]>
ruderich.org/simon Gitweb - blhc/blhc.git/log
Simon Ruderich [Thu, 10 May 2018 15:39:00 +0000 (17:39 +0200)]
Refactor flag overwrite check into separate function
Simon Ruderich [Thu, 10 May 2018 15:17:44 +0000 (17:17 +0200)]
Detect restore of -D_FORTIFY_SOURCE=2
Simon Ruderich [Fri, 2 Mar 2018 08:29:28 +0000 (09:29 +0100)]
Release 0.08
Simon Ruderich [Thu, 1 Mar 2018 09:45:32 +0000 (10:45 +0100)]
Use proper look back for non-verbose detection for DEB_BUILD_OPTIONS=parallel
Simon Ruderich [Thu, 1 Mar 2018 09:31:14 +0000 (10:31 +0100)]
NEWS: update
Simon Ruderich [Thu, 1 Mar 2018 09:28:58 +0000 (10:28 +0100)]
Sync architecture specific hardening support with dpkg 1.19.0.5
Simon Ruderich [Thu, 1 Mar 2018 09:15:30 +0000 (10:15 +0100)]
Add --line-numbers option
Suggested and helped by Stefan Pöschel <stefan.poeschel@gmx.de>.
Simon Ruderich [Tue, 27 Feb 2018 18:17:37 +0000 (19:17 +0100)]
Update copyright years
Simon Ruderich [Tue, 5 Sep 2017 20:22:07 +0000 (22:22 +0200)]
Add example for --debian
Simon Ruderich [Thu, 17 Aug 2017 10:25:30 +0000 (12:25 +0200)]
Add --debian to handle PIE flags like buildd mode
Simon Ruderich [Sun, 23 Jul 2017 19:10:04 +0000 (21:10 +0200)]
Don't report missing PIE flags in buildd mode if GCC defaults to PIE
Dpkg since 1.8.15 respects GCC's settings and doesn't inject PIE flags
if GCC already applies them internally. Therefore don't require PIE
flags if a recent enough dpkg version is used and GCC applies PIE on the
current architecture.
Simon Ruderich [Sun, 23 Jul 2017 18:47:08 +0000 (20:47 +0200)]
MANIFEST: add t/logs/fortran
Simon Ruderich [Sun, 23 Jul 2017 15:59:16 +0000 (17:59 +0200)]
Improve Fortran support, also for Open MPI (mpifort)
Simon Ruderich [Sun, 23 Jul 2017 15:56:23 +0000 (17:56 +0200)]
Refactor Ada handling of format CFLAGS
Will be used for Fortran flags in the next commit.
Simon Ruderich [Sun, 23 Jul 2017 14:45:25 +0000 (16:45 +0200)]
NEWS: mention Debian Bug #853265
I totally missed this bug report.
Simon Ruderich [Sun, 23 Jul 2017 14:12:28 +0000 (16:12 +0200)]
Handle Open MPI mpicc/mpicxx compiler wrappers
The wrapper wasn't treated as compiler causing the non-verbose detection
to trigger as the next line seemingly contained no compiler command.
Reported by Nico Schlömer. See [1] for a build log which was affected.
[1]: https://buildd.debian.org/status/fetch.php?pkg=trilinos&arch=amd64&ver=12.10.1-4&stamp=
1500253714 &raw=1
Simon Ruderich [Sun, 23 Jul 2017 14:06:18 +0000 (16:06 +0200)]
Update copyright years
Simon Ruderich [Wed, 16 Nov 2016 11:40:10 +0000 (12:40 +0100)]
Support new dpkg versions which use debarch_to_debtuple
Simon Ruderich [Sun, 11 Sep 2016 09:40:32 +0000 (11:40 +0200)]
README: update example to require current hardening flags
Simon Ruderich [Sun, 11 Sep 2016 00:20:46 +0000 (02:20 +0200)]
Release 0.07
Simon Ruderich [Sat, 10 Sep 2016 16:09:43 +0000 (18:09 +0200)]
Fix another Ada false positive for format flags
Simon Ruderich [Thu, 25 Aug 2016 15:46:46 +0000 (17:46 +0200)]
Fix false positive in "gcc > file"
Simon Ruderich [Thu, 25 Aug 2016 14:49:18 +0000 (16:49 +0200)]
Sync architecture specific hardening support with dpkg 1.18.10
Simon Ruderich [Thu, 25 Aug 2016 14:50:27 +0000 (16:50 +0200)]
NEWS: fix typo in 0.06 release
Simon Ruderich [Sun, 5 Jun 2016 13:42:43 +0000 (15:42 +0200)]
Release 0.06
Simon Ruderich [Sun, 5 Jun 2016 13:37:48 +0000 (15:37 +0200)]
Improve non-verbose detection for parallel builds
Thanks to Julien Lamy for the initial patch.
Closes Debian Bug #801492.
Simon Ruderich [Sun, 5 Jun 2016 12:33:29 +0000 (14:33 +0200)]
Fix false positives for comment lines
Closes Debian bug #825671.
Simon Ruderich [Sun, 5 Jun 2016 12:28:11 +0000 (14:28 +0200)]
NEWS: update
Gregor Herrmann [Sun, 5 Jun 2016 10:27:25 +0000 (12:27 +0200)]
Update t/tests.t for new output of Pod::Usage in 1.65
[SR: Closes Debian bug #825428.]
Simon Ruderich [Sun, 5 Jun 2016 10:17:42 +0000 (12:17 +0200)]
Update copyright years
Simon Ruderich [Sun, 5 Jun 2016 10:16:32 +0000 (12:16 +0200)]
Sync architecture specific hardening support with dpkg 1.18.7
Simon Ruderich [Thu, 24 Sep 2015 11:55:15 +0000 (13:55 +0200)]
README: add vim modeline
Simon Ruderich [Tue, 15 Sep 2015 08:28:49 +0000 (10:28 +0200)]
fix false positive in `rm` lines
Fixes Debian Bug #772853 reported by Jakub Wilk.
Simon Ruderich [Mon, 14 Sep 2015 22:22:00 +0000 (00:22 +0200)]
fix false positive with `gcc -v`
Fixes Debian Bug #765756, reported by Andreas Beckmann.
Simon Ruderich [Mon, 14 Sep 2015 16:10:44 +0000 (18:10 +0200)]
fix false positive in "libtool: link: g++ -include test.h .."
The .h extension causes detection as preprocess line which generates a
warning about missing CPPFLAGS. Fix this false positive for the
"libtool: link:" case. As long as GNU autotools generate sane output,
this should not cause false negatives.
Fixes Debian Bug #784959 reported by Raphaël Hertzog.
Simon Ruderich [Mon, 14 Sep 2015 16:09:49 +0000 (18:09 +0200)]
fix comments
Simon Ruderich [Fri, 11 Sep 2015 14:15:43 +0000 (16:15 +0200)]
update copyright years
Simon Ruderich [Fri, 11 Sep 2015 14:13:12 +0000 (16:13 +0200)]
sync architecture specific hardening support with dpkg 1.18.2
Simon Ruderich [Tue, 19 Aug 2014 22:50:33 +0000 (00:50 +0200)]
release 0.05
Simon Ruderich [Tue, 19 Aug 2014 22:49:21 +0000 (00:49 +0200)]
update copyright years
Simon Ruderich [Tue, 19 Aug 2014 22:44:31 +0000 (00:44 +0200)]
sync architecture specific hardening support with dpkg 1.17.13.
Simon Ruderich [Wed, 13 Aug 2014 02:59:08 +0000 (04:59 +0200)]
don't check for source fortification in debug lines
Closes Debian bug #757683, reported by Matthias Klose.
Simon Ruderich [Wed, 13 Aug 2014 02:40:01 +0000 (04:40 +0200)]
check for -fstack-protector-strong
Enabled since dpkg 1.17.11.
Closes Debian Bug #757885 reported by Markus Koschany.
Simon Ruderich [Sun, 10 Aug 2014 13:07:47 +0000 (15:07 +0200)]
sync architecture specific hardening support with dpkg 1.17.11.
Simon Ruderich [Sat, 5 Jul 2014 11:09:06 +0000 (13:09 +0200)]
NEWS: update
Simon Ruderich [Sat, 5 Jul 2014 11:06:51 +0000 (13:06 +0200)]
t: add test case for last commit
James McCoy [Sun, 29 Jun 2014 03:26:23 +0000 (23:26 -0400)]
Fix false positive when "compiling" python files
Allow whitespace between the filename and the following “...” or end of
line.
[SR: Closes Debian Bug #753080.]
Signed-off-by: James McCoy <jamessan@debian.org>
Signed-off-by: Simon Ruderich <simon@ruderich.org>
Simon Ruderich [Wed, 14 Aug 2013 19:04:06 +0000 (21:04 +0200)]
Consider lines with -O0 or -Og debug builds.
Disable checks for -O2 for those lines.
Fixes Debian bug #714628, reported by Matthias Klose. Thanks.
Simon Ruderich [Wed, 14 Aug 2013 18:42:44 +0000 (20:42 +0200)]
t/logs/libtool: Fix file extension for C++ compile.
Simon Ruderich [Wed, 14 Aug 2013 18:38:43 +0000 (20:38 +0200)]
Better handling of libtool commands.
Fixes Debug bug #717598), reported by Stefan Fritsch. Thanks.
Simon Ruderich [Wed, 14 Aug 2013 18:30:13 +0000 (20:30 +0200)]
Fix non-verbose compiler commands spanning multiple lines.
Simon Ruderich [Wed, 14 Aug 2013 16:20:22 +0000 (18:20 +0200)]
Fix false positive when "compiling" python files.
Also handle .el files.
Fixes Debian bug #714630, reported by Matthias Klose. Thanks.
Simon Ruderich [Wed, 14 Aug 2013 15:59:39 +0000 (17:59 +0200)]
README: Fix build dependency description.
Forgotten in
e8c9cdc7a80e630245d179fd702de3c8beb12abb .
Simon Ruderich [Wed, 14 Aug 2013 15:58:31 +0000 (17:58 +0200)]
README,blhc: Documentation update.
Simon Ruderich [Wed, 14 Aug 2013 14:54:38 +0000 (16:54 +0200)]
Fix buildd architecture detection.
Only relevant if the chroot setup fails and dpkg-buildpackage is never
run.
Simon Ruderich [Wed, 14 Aug 2013 14:40:44 +0000 (16:40 +0200)]
Fix detection of build dependencies for buildd logs.
Fixes Debian bug #719656, reported by Nicolas Boulenguez. Thanks.
Simon Ruderich [Wed, 14 Aug 2013 14:35:58 +0000 (16:35 +0200)]
NEWS: Mention bug reporters.
Simon Ruderich [Wed, 14 Aug 2013 14:35:16 +0000 (16:35 +0200)]
t/logs/buildd-architecture-old: Rename to dpkg-buildpackage-architecture-old.
Simon Ruderich [Wed, 14 Aug 2013 13:58:20 +0000 (15:58 +0200)]
NEWS: Update.
Simon Ruderich [Wed, 14 Aug 2013 13:34:38 +0000 (15:34 +0200)]
Only assign @cflags_ada if it's used.
Simon Ruderich [Wed, 14 Aug 2013 13:33:53 +0000 (15:33 +0200)]
Sync architecture specific hardening support with dpkg 1.17.1.
Simon Ruderich [Wed, 14 Aug 2013 13:18:12 +0000 (15:18 +0200)]
Use here-doc for --version output.
Simon Ruderich [Wed, 14 Aug 2013 13:17:29 +0000 (15:17 +0200)]
Reduce duplication in compile_flag_regexp().
Simon Ruderich [Wed, 14 Aug 2013 13:17:08 +0000 (15:17 +0200)]
Simplify compile_flag_regexp().
Simon Ruderich [Wed, 14 Aug 2013 13:14:53 +0000 (15:14 +0200)]
Minor source documentation update.
Simon Ruderich [Sun, 2 Jun 2013 14:41:35 +0000 (16:41 +0200)]
Handle another case of Qt's `moc`.
Found in the qtcreator package version 2.7.0-1, also Debian bug #710780.
Simon Ruderich [Sat, 1 Jun 2013 19:03:34 +0000 (21:03 +0200)]
MANIFEST: Add missing t/logs/configure-check.
Forgotten in
4769334033d6a630aa26128c4991443b91f36f13 .
Simon Ruderich [Tue, 28 May 2013 21:12:54 +0000 (23:12 +0200)]
Add test for possible false-negative in configure check.
Simon Ruderich [Tue, 28 May 2013 21:12:11 +0000 (23:12 +0200)]
Fix false positive in configure output if $CC contains options.
Debian bug #710135.
Simon Ruderich [Fri, 1 Mar 2013 15:31:34 +0000 (16:31 +0100)]
Release 0.04.
Simon Ruderich [Thu, 28 Feb 2013 14:32:15 +0000 (15:32 +0100)]
Update copyright year.
Simon Ruderich [Thu, 28 Feb 2013 14:30:36 +0000 (15:30 +0100)]
Fix false positive in kismet's build log.
Simon Ruderich [Sat, 6 Oct 2012 10:46:37 +0000 (12:46 +0200)]
NEWS: Add recent changes.
Simon Ruderich [Thu, 4 Oct 2012 19:29:39 +0000 (21:29 +0200)]
Handle more cases of `moc-qt4` and support `moc-qt5`.
Fixes false positives.
Thanks to Felix Geyer for informing me of this issue. For more
information see Debian bug #689616.
Simon Ruderich [Sat, 29 Sep 2012 12:39:43 +0000 (14:39 +0200)]
Detect architecture in old buildd logs which add an "is".
E.g. dpkg-buildpackage: host architecture is ia64
Simon Ruderich [Tue, 25 Sep 2012 10:44:24 +0000 (12:44 +0200)]
README: Document how build dependencies are extracted.
Simon Ruderich [Mon, 24 Sep 2012 13:38:06 +0000 (15:38 +0200)]
Fix build dependency related checks for pbuilder build logs.
This affects Ada and hardening-wrapper checks.
Simon Ruderich [Mon, 24 Sep 2012 11:25:42 +0000 (13:25 +0200)]
Fix indentation.
No other changes.
Simon Ruderich [Mon, 24 Sep 2012 11:24:01 +0000 (13:24 +0200)]
Also accept --param ssp-buffer-size=4.
Space instead of equals sign after --param.
Simon Ruderich [Sun, 16 Sep 2012 16:58:06 +0000 (18:58 +0200)]
Accept -Wformat=2 because it implies -Wformat.
Simon Ruderich [Sun, 8 Jul 2012 12:53:02 +0000 (14:53 +0200)]
Always end functions with return.
Found by perlcritic.
Simon Ruderich [Sat, 7 Jul 2012 17:27:04 +0000 (19:27 +0200)]
Ignore missing -Wformat -Werror=format-security for Ada files.
Thanks to Nicolas Boulenguez for reporting this. See
http://bugs.debian.org/680117 for details.
Simon Ruderich [Sat, 7 Jul 2012 17:11:03 +0000 (19:11 +0200)]
Prepare for multiple 'Build-Depends' checks.
No behavioral changes.
Nicolas Boulenguez [Sat, 7 Jul 2012 16:23:23 +0000 (18:23 +0200)]
Ignore CPPFLAGS for Ada files.
See http://bugs.debian.org/680117.
Simon Ruderich [Sat, 7 Jul 2012 16:21:02 +0000 (18:21 +0200)]
Minor source documentation update.
Simon Ruderich [Sat, 7 Jul 2012 00:22:26 +0000 (02:22 +0200)]
Use index() in a few more places.
Simon Ruderich [Fri, 6 Jul 2012 22:12:20 +0000 (00:12 +0200)]
Minor cleanup thanks to Perl::Critic.
Simon Ruderich [Fri, 6 Jul 2012 21:28:42 +0000 (23:28 +0200)]
README: A recent Term::ANSIColor is only necessary in some cases.
Simon Ruderich [Fri, 6 Jul 2012 19:10:13 +0000 (21:10 +0200)]
Reduce calls to is_non_verbose_build() in second loop.
Speeds up parsing a little.
Simon Ruderich [Sat, 30 Jun 2012 01:16:50 +0000 (03:16 +0200)]
Minor cleanup.
//o is only useful if the regex contains variables.
Simon Ruderich [Sat, 30 Jun 2012 01:16:32 +0000 (03:16 +0200)]
Minor source documentation updates.
Simon Ruderich [Mon, 25 Jun 2012 22:54:16 +0000 (00:54 +0200)]
Ignore false positives from CC=gcc.
If there's no "normal" compiler command before or after CC=gcc, skip the
line.
Simon Ruderich [Mon, 25 Jun 2012 22:38:36 +0000 (00:38 +0200)]
Minor source documentation update.
Simon Ruderich [Mon, 25 Jun 2012 22:38:00 +0000 (00:38 +0200)]
Minor documentation update.
Simon Ruderich [Mon, 25 Jun 2012 01:27:01 +0000 (03:27 +0200)]
Fix indentation.
No code changes.
Simon Ruderich [Mon, 25 Jun 2012 01:23:49 +0000 (03:23 +0200)]
Handle compiled headers (.h.gch).
This change also reduces the number of false positives drastically, but
may introduce false negatives if unusual file extensions are used when
linking.
However checking for missing LDFLAGS (e.g. -Wl,-z,relro etc.) is already
handled by lintian with good accuracy, so this shouldn't be a problem.
Simon Ruderich [Sun, 3 Jun 2012 01:19:36 +0000 (03:19 +0200)]
gcc is the only supported compiler at the moment.
Simon Ruderich [Thu, 31 May 2012 21:54:57 +0000 (23:54 +0200)]
t: Fix test for non-existent file.
Broken in
23189f94e3761d3ef1d82b5abccf11564388b4bf .
Simon Ruderich [Thu, 31 May 2012 21:52:53 +0000 (23:52 +0200)]
Bernhard R. Link [Wed, 30 May 2012 10:03:46 +0000 (12:03 +0200)]
Properly detect if given a directory name as argument.
Currently running blhc with a directory name as argument results in no
error except it warning there are no compiler commands in it. So check
if it is a proper file (or a link to a proper file).