-
`memset()` is often used for data sanitization in security sensitive software to harden against information leaks. However, compiler dead store elimination passes can remove that hardening. Recently, …
ryao updated
5 months ago
-
Hi folks! I added Cargo-style automatic project discovery in rust-analyzer for non-Cargo build systems (Buck primarily, but it's designed to be usable by Bazel...) in https://github.com/rust-lang/rust…
-
### Analyzer
**Diagnostic ID**: [CA1508](https://docs.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1508): `Avoid dead conditional code`
### Analyzer source
**Version**: 5.0…
-
Instead of running the analyzer on the ORT server, it is sometimes necessary to run the analyzer on-premises / locally (to avoid cloning the project in the cloud). For such a use-case the ORT server s…
-
### Background and motivation
There are APIs that accepts `object` and operates with object identity, thus boxed structs will not work.
Examples including:
- ~~GC.KeepAlive (For keeping the col…
-
https://github.com/Open-Source-Compliance/Sharing-creates-value/blob/70ce26d56f67114c07014befcaa268be5692ca81/Tooling-Landscape/Capabilities/dependency_analyzer_source.md?plain=1#L8
[Meta Level]
T…
-
@jakemac53 I thought maybe we can try tracking in-flight PRs and what to work on today/tomorrow in an issue.
## Out for review
#71 not blocking anything, convenience extension methods
## Next…
-
In [roslyn-analyzers](https://github.com/dotnet/roslyn-analyzers) there is a bunch of tickets open related to porting some old FxCop rules. Because most of these are dated from 2015, we were wondering…
-
[FR] [les tests statiques](https://latavernedutesteur.fr/2017/11/03/les-tests-statiques-rois-du-roi/)
``` C
if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
goto fail;
if ((err …
-
Analyzer report: [link](https://cmssdt.cern.ch/SDT/jenkins-artifacts/ib-static-analysis/CMSSW_14_2_X_2024-09-16-1100/el8_amd64_gcc12/llvm-analysis/report-6c4ba6.html#EndPath) .
I guess [lines 42-43…