Skip to content

Package rust-coreutils does not provide license mapping information

Affected images versions

all

Background

After improving the footprint of the rust-coreutils binary in pkg/rust-coreutils!27 (merged) the debug information is dropped during linking, causing the stage when dwarf2sources tries to extract mapping information to return no data.

As consequence, the SBOM at https://images.apertis.org/daily/v2024dev3/20230825.0016/amd64/fixedfunction/apertis_v2024dev3-fixedfunction-amd64-uefi_20230825.0016.img.licenses.gz does not provide accurate infornation.

Reproducibility

How often the issue is hit when repeating the test and changing nothing (same device, same image, etc.)?

Put the in the most appropriate entry:

  1. always
  2. often, but not always
  3. rarely

Impact of bug

SBOM does not provide accurate information

Root cause

pkg/rust-coreutils!27 (merged)

Outcomes

Management data

This section is for management only, it should be the last one in the description.

/cc @andrunko @em @sagar @sudarshan @wlozano

Phabricator link: https://phabricator.apertis.org/T10003

Edited by Dylan Aïssi