pkgsrc-changes: CVS commit: pkgsrc/security/flawfinder

Subject: CVS commit: pkgsrc/security/flawfinder
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 06/23/2004 16:19:41
Module Name:	pkgsrc
Committed By:	snj
Date:		Wed Jun 23 16:19:41 UTC 2004

Modified Files:
	pkgsrc/security/flawfinder: Makefile distinfo

Log Message:
Update flawfinder to 1.26.  Don't set PY_PATCHPLIST, as it is useless.
Don't include python/extension.mk, as it is also useless.  Don't set
NO_CONFIGURE, because it makes PYTHON_PATCH_SCRIPTS useless.  Don't set
MAKEFILE, as we don't actually use the included makefile for anything.

Changes since 1.24:
* Added more support for Microsoft's approach to internationalization.
* Added two new rules for GLib functions, "g_get_home_dir" and
  g_get_tmp_dir".
* Added curl_getenv().
* Added several rules for input functions (for -I) -
  recv, recvfrom, recvmsg, fread, and readv.
* Tightened the false positive test slightly; if a name is
  followed by = or - or + it's unlikely to be a function call,
  so it'll be quietly discarded.
* Modified the summary report format slightly.
* Modified the getpass text to remove an extraneous character.
* Added rules for cuserid, getlogin, getpass, mkstemp, getpw, memalign,
  as well as the obsolete functions gsignal, ssignal, ulimit, usleep.
* Modified text for strncat to clarify it.
* Fixed error in --columns format, so that the output is simply
  "filename:linenumber:columnnumber" when --columns (-C) is used.
* Eliminated "Number of" phrase in the footer report
* Added more statistical information to the footer report.
* Added shortcut single-letter commands (-D for --dataonly,
  -Q for --quiet, -C for --columns), so that invoking from
  editors is easier.
* Tries to autoremove some false positives.  In particular, a function
  name followed immediately by "=" (ignoring whitespace)
  is automatically considered to be a variable and NOT a function,
  and thus doesn't register as a hit.  There are exotic cases
  where this won't be correct, but they're pretty unlikely in
  real code.
* Added a "--falsepositive" (-F) option, which tries to remove
  many more likely false positives.


To generate a diff of this commit:
cvs rdiff -r1.8 -r1.9 pkgsrc/security/flawfinder/Makefile
cvs rdiff -r1.4 -r1.5 pkgsrc/security/flawfinder/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.