walkero
/
flawfinder
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity
331 Commits 2 Branches 24 Tags 724 KiB
Commit Graph

331 Commits

Author SHA1 Message Date
George Sokianos 248c4449fb Added amiga makefile for creating the releases 2022-07-25 14:43:59 +01:00
George Sokianos 0387fab1c7 Added release files 2022-07-25 14:41:56 +01:00
George Sokianos e95918cd7f Changed code to be compatible with python 2.5 2022-07-25 13:33:00 +01:00
George Sokianos 0a60fbb847 Added simplejson 2022-07-25 13:06:59 +01:00
David A. Wheeler 614801f704 Merge branch 'master' of https://github.com/david-a-wheeler/flawfinder 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2022-01-30 18:05:51 -05:00
Greg Myers 6168884f4a
Fix typos in markdown docs (#64) 
README.md: meesages -> messages
CONTRIBUTING.md invokable -> invocable
 2022-01-30 18:04:53 -05:00
Loge12 c099c27d63
Add a closing tag (</li>) (#62) 
* add a closing tag

* delete doubled if statements
 2021-12-13 14:57:29 -05:00
David A. Wheeler c57197cd60 Version 2.0.19 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-08-29 16:26:59 -04:00
David A. Wheeler 8d879c09a7 README.md: Clarify version number note 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-08-29 16:24:24 -04:00
Yong Yan 0810f732d2
Update readme (#55) 2021-08-29 15:14:20 -04:00
pbderr d9ddc06b7e
print warning messages to stderr (#58) 
Co-authored-by: Peter Derr <peter.derr@mass.gov>
 2021-08-20 14:37:08 -04:00
David A. Wheeler 8e4a779ad5 Rename GitHub Action Flawfinder -> flawfinder_scan 
The GitHub Action "flawfinder appears to already be in use,
so I couldn't use it.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-07-17 16:45:24 -04:00
David A. Wheeler e0d8827c3b README.md: Tweak GitHub actions description 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-29 19:28:09 -04:00
David A. Wheeler b7e8ebe3df
entrypoint.sh: Make minor improvements (#54) 
* entrypoint.sh: Make minor improvements

Modify entrypoint.sh, used by the Dockerfile.

The original version *ALWAYS* echoed a success,
even if the command did NOT succeed for some reason.
Instead of printing the spurious message, just show the output and
let the exit value get communicated back to the caller.
This is especially important for CI/CD, since we want the CI/CD
system to get the exit value (e.g., so it can report failure if there
was a failure).

This version also displays the results to standard out, so it's
easier to immediately see the output from a CI/CD run.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-29 18:51:44 -04:00
David A. Wheeler 18b559b69d entrypoint.sh: Don't require output filename to be escaped 
Note that the input filenames still have to be escaped
(to support the use of "-" options on the command line).

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-27 16:32:16 -04:00
David A. Wheeler 8951154ac9 Merge branch 'master' of https://github.com/david-a-wheeler/flawfinder 2021-06-27 16:28:54 -04:00
David A. Wheeler 45c084d82d
Merge pull request #51 from yongyan-gh/users/yongyan-gh/addGHAction 
Add Github Action required files and test workflow
 2021-06-27 16:28:37 -04:00
David A. Wheeler 51c988dc47 Release version 2.0.18 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-24 20:24:57 -04:00
Yong Yan f5025a3c80 update readme 2021-06-24 15:01:02 -07:00
Yong Yan c4f58cca72 scan specific file so the workflow will not report any error 2021-06-24 12:02:17 -07:00
Yong Yan fc471e1c63 update actions files and readme. 2021-06-24 11:56:59 -07:00
David A. Wheeler 9744995fc3
Merge pull request #52 from yongyan-gh/users/yongyan-gh/fixSarifOutput 
Fix Sarif output relationship target id format.
 2021-06-23 21:05:29 -04:00
Yong Yan 62b9b509a0 Fix Sarif output relationship target id format. 2021-06-23 16:19:00 -07:00
Yong Yan c53794a24b specify upload sarif file path 2021-06-23 12:33:34 -07:00
Yong Yan 70014135c9 Update workflow 2021-06-23 12:23:34 -07:00
Yong Yan ce83692cd3 Grant shell script exeuction permission 2021-06-22 19:17:59 -07:00
Yong Yan ad8c4aadf3 Add Github Action required files and test workflow. 2021-06-22 19:17:03 -07:00
David A. Wheeler 53ad19bb3b Update ChangeLog 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-03 11:12:46 -04:00
David A. Wheeler 87a40270b1 Update flawfinder.1 date 
Update date in flawfinder.1; that also updates generated
file flawfinder.pdf.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-03 11:11:21 -04:00
David A. Wheeler 84dedfc324 New version 2.0.17 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-03 11:00:30 -04:00
David A. Wheeler 61f815376f Code style improvement: use "VAR in (...)" 
Switch to "VAR in (...)" style in the code.
This is shorter and slightly simpler (it's clear only a single
variable value is being considered).
This eliminates many pylint warnings and
produces a minor improvement in the pylint score.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-03 10:25:38 -04:00
David A. Wheeler daf0bb0992 makefile: fix "distribute" target to keep flawfinder.py 
Fix the source package.
We recently renamed "flawfinder" to "flawfinder.py" in the
source tree, but the "distribute" target then removes because
previously "flawfinder.py" wasn't the "real thing".

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-06-03 10:10:08 -04:00
David A. Wheeler 396074ca62 Update test correct results (new version number) 
Update test correct answers because we have a new version
number by repeatedly running:

    make check; make test-is-correct

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-31 15:32:59 -04:00
David A. Wheeler 835a3ba63e Change version 2.0.15->2.0.16 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-31 15:31:37 -04:00
David A. Wheeler 9a1955fe95 ChangeLog: Improve and note new version number 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-31 15:29:58 -04:00
David A. Wheeler 2b8c890467 flawfinder.1: minor reformatting 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 19:05:39 -04:00
David A. Wheeler 428fbf6b02 Make --error-level more obvious in the man page 
The --error-level option is useful in continuous integration (CI)
pipelines. Make it even more obvious in the documentation.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 19:03:37 -04:00
David A. Wheeler 113483d06b flawfinder.1: Minor man page cleanup 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 18:56:28 -04:00
David A. Wheeler 0684f61cf4 Ensure SARIF includes flawfinder's current version 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 18:48:19 -04:00
David A. Wheeler bcb5e652ef Document SARIF defails in man page 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 18:46:50 -04:00
David A. Wheeler c99529852a ChangeLog: Note major changes (with credits!!) 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 15:15:06 -04:00
David A. Wheeler 3bc5f16c4c Merge branch 'sarifOutput' 
My SINCERE THANKS to yongyan-gh for the hard work to integrate
SARIF output functionality into flawfinder!!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 14:41:39 -04:00
David A. Wheeler 772c6f6448 flawfinder.py should be executable 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 14:41:14 -04:00
David A. Wheeler fd50391439 Move sariflogger.py into flawfinder.py 
Flawfinder has a project-specific rule to put all code in one file.
That can be a pain for development, but the rule makes *deploying*
flawfinder really easy in some settings. Worse comes to worse, just
copy the file somewhere and you can run it!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-05-30 14:39:44 -04:00
David A. Wheeler 1a225623ca
Merge pull request #44 from myersg86/master 
Track curly brace level in extract_c_parameters
 2021-05-19 10:17:15 -04:00
Greg Myers 7defaf1fe5
Track curly brace level in extract_c_parameters 
https://github.com/david-a-wheeler/flawfinder/issues/25
https://gitlab.com/gitlab-org/gitlab/-/issues/327032
 2021-04-30 13:27:58 -06:00
Yong Yan f9819b48a5 export sarif report 
Fix functions/variables naming

update function name
 2021-04-28 16:50:58 -07:00
David A. Wheeler 1ff740623b Fix makefile install/uninstall 
Modify "make install" to quote filenames
(in case a directory has a space in it), and
on Linux/Unix force the program's permissions to be executable.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2021-04-20 20:10:16 -04:00
David A. Wheeler 14bcaeec36
Merge pull request #40 from IntidSammers/master 
Make Git patch works
 2021-04-07 10:51:56 -04:00
Robin Geffroy 21307f6642 Make Git patch works 
Git patch format is slightly different from unified diff / svn diff.
The hunk format changes, and the function name is added after the last
@@. The regex has to be changed to ensure the hunk is recognized, so the
line numbers are correct.
 2021-04-07 14:25:15 +02:00