Yocto license manifests
Last updated
Was this helpful?
Last updated
Was this helpful?
Meterian can ingest license manifest files ("license.manifest"). The Yocto Project generates a during image creation. Meterian can ingest those files, then create and maintain a project inside its purview. This allows to produce the usual reports in every format (HTML, PDF, SBOMs), validate the project against vulnerabilities, and also to be informed in regards to new vulnerabilities that may be affecting the components in your project.
The only requirement, assuming your license has the feature enabled, is to add to the client invocation the parameter --scan-yocto
when running it. The system will recursively scan the folder, collect and process all the license manifest files, and produce the usual reporting.
A sample execution follows: