[roll] Roll fuchsia [check-licenses] Manually build SPDX package objects.
The golang spdx library provides a "builder" function for automatically
generating SPDX objects. For package objects, by default it traverses
your filesystem to enumerate all the files that are included in a given
package.
I don't need it to do that in check-licenses, and it seems the built-in
way of skipping this behavior doesn't work. As a result, sometimes in CQ
it attempts to read a bunch of hidden files, some of which are private /
with no read permissions / symbolic links etc etc, and cause the
traversal logic to error out. Flakes in CQ are bad.
For now let's just build the package objects manually all the time.
functionally it is the same thing.
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/780331
Original-Revision: a63f594d49d38a8b86b7612e03cf4dcff5ccdb97
GitOrigin-RevId: 67f2ede3884077039e368fadd0a214f9d958fd8c
Change-Id: Ia9f953bc341e3163e0d083bd3fe0e7f37e299d54
diff --git a/stem b/stem
index 93a9b74..ddd4016 100644
--- a/stem
+++ b/stem
@@ -11,7 +11,7 @@
githooks="integration/git-hooks"
remote="https://fuchsia.googlesource.com/fuchsia"
gerrithost="https://fuchsia-review.googlesource.com"
- revision="b405052e860352a987fd9cc612ba6c805f9f6131"/>
+ revision="a63f594d49d38a8b86b7612e03cf4dcff5ccdb97"/>
</projects>
<hooks>
<hook name="install-environment"
