diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 69283b7..47ceeda 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -43,20 +43,32 @@ please try to not forget. ## Code Conventions -The Python code uses 2-space indents (instead of the usual 4-space -indents). Do not use tabs. It is currently Python 2.7; please don't -make it hard to convert to Python 3 when that eventually happens. - To make the program easy to install everywhere, the main executable is exactly one self-contained file. That involves some compromises, but for now, please keep it that way. -We aspire to eventually comply with -[PEP 8](https://www.python.org/dev/peps/pep-0008/) other than the -indentation size. In practice the code doesn't actually conform to that, -but patches to improve that are generally welcome. +We generally use the code conventions of +[PEP 8](https://www.python.org/dev/peps/pep-0008/). +The Python code uses 4-space indents (we used to use 2-space indents). +Do not use tabs. In some cases the code doesn't yet comply; +patches to improve that are often welcome. + +The code is currently Python 2, and is only tested on +the Python 2.7 series. Please don't make it hard to convert +to Python 3 when that eventually happens. + +WE use "pylint" to check for style and other problems. +This is configured by the included "pylintrc" file. +We intentionally disable some checks as being "less important", +for example, the current code has many lines longer than 80 characters. +That said, patches to make lines fit in 80 characters are welcome. + +We require that the pylint results for contributions be at least 9.5/10 as +configured with the provided "pylintrc" file, without any errors ("E"). +Better is better. You can run "make pylint" to run this check. +The current version *does* cause some pylint reports +(patches to fix those are welcome!). -We're starting to use "pylint" to check for style and other problems. An easy way to install pylint is to use pip. Most python installs have pip, but if yours does not (e.g., Cygwin), install pip with: diff --git a/README b/README index bfb4470..3c1618d 100644 --- a/README +++ b/README @@ -12,7 +12,7 @@ For more information, see: Flawfinder is designed for use on Unix/Linux/POSIX systems (including Cygwin, Linux-based systems, MacOS, and *BSDs) as a -command line tool. It requires Python 2 (version 2.5 or later). +command line tool. It requires Python 2 (version 2.7 or later). You can typically install flawfinder from its source code by doing this: tar xvzf FILENAME.tar.gz # Uncompress distribution file @@ -45,4 +45,3 @@ and other oddities that more sophisticated tools have trouble with. Flawfinder is released under the GNU GPL license version 2 or later (GPL-2.0+). See the COPYING file for license information. - diff --git a/flawfinder b/flawfinder index d26824a..c836cc3 100755 --- a/flawfinder +++ b/flawfinder @@ -35,22 +35,18 @@ # The Python developers did a *terrible* job when they transitioned # to Python version 3, as I have documented elsewhere. What's more, # many mechanisms that do exist do not come natively with Python 2, or -# require version 2.6 or later (yet older versions are still in use). -# For example, this requires Python version 2.6: -# from __future__ import print_function +# required version 2.6 or later even though older versions were still in use. # As a result, many Python programs (including this one) do not use Python 3. -# The solution used here is to gradually transition the Python code -# to Python 2 code that works across 2.2 through 2.7. A preference is +# The solution used here is to gradually transition the Python code but +# stay at Python 2. A preference is # given to code constructs that would ALSO work in version 3.X, but # only if they would *already* work in Python 2, and only if they don't # make the code too complicated. # The plan is to eventually switch this code so that it runs unchanged -# on both 2.X and 3.X, but that is hard to support if the version number -# is less than 2.6, so we won't do that at this time. Instead, we'll -# wait until versions lower than 2.6 are a distant memory, and then -# start in that direction. Hopefully by then the developers of Python -# will begin to make it easy to transition to newer versions of Python. +# on both 2.X and 3.X. At this point, Python 2.7 has been around for +# many years, so we don't worry about supporting versions of Python older +# than Python 2.7. from __future__ import division import functools diff --git a/makefile b/makefile index 2a213bb..beaace0 100644 --- a/makefile +++ b/makefile @@ -187,9 +187,11 @@ cwe: cwe.c show-cwes: cwe ./cwe < flawfinder | sort -u -V +pylint: + pylint flawfinder -.PHONY: install clean test check profile test-is-correct rpm uninstall distribute my-install show-cwes - +.PHONY: install clean test check profile test-is-correct rpm \ + uninstall distribute my-install show-cwes pylint # When I switch to using "DistUtils", I may need to move the MANIFEST.in # file into a subdirectory (named flawfinder-versionnumber).