Flawfinder has a project-specific rule to put all code in one file.
That can be a pain for development, but the rule makes *deploying*
flawfinder really easy in some settings. Worse comes to worse, just
copy the file somewhere and you can run it!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Modify "make install" to quote filenames
(in case a directory has a space in it), and
on Linux/Unix force the program's permissions to be executable.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Git patch format is slightly different from unified diff / svn diff.
The hunk format changes, and the function name is added after the last
@@. The regex has to be changed to ensure the hunk is recognized, so the
line numbers are correct.
As decribed in https://click.palletsprojects.com/en/7.x/setuptools/ shebangs only work in
unix and OSX (and in cygwin on windows). By using the entry_points mechanism
Python will handle all cross-platform issues making it useable for everybody.
Ignore LoadLibraryEx if its third parameter is
LOAD_LIBRARY_SEARCH_SYSTEM32, as this is safe.
This eliminates a false positive.
See:
https://github.com/david-a-wheeler/flawfinder/issues/26
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Python3 has provided the world with endless character encoding problems.
It assumes the world is perfect with perfectly encoded data,
and fails to provide useful ways to deal with messy real-world data.
We can't really solve that, but we can detect the problem and
provide some useful information to users on possible ways to
solve the problem. Much of this information was already in the
documentation, but many users aren't looking at the documentation.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
To help people out, note the potential character encoding issue
in the README (pointing to the documentation for more details)
and note the "cvt2utf" Python program.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Pull request #15 moved `check` and `test-is-correct`
to test/makefile making them inaccessible by the main
makefile. This commit recreates both targets again and
simply passesthrough the calls to the corresponding sub makefile.
Signed-off-by: Julien Hachenberger <julien.hachenberger@sit.fraunhofer.de>
Pull request #15 introduced a `make` call using `-C` (short for: `--directory`)
option which is not POSIX compliant. This commit will use the `cd` builtin
instead to maintain POSIX compliance.
Signed-off-by: Julien Hachenberger <julien.hachenberger@sit.fraunhofer.de>
In order to keep all test-related files within one folder,
this commit creates a new folder 'test/', moves the
test-related files into it and intrdocues a second makefile
within this folder dedicated to run the tests.
The original makefile still contains a 'test' target, but simply
delegates this task to the second makefile.
(fixesdavid-a-wheeler/flawfinder#11)
Signed-off-by: Julien Hachenberger <julien.hachenberger@sit.fraunhofer.de>
Python3 doesn't provide easy-to-use built-in libraries to deal
with common encoding issues (e.g., Windows-1252 encoded characters
in a UTF-8 stream), so when we see an encoding error,
provide better information on how to deal with it and
a pointer to the more detailed information in the documentation.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Provide better info on how to handle character encoding problems.
As more people use Python3 this is more likely to be a problem.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
These files are not used by any project file,
nor mentioned by the documentation, hence they seem
to be useless.
Signed-off-by: Julien Hachenberger <julien.hachenberger@sit.fraunhofer.de>
Update the version number *now* so that we won't
accidentally release two different versions with the same version number.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>