Hello Yocto Community,
I’ve been working on a tool called Yocto Lens, an open-source static analysis and style review utility for Yocto/OpenEmbedded metadata.
The goal is to help identify common metadata issues before they reach BitBake builds or CI pipelines.
Current capabilities include:
- AUTOREV detection
- Floating SRCREV detection
- Hardcoded credential detection
- Layer configuration validation
- Recipe style checks
- License metadata validation
- bbappend analysis
- Recipe health scoring
- Interactive terminal dashboard
- JSON and SARIF export
Example:
yocto-lens meta-custom
GitHub Repository:
https://github.com/prashantdivate/yocto-lens
Prebuilt binaries are available via GitHub Releases.
I would appreciate feedback from the community, especially regarding:
- false positives
- missing checks
- Yocto best practices
- CI integration ideas
Thanks,
Prashant Divate