New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add parser for flawfinder #31

Merged
merged 1 commit into from Apr 18, 2017

Conversation

Projects
None yet
2 participants
@davidCarlos
Contributor

davidCarlos commented Mar 30, 2017

I'm still working on this pull request (missing tests). soon i will remove the 'WIP' tag.

@davidmalcolm

This comment has been minimized.

Show comment
Hide comment
@davidmalcolm

davidmalcolm Mar 31, 2017

Member

As noted in #33 we don't have a good design yet for how to handle multiple CWEs in one issue.

For now, maybe have the parser capture the first CWE (if any), and note the limitation as a bug, marking it as a dependency of #33.

Thanks.

Member

davidmalcolm commented Mar 31, 2017

As noted in #33 we don't have a good design yet for how to handle multiple CWEs in one issue.

For now, maybe have the parser capture the first CWE (if any), and note the limitation as a bug, marking it as a dependency of #33.

Thanks.

@davidCarlos davidCarlos changed the title from [WIP]: Add parser to flawfinder to Add parser to flawfinder Apr 5, 2017

@davidCarlos

This comment has been minimized.

Show comment
Hide comment
@davidCarlos

davidCarlos Apr 5, 2017

Contributor

Hey @davidmalcolm , i have updated this PR. I added some tests, and have included flawfinder in the documentation. Now the parser capture the first CWE, as we had discussed. I created the issue #35, to map the multiple cwes problem.

Contributor

davidCarlos commented Apr 5, 2017

Hey @davidmalcolm , i have updated this PR. I added some tests, and have included flawfinder in the documentation. Now the parser capture the first CWE, as we had discussed. I created the issue #35, to map the multiple cwes problem.

@davidmalcolm

Thanks; this is looking good. I have some concerns about version-handling, and would prefer it if the parser captured the severity of issues (and maybe categories also).

Sorry if this seems nit-picky.

Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated

@davidmalcolm davidmalcolm changed the title from Add parser to flawfinder to Add parser for flawfinder Apr 5, 2017

@davidCarlos

This comment has been minimized.

Show comment
Hide comment
@davidCarlos

davidCarlos Apr 14, 2017

Contributor

Hey @davidmalcolm , i updated this PR with the last revision.

Contributor

davidCarlos commented Apr 14, 2017

Hey @davidmalcolm , i updated this PR with the last revision.

@davidmalcolm

Thanks for the updates.

I've got a few more nitpicks (sorry), covering code I had trouble following.

Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated tests/parsers/test_flawfinder_parser.py Outdated
@davidCarlos

This comment has been minimized.

Show comment
Hide comment
@davidCarlos

davidCarlos Apr 14, 2017

Contributor

@davidmalcolm thanks for the great revision, i had updated the PR.

Contributor

davidCarlos commented Apr 14, 2017

@davidmalcolm thanks for the great revision, i had updated the PR.

@davidmalcolm

Thanks for the updated version.

This is looking much better, but I have a few more nitpicks (sorry).

Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
@davidCarlos

This comment has been minimized.

Show comment
Hide comment
@davidCarlos

davidCarlos Apr 15, 2017

Contributor

@davidmalcolm I had updated the PR

Contributor

davidCarlos commented Apr 15, 2017

@davidmalcolm I had updated the PR

@davidmalcolm

Thanks for your improvements here.

Ironically, with the code cleanups you've done, you've simplified things enough that I can now see a couple of other issues that were hiding.

Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Show outdated Hide outdated firehose/parsers/flawfinder.py Outdated
Add parser to flawfinder
	- Add only one cwe in Firehose report
	- Retrieve flawfinder version from report.
	- Use enumerate instead of counter.
	- Add tests
	- Add comment about multiple cwes.
	- Fix regex.
@davidCarlos

This comment has been minimized.

Show comment
Hide comment
@davidCarlos

davidCarlos Apr 18, 2017

Contributor

@davidmalcolm I had updated the PR

Contributor

davidCarlos commented Apr 18, 2017

@davidmalcolm I had updated the PR

@davidmalcolm

Thanks for all the updates; this looks good.

@davidmalcolm davidmalcolm merged commit b912b9f into fedora-static-analysis:master Apr 18, 2017

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment