1.33.4 -> 1.33.5 - 79a836590c meson: upgrade 1.11.0 -> 1.11.1 - 6a0bf7675a mesa, mesa-tools-native: Upgrade 26.0.5 -> 26.0.6 - bb950c199f makedumpfile: upgrade 1.7.8 -> 1.7.9 - 1fc25a668e libxpm: upgrade 3.5.18 -> 3.5.19 - d3b543318a libxmlb: upgrade 0.3.25 -> 0.3.26 - fd9928e49d libxml2: upgrade 2.15.2 -> 2.15.3 - 3db5da6442 libsolv: upgrade 0.7.36 -> 0.7.37 - d4816fc890 libmpc: upgrade 1.4.0 -> 1.4.1 - c15c8a76c4 libjpeg-turbo: upgrade 3.1.3 -> 3.1.4.1 - 6ce1c757b4 libgpg-error: upgrade 1.59 -> 1.60 - 8cee0d5b9b libdrm: upgrade 2.4.131 -> 2.4.133 - a3067556ba iproute2: upgrade 6.19.0 -> 7.0.0 - 56f164f2ff gtk4: upgrade 4.22.2 -> 4.22.4 - e52d132402 gn: upgrade to latest revision - 0a10bc96fc git: upgrade 2.53.0 -> 2.54.0 - 4764ef8425 gdk-pixbuf: upgrade 2.44.5 -> 2.44.6 - 6e6643c774 font-util: upgrade 1.4.1 -> 1.4.2 - bf90293cbd ethtool: upgrade 6.19 -> 7.0 - 0326b55e65 epiphany: upgrade 50.3 -> 50.4 - 1e61572f9a dhcpcd: upgrade 10.3.1 -> 10.3.2 - d84e1c42e6 coreutils: upgrade 9.10 -> 9.11 - dfa37e5d7f ccache: upgrade 4.13.3 -> 4.13.5 - 6dc77e7105 boost-build-native: upgrade 1.90.0 -> 1.91.0 - 48532d4e5a at-spi2-core: upgrade 2.60.0 -> 2.60.3 - 9ca41405e6 go: add ptest support - a8e0f8efe8 insane: simplify conditional operations with bb.utils.filter - f38320c964 meta: simplify conditional operations with bb.utils.filter - 927b505c98 apr-util: Add CVE_PRODUCT to support product name - bc3803e12d apr: Add CVE_PRODUCT to support product name - 0459398d31 sudo: set CVE_PRODUCT - 2bda7d285e valgrind: Upgrade 3.26.0 -> 3.27.0 - 8c3e8394c5 dhcpcd: remove obsolete explicit debug packaging - cdc9de40b4 libsoup: patch CVE-2026-5119 - 83d00b9b4f libsoup: set status for CVE-2026-2436 - 0803f0de10 cups: upgrade 2.4.16 -> 2.4.19 - 5c39687f62 coreutils: set CVE_PRODUCT - dbe335c6c1 kernel-devsrc: remove obsolete explicit debug packaging - 4612565dca gobject-introspection: remove obsolete explicit debug packaging - 9c7c51f917 python3-cryptography: remove obsolete explicit debug packaging - e5ff03b951 wpa-supplicant: remove obsolete explicit debug packaging - 7511a8624e p11-kit: packaging rewrite - 3a099fec9d p11-kit: explicitly disable tests and zsh-completions - f0891ed94c p11-kit: add PACKAGECONFIG for trust and systemd - 2f0c657077 p11-kit: remove obsolete compile error workaround - c53b0708f9 sstate: remove dead code and unify path operations - f266ad405d lib/packagedata.py: slight improvement to code readability - 7a90ba800f mirrors: remove inactive sources.openembedded.org URLs - 50e769a598 pseudo: Update 1.9.5 -> 1.9.6 - 9ed100e49a mirrors: switch Yocto Project mirrors to HTTPS - dd3cf15cf7 ffmpeg: set status for 4 CVEs - 39dc974822 u-boot: upgrade 2026.01 -> 2026.04 - 02e09e036e u-boot-tools: Add dependency on libyaml for dtschema validation - 781bc674c5 soc-family.inc: improve clarity at MACHINEOVERRIDES's prepend - 8ad8c52d7c oe-selftest: add test for useradd with only USERADD_DEPENDS - 36eac58184 meta-selftest: add usegroup-deponly recipe to test USERADD_DEPENDS only - 2f32e6a01c package.py: fix kernel module file pre-filter and document strip asymmetry - 31dd308b3f pulseaudio: split pactl into a dedicated client subpackage - 6d989b9d15 sanity: add check for own-mirrors/SOURCE_MIRROR_URL - a92dfe5698 scripts/cve-json-to-text.py: simplify getopt argument parsing - a7c0c0f18a perf: add PACKAGECONFIG for llvm - 90c8bc12b2 python3-vcs-versioning: add ptest - 5c39f8e098 maintainers.inc: add self for python3-uv-build - c1c920c0c8 python3-setuptools-scm: upgrade 9.2.2 -> 10.0.5 - 507bb5234c python3-vcs-versioning: add recipe - 012b14d1ef python3-urllib3: enable setuptools-scm 10.x - c3e597b449 libmpc: Upgrade to 1.4.0 - 14d96bc0b8 re2c: upgrade 4.4 -> 4.5.1 - f2080cd611 python3-lxml: upgrade 6.0.2 -> 6.0.4 - 0858041f3f python3-pdm: upgrade 2.26.6 -> 2.26.7 - 7c55eeb2fd python3-pdm-backend: upgrade 2.4.7 -> 2.4.8 - 412fe2bcdb dos2unix: upgrade 7.5.4 -> 7.5.5 - f2e360a3df gn: upgrade to latest revision - 922227e3ed bluez5: add patches to fix 8.56 cli issues - 40ca5d0855 cmake: upgrade 4.3.1 -> 4.3.2 - 1efb76b969 rust: fix codegen test failure on big-endian targets - 4ef89e6413 avahi: Fix CVE-2026-34933 - d93b9b3b2b python3-cryptography(-vectors): upgrade 46.0.5 -> 46.0.7 - 243b46465c libmicrohttpd: upgrade 1.0.2 -> 1.0.5 - d4452b3484 xserver-xorg: upgrade 21.1.21 -> 21.1.22 - 9ce1e12815 wayland-protocols: upgrade 1.47 -> 1.48 - adfb2c3bc5 vala: upgrade 0.56.18 -> 0.56.19 - 96035d04ff stress-ng: upgrade 0.20.01 -> 0.21.00 - 2f57397c00 sqlite3: upgrade 3.51.3 -> 3.53.0 - 5893fc64a2 resolvconf: upgrade 1.94 -> 1.95 - 9183914211 repo: upgrade 2.61.1 -> 2.62 - 9da69e62a3 python3-zipp: upgrade 3.23.0 -> 3.23.1 - d15abdc1c1 python3-testtools: upgrade 2.8.7 -> 2.9.0 - 7cba8b5af9 python3-setuptools-rust: upgrade 1.12.0 -> 1.12.1 - 96ca99898f python3-pytest: upgrade 9.0.2 -> 9.0.3 - 511634351b python3-pygments: upgrade 2.19.2 -> 2.20.0 - a82592f0a7 python3-pyasn1: upgrade 0.6.2 -> 0.6.3 - 9ec25d25d9 python3-poetry-core: upgrade 2.3.1 -> 2.3.2 - 0b34759489 python3-maturin: upgrade 1.12.4 -> 1.13.1 - c25d7d9168 python3-editables: upgrade 0.5 -> 0.6 - 4c0b20b559 python3-dtschema: upgrade 2025.12 -> 2026.4 - e4b1eb7ab4 python3-build: upgrade 1.4.0 -> 1.4.3 - 2d0d56144b pciutils: upgrade 3.14.0 -> 3.15.0 - 9841f9a29d pango: upgrade 1.57.0 -> 1.57.1 - 1833f7e28b meson: upgrade 1.10.2 -> 1.11.0 - a83e89c669 lzip: upgrade 1.25 -> 1.26 - 3efd7fd566 libcap: upgrade 2.77 -> 2.78 - 30d8d155ad libadwaita: upgrade 1.8.4 -> 1.9.0 - be9612dbde hwdata: upgrade 0.405 -> 0.406 - 4d325cb65a gtk4: upgrade 4.22.1 -> 4.22.2 - 015d6e1565 gtk+3: upgrade 3.24.51 -> 3.24.52 - a63907b11b gsettings-desktop-schemas: upgrade 50.0 -> 50.1 - fc38c33acc groff: upgrade 1.24.0 -> 1.24.1 - f036a633d7 ghostscript: upgrade 10.06.0 -> 10.07.0 - f6be5c1f86 fastfloat: upgrade 8.2.4 -> 8.2.5 - e6139bc3b2 epiphany: upgrade 49.7 -> 50.3 - 1bb03b0997 diffoscope: upgrade 314 -> 317 - 6b19f10275 dhcpcd: upgrade 10.3.0 -> 10.3.1 - 30f9f7aa9e ccache: upgrade 4.13.2 -> 4.13.3 - b828b68c3f adwaita-icon-theme: upgrade 49.0 -> 50.0 - 7e55c1cc19 acpica: upgrade 20251212 -> 20260408 - a7b846ba7d useradd: Switch from --root to --prefix option - 05e14c4768 classes/base: add explicit bzip2-native dependency for unpacking .bz2 - ec29dea406 expat: upgrade 2.7.5 -> 2.8.0 - d1089f9fce sed: upgrade 4.9 -> 4.10 - 8cdfceff66 ovmf: set status for 7 CVEs - a5cb71e7df cargo: set CVE_PRODUCT - ac18fd10e7 cargo: set status of CVE-2023-40030 - 139e4e6f17 git: set status of 5 CVEs - 19ffb4d9d7 python3-requests: set status for CVE-2024-47081 - 7cef5ee0b5 python3-requests: set status for CVE-2024-35195 - d0edbcf242 rsync: set status for CVE-2024-12084 - 24d38fe4da base-files: set status for CVE-2018-6557 - 1e41685978 bind: set status for CVE-2017-3139 - dc2aeaf5e1 cve-extra-exclusions: ignore CVE-2019-2708 - 526972e5fa gnutls: set status for CVE-2026-1584 - c5a3d5d58f harfbuzz: set status for CVE-2024-56732 - bfb379ea1a libva: set status for CVE-2023-39929 - 343048c84f p11-kit: set status for CVE-2026-2100 - 8d03ae7b6e python3-setuptools: set status for CVE-2024-6345 - 5e03d64e32 ruby: set status for CVE-2025-0306 - 2946e238d2 shadow: set CVE_PRODUCT Relevant changes for meta-arm: - 1843e9e2 arm-bsp: corstone1000: Enable FF-A-backed EFI runtime variables and selftests - da39013d arm/trusted-firmware-m: Enable regression test build - 4112fda5 arm-bsp/edk2-firmware: workaround apcica changes Relevant changes for meta-audioreach: - f440c5c audioreach-graphmgr: package alsa-lib plugin library files - 1f4603f audioreach-graphmgr: Add conditional alsa-lib dependency - 60d08f5 audioreach-conf: srcrev bump e4de9ba...a8c8cf1 - 84137af audioreach-conf: Include ALSAlib configuration files in package - 8d5330a ar-graphmgr: ship versioned and unversioned .so libraries at runtime - 2e9536d CI: add base.lock.yml to pin upstream layer revisions - 2c6fc36 Enable compilation for kaanapali-mtp and sm8750-mtp targets - d63a940 audioreach-pal: switch recipes to master branch - d3cc44e audioreach-conf: srcrev bump cb9e696...e4de9ba - affb62d audioreach-graphservices: srcrev bump 9e83632...65320f2 - 3f89c7a audioreach-graphmgr: srcrev bump ee5a7d2...b5587a7 - b36ada2 ci: Make docker resource and build parallelism configurable Relevant changes for meta-selinux: - 1ba26da libselinux-python: remove all RECORD files - fe92cf8 selinux-python: remove all RECORD files Relevant changes for meta-virtualization: - 022f4356 docker-compose: fix PV - 3260eee0 conf: add kvm-host.conf configuration fragment - 88a1c197 xen: fix buildpaths QA errors for hypervisor EFI and debug packages - fb1d9123 libvirt: fix python3 compatibility in hook_support.py - f7eb4abb image-oci: don't preserve ownership in directories/files/host layer copies - 7ab69799 podlet: add podlet utility - 18c7f713 vcontainer: add BBMASK for parse savings and suppress layer warnings - cbe00443 container-registry: add multi-arch OCI push support and tests - af92db59 vcontainer-common: support nested OCI layout and fix vimport shell errors - 3d431848 oci-multiarch: fix MC defaults, deploy dependency, and OCI layout - 84e81eea vcontainer: add OCI builder distro with shared base Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
ricardosalveti
requested review from
anujm1,
koenkooi,
lumag,
mwasilew,
ndechesne,
quaresmajose,
sbanerjeeqc and
vkraleti
as code owners
anujm1
approved these changes
May 14, 2026
Test Results 99 files ±0 528 suites ±0 5h 5m 45s ⏱️ - 6m 1s Results for commit 7c101b3. ± Comparison against base commit bbac4fd. This pull request removes 3 tests.♻️ This comment has been updated with latest results. |
quaresmajose
approved these changes
May 14, 2026
lumag
approved these changes
May 14, 2026
ffrancis123
added a commit
to ffrancis123/meta-audioreach
that referenced
this pull request
May 25, 2026
Update revisions in ci/base.lock.yml for oe-core, bitbake, meta-arm, meta-virtualization, and meta-selinux. Bump meta-updater, and meta-security to their latest commits while keeping meta-openembedded unchanged. Add meta-dpdk with a pinned commit to ensure reproducible builds and consistent dependency resolution. [1] qualcomm-linux/meta-qcom#2186 Signed-off-by: ffrancis <ffrancis@qti.qualcomm.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Just holding meta-oe as there is a known test regression with the updated pipewire, as discussed at #2127.