Overview Repositories Revisions Requests Users Attributes Meta

Revisions of flawfinder

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 915449 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 7) 
- Update to 2.0.19:
  * entrypoint.sh: Don't require output filename to be escaped
  * entrypoint.sh: Make minor improvements (#54)
  * print warning messages to stderr (#58)
  * changes to github actions
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 902285 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 6) 
- Update to 2.0.18:
  * Fix Sarif output relationship target id format.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 898180 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 5) 
- Update to 2.0.17:
  * Fix the distributed tarball, which didn't include the
    key source file due to the earlier file restructure.
  * Minor code style fix, which simplifies the code slightly.
  * Update date in manual page to 2021. That's important because
    the documentation now includes information on `--sarif`.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 896596 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 4) 
- Update to 2.0.16:
  * The distributed source file is now flawfinder.py, not flawfinder.
    This is part of a change that improves
    improve cross-platform ease-of-use by using entry_points.
    That said, "make install" will still
    install it as "flawfinder" (so those who install it via
    "make install" will see no change).
  * Added support for generating SARIF output, use --sarif.
  * Track curly brace level to reduce some problems, my thanks to
  * Improved handling of Git patch format
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 862538 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 3) 
- Update to 2.0.15:
  * Fixed some release problems in 2.0.14. (#30)
  * Improved handling of LoadLibraryEx; flawfinderr no longer complains
    about certain constructs that are known to be safe (eliminating
    some false positives).

- Update to 2.0.14:
  * If there are >0 hits, tell users how to ignore them as part of the
    tool output.
  * Various Windows improvments.
    Ignore LoadLibraryEx if its third parameter is
    LOAD_LIBRARY_SEARCH_SYSTEM32, as this is safe, and
    remove the rule for InitialCriticalSection
    (this is no longer a vulnerability on current widely-used versions
    of Windows)
  * Various C++ improvements.  Add .hpp support for C++,
    ignore "system::" to reduce false positives,
    treat ' as digit separator when file extension is a C++ file
    (for C++14).
  * I had some release problems; this is identified as 2.0.14
    (skipping a few minor numbers) to ensure that the version
    number uniquely identifies a specific release.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 775114 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 2) 
- Update to 2.0.11:
  * Provide a much more detailed error report, including recommended
    solutions, when character encoding problems hit.
    As Python3 has slowly gained in popularity, its failure to provide
    useful built-ins to handle real-world character encoding problems
    hurts more people. (E.g., many files don't comply with *any*
    character set encoding standard, and Python3 can't read them
    without enabling options that are wrong for others.)
    We can at least provide much more detailed feedback to help
    explain the various options available.
Displaying all 7 revisions
openSUSE Build Service is sponsored by
Places