[3.13] gh-131261: generate_sbom.py: Exclude the refresh script from SBOM (GH-131359) (GH-144625)

- generate_sbom.py: Exclude the refresh script from SBOM - Modules/expat/refresh.sh: Expand the list of manual steps (cherry picked from commit 51d309988b)
2026-04-14 07:41:00 +00:00 · 2026-02-10 10:49:00 +01:00 · 2026-02-10 10:49:00 +01:00 · bad4bc4603
commit bad4bc4603
parent de105e78c7
3 changed files with 9 additions and 21 deletions
--- a/Misc/sbom.spdx.json
+++ b/Misc/sbom.spdx.json
@ -127,20 +127,6 @@
      ],
      "fileName": "Modules/expat/nametab.h"
    },
-    {
-      "SPDXID": "SPDXRef-FILE-Modules-expat-refresh.sh",
-      "checksums": [
-        {
-          "algorithm": "SHA1",
-          "checksumValue": "32a10fbb8027cea3134674912b896abca516b085"
-        },
-        {
-          "algorithm": "SHA256",
-          "checksumValue": "51d08c697d1e409f5ce0749c1a136a0e1618d3069cf544d86005f966f43a8f97"
-        }
-      ],
-      "fileName": "Modules/expat/refresh.sh"
-    },
    {
      "SPDXID": "SPDXRef-FILE-Modules-expat-siphash.h",
      "checksums": [
@ -1714,11 +1700,6 @@
      "relationshipType": "CONTAINS",
      "spdxElementId": "SPDXRef-PACKAGE-expat"
    },
-    {
-      "relatedSpdxElement": "SPDXRef-FILE-Modules-expat-refresh.sh",
-      "relationshipType": "CONTAINS",
-      "spdxElementId": "SPDXRef-PACKAGE-expat"
-    },
    {
      "relatedSpdxElement": "SPDXRef-FILE-Modules-expat-siphash.h",
      "relationshipType": "CONTAINS",
--- a/Modules/expat/refresh.sh
+++ b/Modules/expat/refresh.sh
@ -54,4 +54,11 @@ rm libexpat.tar.gz
 # Step 3: Add the namespacing include to expat_external.h
 sed -i 's/#  define Expat_External_INCLUDED 1/&\n\/* Namespace external symbols to allow multiple libexpat version to\n   co-exist. \*\/\n#include "pyexpatns.h"/' expat_external.h

-echo "Updated; verify all is okay using git diff and git status."
+echo "
+Updated! next steps:
+- Verify all is okay:
+    git diff
+    git status
+- Regenerate the sbom file
+    make regen-sbom
+"
--- a/Tools/build/generate_sbom.py
+++ b/Tools/build/generate_sbom.py
@ -64,7 +64,7 @@ class PackageFiles(typing.NamedTuple):
        exclude=[
            "Modules/expat/expat_config.h",
            "Modules/expat/pyexpatns.h",
-            "Modules/_hacl/refresh.sh",
+            "Modules/expat/refresh.sh",
        ]
    ),
    "macholib": PackageFiles(