pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/flawfinder
Module Name: pkgsrc
Committed By: nros
Date: Mon Feb 6 11:23:50 UTC 2023
Modified Files:
pkgsrc/security/flawfinder: Makefile PLIST distinfo
Added Files:
pkgsrc/security/flawfinder/patches: patch-setup.py
Log Message:
Update flawfinder to version 2.0.19
The reason for the update is to get this package to work,
version 1.31 crashed when I tried it, version 2.0.19 works.
Changes from changelog:
2021-08-29 David A. Wheeler
* Version 2.0.19
* Fix so we send error messages to stderr instead of stdout.
Originally we sent some to stdout by mistake, which could
mess up results since the error messages would be mixed up
with the results.
2021-06-24 David A. Wheeler
* Version 2.0.18
* Fix SARIF output. SARIF output is new to flawfinder, and
there was a subtle error in its generation that causes GitHub
to reject the SARIF file.
2021-06-02 David A. Wheeler
* Version 2.0.17
* Fix the distributed tarball, which didn't include the
key source file due to the earlier file restructure.
* Minor code style fix, which simplifies the code slightly.
* Update date in manual page to 2021. That's important because
the documentation now includes information on `--sarif`.
2021-05-31 David A. Wheeler
* Version 2.0.16
* The distributed source file is now flawfinder.py, not flawfinder.
This is part of a change that improves
improve cross-platform ease-of-use by using entry_points.
That said, "make install" will still
install it as "flawfinder" (so those who install it via
"make install" will see no change). Many thanks to Ben Spoor!
* Added support for generating SARIF output, use --sarif.
A big thanks to Yong Yan for this work!
* Track curly brace level to reduce some problems, my thanks to
Greg Myers for the work!
* Improved handling of Git patch format, thanks to
Robin Geffroy.
2021-01-11 David A. Wheeler
* Version 2.0.15
* Fixed some release problems in 2.0.14.
* Improved handling of LoadLibraryEx; flawfinderr no longer complains
about certain constructs that are known to be safe (eliminating
some false positives).
2021-01-09 David A. Wheeler
* Version 2.0.14
* If there are >0 hits, tell users how to ignore them as part of the
tool output.
* Various Windows improvments.
Ignore LoadLibraryEx if its third parameter is
LOAD_LIBRARY_SEARCH_SYSTEM32, as this is safe, and
remove the rule for InitialCriticalSection
(this is no longer a vulnerability on current widely-used versions
of Windows)
* Various C++ improvements. Add .hpp support for C++,
ignore "system::" to reduce false positives,
treat ' as digit separator when file extension is a C++ file
(for C++14).
* I had some release problems; this is identified as 2.0.14
(skipping a few minor numbers) to ensure that the version
number uniquely identifies a specific release.
2020-02-17 David A. Wheeler
* Version 2.0.11
* Provide a much more detailed error report, including recommended
solutions, when character encoding problems hit.
As Python3 has slowly gained in popularity, its failure to provide
useful built-ins to handle real-world character encoding problems
hurts more people. (E.g., many files don't comply with *any*
character set encoding standard, and Python3 can't read them
without enabling options that are wrong for others.)
We can at least provide much more detailed feedback to help
explain the various options available.
2019-06-22 David A. Wheeler
* Version 2.0.10
* Use binary mode when reading a diffhitlist.
My thanks to Michał Górny, who both reported the problem
and provided the patch!
2019-05-19 David A. Wheeler
* Version 2.0.9
* Fixes a serious defect in --diffhitlist
2019-05-17 Labidurie Jerome
* Fixed a serious defect in --diffhitlist option and added a unit test
2019-01-21 David A. Wheeler <dwheeler, at, dwheeler.com>
* Version 2.0.8
* Don't warn if memcpy call includes sizeof(first arg).
Thanks to Michael Clark for this improvement!
* Bugfix (banned function _ftcsat should be _ftcscat).
Thanks to Lucas Ramage for reporting this!
* Documentation tweaks. Make it clear that GitHub issues and
pull requests are supported, and use ~~~~ in markdown
to ease copy-and-paste from documentation.
2018-09-30 David A. Wheeler <dwheeler, at, dwheeler.com>
* Incorporate many small improvements from nickthetait
* Fix a number of bugs reported by philipp
* Update URLs for www.dwheeler.com -> dwheeler.com
2018-04-04 David A. Wheeler <dwheeler, at, dwheeler.com>
* Version 2.0.6
2018-01-26 David A. Wheeler <dwheeler, at, dwheeler.com>
* Small fixes
* Update cwe.mitre.org URLs to use https
2017-11-16 David A. Wheeler <dwheeler, at, dwheeler.com>
* add detection of crypt_r function
* add detection of errant equal, mismatch, and is_permutation
* update CWE, risk, and discussion for C++14 STL functions
* Always report hit counts correctly, even if ignored using -m
* Update www.dwheeler.com URLs to use https
2017-09-02 David A. Wheeler <dwheeler, at, dwheeler.com>
* Version 2.0.4
* Switch from distutils to setuptools
* Directly support "pip" installs
2017-08-26 David A. Wheeler <dwheeler, at, dwheeler.com>
* Version 2.0.2
* Flawfinder can now run on either Python 2.7 or 3
* Added more tests
* Implemented additional code cleanups recommended by Pylint
* Modified documentation in various ways to clarify things
2017-08-13 David A. Wheeler <dwheeler, at, dwheeler.com>
* Version 2.0.1
* Tranform many internal constructs to work on Python 2 or 3,
with the eventual goal of making it run on either.
2017-07-29 David A. Wheeler <dwheeler, at, dwheeler.com>
* Version 2.0.0
* Change version numbers to use Semantic Versioning (x.y.z)
* Add support for generating CSV (comma-separated value) format,
to make this tool easier to integrate into larger toolsuites.
* Fixed a number of issues - and even a few bugs - found by the
Python static analysis tool pylint.
* Document in CONTRIBUTING.md how to contribute to the project.
* Change version number to 2.0.0, because we have a subtle
interface change that won't affect most people but it
*may* affect those who use postprocess
flawfinder data on CWEs. The fundamental issue is that
in some cases a hit corresponds to multiple CWEs. As a result,
in some cases flawfinder will list a sequence of CWEs
in the format "more-general/more-specific", where the CWE actually
being mapped is followed by a "!".
This is always done whenever a flaw is not mapped directly to
a top 25 CWE, but the mapping is related to such a CWE.
So "CWE-119!/CWE-120" means that the vulnerability is mapped
to CWE-119 and that CWE-120 is a subset of CWE-119.
In contrast, "CWE-362/CWE-367!" means that the hit is mapped to
CWE-367, a subset of CWE-362.
Note that this is a subtle syntax change from flawfinder
version 1.31; in flawfinder version 1.31,
the form "more-general:more-specific" meant what is now listed as
"more-general!/more-specific", while
"more-general/more-specific" meant "more-general/more-specific!".
Tools can handle both the version 1.31 and the current format,
if they wish, by noting that the older format did not use "!" at all.
These mapping mechanisms simplify searching for certain CWEs.
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/flawfinder/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/security/flawfinder/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/security/flawfinder/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/flawfinder/patches/patch-setup.py
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/flawfinder/Makefile
diff -u pkgsrc/security/flawfinder/Makefile:1.29 pkgsrc/security/flawfinder/Makefile:1.30
--- pkgsrc/security/flawfinder/Makefile:1.29 Thu Jun 30 11:18:47 2022
+++ pkgsrc/security/flawfinder/Makefile Mon Feb 6 11:23:50 2023
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.29 2022/06/30 11:18:47 nia Exp $
+# $NetBSD: Makefile,v 1.30 2023/02/06 11:23:50 nros Exp $
-DISTNAME= flawfinder-1.31
-PKGREVISION= 3
+DISTNAME= flawfinder-2.0.19
CATEGORIES= security devel
MASTER_SITES= https://www.dwheeler.com/flawfinder/
@@ -10,13 +9,10 @@ HOMEPAGE= https://www.dwheeler.com/flawf
COMMENT= Python program to find flaws in C/C++ programs
LICENSE= gnu-gpl-v2
-NO_BUILD= yes
-REPLACE_PYTHON= flawfinder
-INSTALLATION_DIRS= bin ${PKGMANDIR}/man1
+INSTALLATION_DIRS= ${PKGMANDIR}/man1
-do-install:
- ${INSTALL_SCRIPT} ${WRKSRC}/flawfinder ${DESTDIR}${PREFIX}/bin
+post-install:
${INSTALL_MAN} ${WRKSRC}/flawfinder.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1
-.include "../../lang/python/application.mk"
+.include "../../lang/python/egg.mk"
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/security/flawfinder/PLIST
diff -u pkgsrc/security/flawfinder/PLIST:1.1.1.1 pkgsrc/security/flawfinder/PLIST:1.2
--- pkgsrc/security/flawfinder/PLIST:1.1.1.1 Sun Jul 14 13:02:23 2002
+++ pkgsrc/security/flawfinder/PLIST Mon Feb 6 11:23:50 2023
@@ -1,3 +1,12 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2002/07/14 13:02:23 wiz Exp $
+@comment $NetBSD: PLIST,v 1.2 2023/02/06 11:23:50 nros Exp $
bin/flawfinder
+${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
+${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
+${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/entry_points.txt
+${PYSITELIB}/${EGG_INFODIR}/top_level.txt
+${PYSITELIB}/${EGG_INFODIR}/zip-safe
+${PYSITELIB}/flawfinder.py
+${PYSITELIB}/flawfinder.pyc
+${PYSITELIB}/flawfinder.pyo
man/man1/flawfinder.1
Index: pkgsrc/security/flawfinder/distinfo
diff -u pkgsrc/security/flawfinder/distinfo:1.11 pkgsrc/security/flawfinder/distinfo:1.12
--- pkgsrc/security/flawfinder/distinfo:1.11 Tue Oct 26 11:17:05 2021
+++ pkgsrc/security/flawfinder/distinfo Mon Feb 6 11:23:50 2023
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.11 2021/10/26 11:17:05 nia Exp $
+$NetBSD: distinfo,v 1.12 2023/02/06 11:23:50 nros Exp $
-BLAKE2s (flawfinder-1.31.tar.gz) = 70267073a47bd4779a2c08cf32f653328ef358073f752ce1c4aad253d17ded65
-SHA512 (flawfinder-1.31.tar.gz) = 880919a05dbf0e29055f052b88c8bbfd403105504749bc65fb17675e6ebe0d84f9cd367e7a6efc68dc0d9209e0938185da4718b70f484007c507fe96b83e0355
-Size (flawfinder-1.31.tar.gz) = 174148 bytes
+BLAKE2s (flawfinder-2.0.19.tar.gz) = 0168e0f39c14517610584191e2106a2876f8c56399f5936cf2cf0c9e86fe2a0a
+SHA512 (flawfinder-2.0.19.tar.gz) = 7ac8684f157f30cb7cc0e2d9c270f92bb26e9207d9879530c499cc93af10070c2558f3794cc8b1a0a51b52ae771a4aa47157b467d0e6578cab96360cb0c6d90b
+Size (flawfinder-2.0.19.tar.gz) = 260817 bytes
+SHA1 (patch-setup.py) = adef74ae8bf53be447cfb3d68d5d9d8dc36b93f6
Added files:
Index: pkgsrc/security/flawfinder/patches/patch-setup.py
diff -u /dev/null pkgsrc/security/flawfinder/patches/patch-setup.py:1.1
--- /dev/null Mon Feb 6 11:23:50 2023
+++ pkgsrc/security/flawfinder/patches/patch-setup.py Mon Feb 6 11:23:50 2023
@@ -0,0 +1,14 @@
+$NetBSD: patch-setup.py,v 1.1 2023/02/06 11:23:50 nros Exp $
+
+* don't install gzipped manpage in the wrong location,
+ BSD_INSTALL will handle it.
+
+--- setup.py.orig 2023-02-06 11:10:28.341558842 +0000
++++ setup.py
+@@ -46,6 +46,5 @@ It is released under the GNU GPL license
+ 'flawfinder = flawfinder:main',
+ ],
+ },
+- data_files = [ ('share/man/man1', [ 'flawfinder.1.gz' ]) ],
+ py_modules = ['flawfinder'],
+ )
Home |
Main Index |
Thread Index |
Old Index