Open krishnakumarg1984 opened 1 year ago
I tried to add the settings that nvim-lint is using for flawfinder (found here: https://raw.githubusercontent.com/mfussenegger/nvim-lint/master/lua/lint/linters/flawfinder.lua) together with how I configured gcc.
Here's what I came up with:
local flawfinder = {
method = methods.internal.DIAGNOSTICS_ON_SAVE,
filetypes = { "c", "cpp" },
name = "flawfinder",
async = true,
generator = h.generator_factory {
command = "flawfinder",
args = {
"-S",
"-Q",
"-D",
"-C",
"$FILENAME",
},
to_stdin = false,
from_stderr = false,
format = "line",
on_output = h.diagnostics.from_pattern(
[[^(.*):(%d+):(%d+): *%[([0-5])%] (.*)$]],
{ "file", "row", "col", "severity", "message" },
{
severities = {
['5'] = vim.diagnostic.severity.WARN,
['4'] = vim.diagnostic.severity.WARN,
['3'] = vim.diagnostic.severity.WARN,
['2'] = vim.diagnostic.severity.WARN,
['1'] = vim.diagnostic.severity.WARN,
},
}
),
},
}
It seems to work? (But to be honest, I don't know what everything does.) After that, I'm just adding "flawfinder" to "sources".
@CroPhYPtic This looks good - the only changes I would make before putting in a PR would be to use the style of existing built-in sources (which is slightly different from custom sources) and also consider using the to_temp_file
option, which could work around the tool's lack of support for stdin
.
@jose-elias-alvarez Okay, i've tried to do a pull request. Don't know if I've done it right and so on since I've never really done it before. However, it seems to work here.
@krishnakumarg1984 I've done a pull request and there's some code above that you can try out if you want to.
Issues
Feature description
flawfinder is a static analysis tool for finding vulnerabilities in C/C++ source code. It would be helpful to have support for this in null-ls.nvim
Help
Yes, but I don't know how to start. I would need guidance
Implementation help
No response