cleanup: replace banned.h with semgrep #2881
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Luca Guerra <luca@guerra.sh>
|
This PR may bring feature or behavior changes in the Falco engine and may require the engine version to be bumped. Please double check userspace/engine/falco_engine_version.h file. See versioning for FALCO_ENGINE_VERSION. /hold |
Signed-off-by: Luca Guerra <luca@guerra.sh>
Signed-off-by: Luca Guerra <luca@guerra.sh>
LucaGuerra
force-pushed
the
update/replace-banned-with-semgrep
branch
from
d436910
to
7ccfeb6
Compare
|
/unhold version bump is not required |
|
/milestone 0.37.0 |
|
LGTM label has been added. Git tree hash: 59b9a0000ded79a003f216371a159fa2e21cc81e
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Andreagit97, FedeDP, LucaGuerra The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind cleanup
Any specific area of the project related to this PR?
/area engine
/area CI
What this PR does / why we need it:
We used to have a
banned.hheader file that prevents you from using specific functions. The problem with it is that we have to manually add it to any.cppfile that we ever write. This does not happen in practice unless there is a specific header that always needs to be included (falco_common.hseems to be it but really is not). In libs we have decided to use semgrep in CI instead.The advantage of using Semgrep is that we don't have to modify the code or remember to include any extra header. The disadvantage is that you won't get compile time errors but only CI time errors. Let's do the same in Falco and in libs.
In addition, a file was using
strncat. Replace it withstrlcat.Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: