Change the version number *now*, before release, so that we won't
accidentally release software with a duplicate version number later.
Also, tweak the release_process.md documentation to clarify a few things.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This was reported by philipp. After some tweaking I got the warning
to work on both Python 2 and Python 3.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
We don't currently support this combination, so error out if it's attempted.
Fixes SourceForge bug report #15 "Incomplete HTML output for list of rules".
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
If we see an unterminated parameter list in the code being analyzed,
continue to warn, but treat it as an empty list and continue.
That say, we can try to process at least some of the code.
This fixes bug report #12 TypeError raised for incomplete source code
from philipp created: 2018-03-10.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Fix a typo in the gsignal|ssignal rule.
This fixes SF bug #8.
My thanks to philipp for reporting this!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
The www.dwheeler.com site has long supported https, but I forgot
to change these URLs. Fix that, so that people will use https.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Change possible_levels to a tuple. Arrays are mutable,
but we never want to mutate this value, so changing it
to a tuple reduces the risk of accidentally mutating it.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit means that the output provides useful summary data,
even if the lower-level hits are suppressed.
Note that this does use a little more memory when some hits
are supressed, since the hitlist is fully created even
if only parts are displayed. However, modern systems have
lots of memory. Hopefully we'll never analyze software
with so many problems that this is a problem itself :-).
If someone ever has that problem, they can output everything
and filter it separately.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
My upload intended for pypitest appears to have gone to pypi instead.
To eliminate confusion, I'm bumping the version number so that
any single version number always refers to exactly one program version.
This was done with:
sed -i.bak -e 's/2\.0\.3/2.0.4/g' \
ChangeLog correct-results.* flawfinder makefile setup.py
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Test the saving and loading of hitlists.
This detected a Python3 problem, which was easily corrected by
saving and loading in binary "b" format instead of text format.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
We formerly used a variable named "input". This is legal in Python,
but potentially confusing since there's a built-in named "input"
that this shadows in that scope. Rename the variable, to
avoid that confusion. This fixes the following pylint warning:
W:1440, 8: Redefining built-in 'input' (redefined-builtin)
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
We import os, so there's no need to import os.path.
This fixes the following pylint warning:
C: 53, 0: Imports from package os are not grouped (ungrouped-imports)
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Python 3 only accepts certain syntaxes for find & split.
Thankfully, it's possible to use them in Python 2, so rework
it so we can use the same syntax for both.
This is not detected or fixed by futurize, sadly
(a problem true for many other situations).
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Remove use of __cmp__, which is in Python 2 but not in Python 3.
Instead, use sort keys, which work in Python 2 and 3.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Switch all print statements to print() functions per PEP 3105.
Python 3 *only* supports print() functions, so this begins to
move the code towards simultaneously supporting python 2 and 3.
This implements "stage1" of futurize. In theory, "stage1" is
supposed to be "low risk", but in fact a *large* number of
manual fixes had to be made to make the program work again.
Python 2's traditional print statement includes the "softspace"
feature. This is "a semi-secret attribute on files currently used to tell
print whether to insert a space before the first item". The print()
function does not have the "softspace" feature, so there is no direct
translation for any situation that depended on softspaces.
Flawfinder used softspaces extensively, as they were convenient,
so it took a little work to make print() functions work.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
David A. Wheeler
Markus Elfring
Michael Clark
nickthetait
Jon Hood
David A. Wheeler