c4f58cca72
scan specific file so the workflow will not report any error
2021-06-24 12:02:17 -07:00
fc471e1c63
update actions files and readme.
2021-06-24 11:56:59 -07:00
c53794a24b
specify upload sarif file path
2021-06-23 12:33:34 -07:00
70014135c9
Update workflow
2021-06-23 12:23:34 -07:00
ce83692cd3
Grant shell script exeuction permission
2021-06-22 19:17:59 -07:00
ad8c4aadf3
Add Github Action required files and test workflow.
2021-06-22 19:17:03 -07:00
53ad19bb3b
Update ChangeLog
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-06-03 11:12:46 -04:00
87a40270b1
Update flawfinder.1 date
...
Update date in flawfinder.1; that also updates generated
file flawfinder.pdf.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-06-03 11:11:21 -04:00
84dedfc324
New version 2.0.17
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-06-03 11:00:30 -04:00
61f815376f
Code style improvement: use "VAR in (...)"
...
Switch to "VAR in (...)" style in the code.
This is shorter and slightly simpler (it's clear only a single
variable value is being considered).
This eliminates many pylint warnings and
produces a minor improvement in the pylint score.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-06-03 10:25:38 -04:00
daf0bb0992
makefile: fix "distribute" target to keep flawfinder.py
...
Fix the source package.
We recently renamed "flawfinder" to "flawfinder.py" in the
source tree, but the "distribute" target then removes because
previously "flawfinder.py" wasn't the "real thing".
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-06-03 10:10:08 -04:00
396074ca62
Update test correct results (new version number)
...
Update test correct answers because we have a new version
number by repeatedly running:
make check; make test-is-correct
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-31 15:32:59 -04:00
835a3ba63e
Change version 2.0.15->2.0.16
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-31 15:31:37 -04:00
9a1955fe95
ChangeLog: Improve and note new version number
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-31 15:29:58 -04:00
2b8c890467
flawfinder.1: minor reformatting
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 19:05:39 -04:00
428fbf6b02
Make --error-level more obvious in the man page
...
The --error-level option is useful in continuous integration (CI)
pipelines. Make it even more obvious in the documentation.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 19:03:37 -04:00
113483d06b
flawfinder.1: Minor man page cleanup
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 18:56:28 -04:00
0684f61cf4
Ensure SARIF includes flawfinder's current version
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 18:48:19 -04:00
bcb5e652ef
Document SARIF defails in man page
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 18:46:50 -04:00
c99529852a
ChangeLog: Note major changes (with credits!!)
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 15:15:06 -04:00
3bc5f16c4c
Merge branch 'sarifOutput'
...
My SINCERE THANKS to yongyan-gh for the hard work to integrate
SARIF output functionality into flawfinder!!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 14:41:39 -04:00
772c6f6448
flawfinder.py should be executable
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 14:41:14 -04:00
fd50391439
Move sariflogger.py into flawfinder.py
...
Flawfinder has a project-specific rule to put all code in one file.
That can be a pain for development, but the rule makes *deploying*
flawfinder really easy in some settings. Worse comes to worse, just
copy the file somewhere and you can run it!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-05-30 14:39:44 -04:00
1a225623ca
Merge pull request #44 from myersg86/master
...
Track curly brace level in extract_c_parameters
2021-05-19 10:17:15 -04:00
7defaf1fe5
Track curly brace level in extract_c_parameters
...
https://github.com/david-a-wheeler/flawfinder/issues/25
https://gitlab.com/gitlab-org/gitlab/-/issues/327032
2021-04-30 13:27:58 -06:00
f9819b48a5
export sarif report
...
Fix functions/variables naming
update function name
2021-04-28 16:50:58 -07:00
1ff740623b
Fix makefile install/uninstall
...
Modify "make install" to quote filenames
(in case a directory has a space in it), and
on Linux/Unix force the program's permissions to be executable.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-04-20 20:10:16 -04:00
14bcaeec36
Merge pull request #40 from IntidSammers/master
...
Make Git patch works
2021-04-07 10:51:56 -04:00
21307f6642
Make Git patch works
...
Git patch format is slightly different from unified diff / svn diff.
The hunk format changes, and the function name is added after the last
@@. The regex has to be changed to ensure the hunk is recognized, so the
line numbers are correct.
2021-04-07 14:25:15 +02:00
8f3b3c33fa
Add .pc and .sc extensions
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-03-21 18:03:37 -04:00
9a181d4103
Merge pull request #37 from ben-edna/feature/cross-platform-setup
...
Feature/cross platform setup
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-03-21 17:44:11 -04:00
e0655e4faf
Use entry_points instead of scripts
...
As decribed in https://click.palletsprojects.com/en/7.x/setuptools/ shebangs only work in
unix and OSX (and in cygwin on windows). By using the entry_points mechanism
Python will handle all cross-platform issues making it useable for everybody.
2021-03-08 13:29:31 +01:00
6b4b796c48
Make proper python module (add .py extension)
2021-03-08 13:29:17 +01:00
09f34faaf2
Add main entry point
2021-03-08 13:21:33 +01:00
36d74e0505
Update tests for new .csv results
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-03-07 18:38:04 -05:00
88869d9dec
Add default rule level to csv
2021-02-26 16:10:48 -08:00
fd4dc902ad
Add Sarif rule id
2021-02-25 02:49:15 -08:00
c13f65df14
Merge pull request #31 from squaresurf/fix-msg
...
Fix encoding error message misspelling
2021-01-12 22:50:13 -05:00
29a28737e8
Fix encoding error message misspelling
2021-01-12 20:09:23 -07:00
6c8f2ce729
Update ChangeLog for 2.0.15
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-11 19:27:58 -05:00
04e444c84a
Update tests for new version#
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-11 19:21:15 -05:00
8f3111a3fd
Change version# to 2.0.15
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-11 19:20:19 -05:00
6fd354bd2d
Check for ps2pdf before using it
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-11 19:19:12 -05:00
29df9eb26e
Merge pull request #29 from sylveon/load-library-ex-enhancements
...
Enhance detection and diagnostics of LoadLibrary(Ex)
2021-01-11 19:15:20 -05:00
49fd4b2ec9
Move safe_search to globals and add LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR to the list of safe flags
2021-01-10 18:01:03 -05:00
bd3787e2bc
Update test files
2021-01-09 20:37:20 -05:00
917d03e4f9
Enhance detection and diagnostics of LoadLibrary(Ex)
2021-01-09 20:25:26 -05:00
0cba711317
Version 2.0.14
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-09 13:55:24 -05:00
3e0c3a4f53
Fix makefile problem and version numbers
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-09 13:49:12 -05:00
6ec2611fac
Update ChangeLog
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2021-01-09 13:35:30 -05:00
Yong Yan
David A. Wheeler
Greg Myers
Robin Geffroy
Ben Spoor
Daniel Paul Searles
Charles Milette