flawfinder.1: Minor man page cleanup
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
parent
0684f61cf4
commit
113483d06b
12
flawfinder.1
12
flawfinder.1
|
@ -302,7 +302,7 @@ more information.
|
||||||
.PP
|
.PP
|
||||||
Flawfinder includes many other options, including ones to
|
Flawfinder includes many other options, including ones to
|
||||||
create HTML versions of the output (useful for prettier displays) and
|
create HTML versions of the output (useful for prettier displays) and
|
||||||
Static Analysis Results Interchange Format (SARIF) output.
|
OASIS Static Analysis Results Interchange Format (SARIF) output.
|
||||||
The next section describes those options in more detail.
|
The next section describes those options in more detail.
|
||||||
|
|
||||||
.SH OPTIONS
|
.SH OPTIONS
|
||||||
|
@ -549,7 +549,7 @@ SARIF output identifies the tool name as "Flawfinder".
|
||||||
The flawfinder levels 0 through 5 are mapped to SARIF rank (by dividing by 5),
|
The flawfinder levels 0 through 5 are mapped to SARIF rank (by dividing by 5),
|
||||||
SARIF level, and the default viewer action as follows:
|
SARIF level, and the default viewer action as follows:
|
||||||
|
|
||||||
Flawfinder 0: SARIF rank 0.0, SARIF level notei, Does not display by default
|
Flawfinder 0: SARIF rank 0.0, SARIF level note, Does not display by default
|
||||||
|
|
||||||
Flawfinder 1: SARIF rank 0.2, SARIF level note,Does not display by default
|
Flawfinder 1: SARIF rank 0.2, SARIF level note,Does not display by default
|
||||||
|
|
||||||
|
@ -559,7 +559,7 @@ Flawfinder 3: SARIF rank 0.6, SARIF level warning, Displays by default, does not
|
||||||
|
|
||||||
Flawfinder 4: SARIF rank 0.8, SARIF level error,Displays by default, breaks build/ other processes
|
Flawfinder 4: SARIF rank 0.8, SARIF level error,Displays by default, breaks build/ other processes
|
||||||
|
|
||||||
Flawfinder 5: SARIF rank 1.0, SAIRF level error, Displays by default, breaks build/ other processes
|
Flawfinder 5: SARIF rank 1.0, SARIF level error, Displays by default, breaks build/ other processes
|
||||||
|
|
||||||
A big thanks to Yong Yan implementing SARIF output generation for flawfinder!
|
A big thanks to Yong Yan implementing SARIF output generation for flawfinder!
|
||||||
For more about the SARIF format, see:
|
For more about the SARIF format, see:
|
||||||
|
@ -1254,9 +1254,9 @@ This is not a bug, this is intended behavior.
|
||||||
Flawfinder will report hits even if they are between
|
Flawfinder will report hits even if they are between
|
||||||
a literal "#if 0" and "#endif".
|
a literal "#if 0" and "#endif".
|
||||||
It would be possible to change this particular situation, but directly
|
It would be possible to change this particular situation, but directly
|
||||||
using "#if 0" to comment-out code (other than during debugging) is itself
|
using "#if 0" to comment-out code (other than during debugging) indicates
|
||||||
that the removal is very temporary (in which case we should report it) or
|
(1) the removal is very temporary (in which case we should still report it) or
|
||||||
an indicator of a problem with poor code practices.
|
(2) very poor code practices.
|
||||||
If you want to permanently get rid of code, then
|
If you want to permanently get rid of code, then
|
||||||
delete it instead of using "#if 0", since you can always see what it was
|
delete it instead of using "#if 0", since you can always see what it was
|
||||||
using your version control software.
|
using your version control software.
|
||||||
|
|
Loading…
Reference in New Issue