flawfinder.1: Minor man page cleanup

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
David A. Wheeler 2021-05-30 18:56:28 -04:00
parent 0684f61cf4
commit 113483d06b
1 changed files with 6 additions and 6 deletions

View File

@ -302,7 +302,7 @@ more information.
.PP .PP
Flawfinder includes many other options, including ones to Flawfinder includes many other options, including ones to
create HTML versions of the output (useful for prettier displays) and create HTML versions of the output (useful for prettier displays) and
Static Analysis Results Interchange Format (SARIF) output. OASIS Static Analysis Results Interchange Format (SARIF) output.
The next section describes those options in more detail. The next section describes those options in more detail.
.SH OPTIONS .SH OPTIONS
@ -549,7 +549,7 @@ SARIF output identifies the tool name as "Flawfinder".
The flawfinder levels 0 through 5 are mapped to SARIF rank (by dividing by 5), The flawfinder levels 0 through 5 are mapped to SARIF rank (by dividing by 5),
SARIF level, and the default viewer action as follows: SARIF level, and the default viewer action as follows:
Flawfinder 0: SARIF rank 0.0, SARIF level notei, Does not display by default Flawfinder 0: SARIF rank 0.0, SARIF level note, Does not display by default
Flawfinder 1: SARIF rank 0.2, SARIF level note,Does not display by default Flawfinder 1: SARIF rank 0.2, SARIF level note,Does not display by default
@ -559,7 +559,7 @@ Flawfinder 3: SARIF rank 0.6, SARIF level warning, Displays by default, does not
Flawfinder 4: SARIF rank 0.8, SARIF level error,Displays by default, breaks build/ other processes Flawfinder 4: SARIF rank 0.8, SARIF level error,Displays by default, breaks build/ other processes
Flawfinder 5: SARIF rank 1.0, SAIRF level error, Displays by default, breaks build/ other processes Flawfinder 5: SARIF rank 1.0, SARIF level error, Displays by default, breaks build/ other processes
A big thanks to Yong Yan implementing SARIF output generation for flawfinder! A big thanks to Yong Yan implementing SARIF output generation for flawfinder!
For more about the SARIF format, see: For more about the SARIF format, see:
@ -1254,9 +1254,9 @@ This is not a bug, this is intended behavior.
Flawfinder will report hits even if they are between Flawfinder will report hits even if they are between
a literal "#if 0" and "#endif". a literal "#if 0" and "#endif".
It would be possible to change this particular situation, but directly It would be possible to change this particular situation, but directly
using "#if 0" to comment-out code (other than during debugging) is itself using "#if 0" to comment-out code (other than during debugging) indicates
that the removal is very temporary (in which case we should report it) or (1) the removal is very temporary (in which case we should still report it) or
an indicator of a problem with poor code practices. (2) very poor code practices.
If you want to permanently get rid of code, then If you want to permanently get rid of code, then
delete it instead of using "#if 0", since you can always see what it was delete it instead of using "#if 0", since you can always see what it was
using your version control software. using your version control software.