Commit Graph

238 Commits

Author SHA1 Message Date
David A. Wheeler d35fd2718a Update version number now
Update the version number *now* so that we won't
accidentally release two different versions with the same version number.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-05-19 22:55:14 -04:00
David A. Wheeler f5abbfc701 Document what changed in version 2.0.9.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-05-19 22:45:04 -04:00
David A. Wheeler 627fd605dc Note --diffhitlist fix in ChangeLog
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-05-17 19:51:50 -04:00
Labidurie Jerome 8f8353df07 Add unit test for --diffhitlist option
Signed-off-by: Labidurie Jerome <jerome.labidurie@orange.com>
2019-05-17 10:08:33 +02:00
Labidurie Jerome 280dc4a295 Fix Hitlist comparison by adding __eq__() & __ne__() to Hit class
Signed-off-by: Labidurie Jerome <jerome.labidurie@orange.com>
2019-05-17 10:00:41 +02:00
Jon Hood 1e2e6f590f
Merge pull request #6 from elfring/construct_string_literals_without_using_plus_operators
Syntax changes thanks to elfring that do affect bytecode size; Construct string literals without using plus operators
2019-02-26 10:27:04 -06:00
Markus Elfring 69084a95bb Construction of string literals without using plus operators
The programming language “Python” supports string literal concatenation
without the usage of additional plus operators as standard functionality.
https://docs.python.org/3/reference/lexical_analysis.html#string-literal-concatenation

Thus omit unnecessary operator specifications.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2019-02-26 13:09:04 +01:00
David A. Wheeler d42ecdba1d Fix indentation (pylint)
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-02-25 23:33:57 -05:00
David A. Wheeler 59a4d42a33 Update test values for version number
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-02-25 23:30:58 -05:00
David A. Wheeler 872ec190ac
Merge pull request #4 from elfring/use_augmented_assignments
Use augmented assignment statements
2019-02-25 23:26:21 -05:00
Markus Elfring 3b8ca7b34a Usage of augmented assignment statements
Source code like “var = var + X” was specified at some places so far.
Use augmented assignment statements instead because they are succinct
and can be more efficient.
https://docs.python.org/3/reference/simple_stmts.html#augmented-assignment-statements

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2019-02-25 21:55:06 +01:00
David A. Wheeler e4f4d4a34b Set version number for next release (2.0.9)
Change the version number *now*, before release, so that we won't
accidentally release software with a duplicate version number later.
Also, tweak the release_process.md documentation to clarify a few things.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-01-21 18:54:01 -05:00
David A. Wheeler f5dac7d8d7 Update ChangeLog
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-01-21 18:32:12 -05:00
David A. Wheeler 9206c93517 Update documentation
Document that we now support GitHub.  Also, change .md files
to use ~~~~ instead of `...` because that's friendlier to
people who want to cut-and-paste commands.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-01-21 17:30:28 -05:00
David A. Wheeler 49a2289fe3 _ftcsat should be _ftcscat. Thanks to Lucas Ramage
Fix typo in name of "banned" function.  Thanks to Lucas Ramage,
who reported this January 2019.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2019-01-12 11:53:27 -05:00
David A. Wheeler 8d6cfec002 Update correct test results to match memcpy change
There were some merge conflicts in the original merge of teh
memcpy change - to fix them, regenerate the correct test results.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-12-19 08:12:33 -05:00
Michael Clark 3c9bf48736 Fixes #19 - don't warn if memcpy call includes sizeof(first arg)
Also fixes for the test output, comprising the bulk of the patch.
2018-12-19 08:07:47 -05:00
David A. Wheeler 27ee4b0c8c Update test results for new version number
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-08 18:58:01 -04:00
David A. Wheeler fccc59cdcb Update for next version (2.0.8)
Change the version number NOW, so we won't forget later.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-08 18:55:52 -04:00
David A. Wheeler 6abb7c524b Fix SourceForge bug #14 No special warning for filename with long dash
This was reported by philipp. After some tweaking I got the warning
to work on both Python 2 and Python 3.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-06 19:11:21 -04:00
David A. Wheeler 006a39e966 Fix SourceForge #18 Renamed file still referenced by other files
We renamed README to README.md but didn't fix all the references.
This fixes the references (hopefully we got them all!).
My thanks to philipp for reporting this!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-06 18:46:09 -04:00
David A. Wheeler 79d7dbdc0f Add latest info to ChangeLog
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:54:30 -04:00
David A. Wheeler da8b2016e0 Change vesion number to 2.0.7
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:42:56 -04:00
David A. Wheeler 530a88a395 Change www.dwheeler.com to dwheeler.com
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:35:11 -04:00
David A. Wheeler 13d8cc9efa Fix PYTHONEXT error in makefile
Fixes bug report #16 Installation with filename extension override fails
from philipp. It noted that
'make PYTHONEXT=.py install fails because it tries to copy "flawfinder.py".'

Thanks for the report!!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:26:43 -04:00
David A. Wheeler 3021892deb Halt if --listrules and --html are invoked simultaneously
We don't currently support this combination, so error out if it's attempted.
Fixes SourceForge bug report #15 "Incomplete HTML output for list of rules".

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:20:48 -04:00
David A. Wheeler 86eef5aa00 Fix installation, including a misspelling of "command"
This fixes #17, "Typo in installation instructions".

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:15:03 -04:00
David A. Wheeler 0eed96c22d Remove unused global variables
This fixes bug report #13, "Unused global variables" from philipp.
Thanks!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:08:48 -04:00
David A. Wheeler fdd8a3bf47 Do not halt on unterminated parameter list in C code
If we see an unterminated parameter list in the code being analyzed,
continue to warn, but treat it as an empty list and continue.
That say, we can try to process at least some of the code.

This fixes bug report #12 TypeError raised for incomplete source code
from philipp created: 2018-03-10.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 20:43:13 -04:00
David A. Wheeler dbb7ef1622 Merge branch 'nickthetait_branch' after fixing conflicts
Merge in a nice long set of improvements from:
https://github.com/nickthetait/flawfinder/

A BIG thanks goes to Nicholas Tait (nickthetait).

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 20:35:03 -04:00
nickthetait 8e12d79029 Fix a comment
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-05-01 21:57:54 -06:00
David A. Wheeler a037bed859 Document that in release we must push tags
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-04-04 11:39:38 -04:00
David A. Wheeler 54039e0bd5 Fix flawfinder man page (e.g., fix the title of my book)
This fixes bug #11, see:
https://sourceforge.net/p/flawfinder/bugs/11/

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-04-04 11:31:07 -04:00
nickthetait c6480a884c Convert installation instructions to markdown and cleanup wording a little
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 23:18:00 -06:00
nickthetait e9304cb50f Standardize formatting of commands or code in documentation 2018-03-15 23:17:12 -06:00
nickthetait 265f8ce140 Broaden an ignore rule 2018-03-15 22:49:45 -06:00
nickthetait cda1b97c2e Standardize membership checking style
Reported as E713 by pycodestyle

Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:49:45 -06:00
nickthetait 7e5531da5b Standardize whitespace between functions
Reported as E305 and E305 by pycodestyle

Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:49:22 -06:00
nickthetait aeac180dbb Fix leading whitespace before comments
reported as E261 by pycodestyle
2018-03-15 22:46:01 -06:00
nickthetait db09996c01 Convert README to use markdown
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:46:01 -06:00
nickthetait 23c1a7e289 Fix test case to work on Ubuntu
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:45:32 -06:00
David A. Wheeler d7ce082024 Add "--error-level" option for continuous integration systems
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-27 18:11:52 -05:00
David A. Wheeler ba8e4bf6b6 Add some material to ChangeLog
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:28:52 -05:00
David A. Wheeler 196943f223 Add release_process.md documentation and tweak makefile
Document the release process, so we're more likely to
do it correctly.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:26:36 -05:00
David A. Wheeler 34a58911d3 Update version numbers
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:24:39 -05:00
David A. Wheeler cc84bdedfd Fix typo in README
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:07:36 -05:00
David A. Wheeler 2691ac6de5 Use https:, not http:, for cwe.mitre.org
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:52:35 -05:00
David A. Wheeler 6380038c34 Fix CWE hyperlinks with trailing ! or /
This fixes SF bug #9.

Thanks to philipp for reporting it!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:48:05 -05:00
David A. Wheeler f91e3ea60b Note in man page that the extension .c++ is supported
This fixes SF bug #10.

My thanks to philipp for reporting this.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:40:36 -05:00
David A. Wheeler 9d1378e110 Fix typo in gsignal|ssignal rule
Fix a typo in the gsignal|ssignal rule.
This fixes SF bug #8.

My thanks to philipp for reporting this!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:29:37 -05:00