-
# Issue
Flawfinder generates artifact locations starting with a `/` slash or `./`. At the same time and for portability reasons Flawfinder uses the [`uriBaseId`](https://docs.oasis-open.org/sarif/s…
-
Please add support of C++11.
We scanned our cpp project and faced issues that neither lambdas no string literals (https://en.cppreference.com/w/cpp/language/string_literal) are not parsed correctly b…
-
Some of the python2 packages were removed in https://github.com/coala/docker-coala-base/issues/55#issuecomment-270966401 , but we still need python2 for flawfinder.
Once https://github.com/coala/co…
-
This is a tracking item to describe next possible steps with Flawfinder SARIF + HDF support.
Observations:
* The HDF format currently requires encoding tool -> CWE/other NIST standard mappings i…
-
Flawfinder was integrated in our CI pipeline. It fails with the directories that have symlinks. "**scp**" directory is successful as it does not symlinks and "**sdk**" directory fails silently.
`$ …
-
It'd be great to have a GitHub Actions integration. Now that flawfinder has SARIF output, that should in theory be easy.
More info here about creating such integrations:
https://docs.github.com/en…
-
Per section 5.B of the paper:
Perform static analysis on source code to determine the likely number of latent vulnerabilities (e.g., using Coverity scan, RATS, or flawfinder); measures such as hit de…
-
CSecurity bear has python2 as a dependency, as when I tried removing python-base package from the docker image it failed. https://travis-ci.org/rhemon/docker-coala-base/builds/189439040#L9262
-
I have set `c-cpp-flylint.language` to C language, there is alway an error reading:
```shell
vscode-c-cpp-flylint: 'Line could not be parsed: error: invalid argument '--std=c++11' not allowed with…
-
Hi!
I've run into the encoding issue several times on different projects. I look at a source code with thousands (or hundreds of thousands) of files, and inside them, for some unknown reason, there…