7 - Ignore another cargo/rust false positive; reported by Yogeswaran Umasankar
8 (see Debian Bug #1037521).
9 - Permit "no compiler commands" for cargo/rust projects.
14 - Update moc handling for Qt6; reported by Ben Westover, patch from Ross
15 Vandegrift (Debian bug #1019521).
16 - Support -D_FORTIFY_SOURCE=3 added in glibc 2.35; reported by Christian
17 Göttsche (Debian bug #1027084).
18 - Fix false positive when using `nvcc`; reported by Andreas Beckmann (Debian
20 - Fix tests in sid/testing by removing avr32 which is no longer supported
21 (Debian Bug #1050942).
22 - Accept -g3 instead of -g which enables more debug information; reported in
23 IRC OFTC/#debian-mentors.
24 - Properly ignore cargo/rust output; reported by Alexander Kjäll via email.
25 - Fix another false positives from cmake which probes for compiler flags
26 without setting CPPFLAGS; reported by Marco Mattiolo and Soren Stoutner
27 (Debian Bugs #1043522 and #1054882).
28 - Check for stack clash protection (-fstack-clash-protection); requested by
29 Emanuele Rocca (Debian Bug #1050909).
30 - Check for branch protection (amd64: -fcf-protection, arm64:
31 -mbranch-protection=standard); requested by Emanuele Rocca (Debian Bug
38 - Also split commands on && and || (not only on ;) to detect more false
39 negatives. This could also trigger more false positives.
40 - Fix false positive when calling make; reported by Fabian Wolff (Debian Bug
42 - Fix false positives from cmake which probes for compiler flags without
43 setting CPPFLAGS; reported and suggested fix by Joao Eriberto Mota Filho
45 - Properly handle quoted flags; reported by Olek Wojnar (see Debian Bug
47 - Strip (basic) environment variables before compiler detection to reduce
48 false positives; reported by Fabian Wolff (Debian Bug #975650).
54 - Add support to dynamically ignore lines from within the build log by
55 embedding the string "blhc: ignore-line-regexp:" (Debian Bug #725484).
56 - Fix false positive for meson build; reported by Yangfl (Debian Bug #953335).
57 - Fix false positive with embedded gcc -print-* commands; reported by Andreas
58 Beckmann (Debian Bug #964160).
59 - Detect non-verbose commands in waf builds.
65 - Fix false positive in `dwz` lines; reported by Raphaël Hertzog (Debian Bug
72 - Sync architecture specific hardening support with dpkg 1.19.7.
73 - Fix architecture detection with recent dpkg-buildpackage versions; reported
74 by Ross Vandegrift, patch from Mathieu Parent (Debian bug #929503).
75 - Fix false positive in non-verbose check for python setuptools; reported by
76 Simon McVittie (Debian Bug #930993).
77 - Fix special handling of format CFLAGS for Ada/Fortran with build logs not
78 generated pbuilder/sbuild (pbuilder and sbuild provide build dependencies
79 but other do not); reported by Christoph Berg and Rafael Laboissière (Debian
81 - Fix false positive in non-verbose check for cython's .pyx files; reported by
82 Picca Frédéric-Emmanuel (Debian Bug #939632).
83 - Fix false positive in libtool detection when the path to the libtool binary
84 is quoted; Yves-Alexis reported by Perez (Debian Bug #941836).
90 - Detect restore of -D_FORTIFY_SOURCE=2 after it was overwritten by
91 -D_FORTIFY_SOURCE=0 or 1 or -U_FORTIFY_SOURCE; reported by Mike Hommey
93 - Detect overwrite of -fstack-protector options with -fno-stack-protector
94 (same for -fstack-protector-all and -fstack-protector-strong).
95 - Don't treat hexdumps which contain "cc" as compiler lines; reported by Kurt
96 Roeckx (Debian bug #899137).
102 - Support new dpkg versions which replaced Dpkg::Arch's debarch_to_debtriplet
103 with debarch_to_debtuple (Debian Bug #844393), reported by Johannes Schauer.
104 - Support Open MPI mpicc/mpicxx compiler wrappers to prevent false positives
105 in non-verbose-build detection, reported by Boud Roukema and Nico Schlömer
106 (Debian Bug #853265).
107 - Add better support for Fortran (c.f. Debian Bug #853265).
108 - Don't report missing PIE flags in buildd mode if GCC defaults to PIE (c.f.
110 - Add new --debian option to handle PIE flags like buildd mode, thanks to
111 Eriberto Mota for the suggestion. This is not enabled per default to prevent
112 false negatives as the flags are missing from the build log and blhc can't
113 detect if the compiler applied PIE internally (c.f. Debian Bug 845339).
114 - Add --line-numbers command line option
115 - Sync architecture specific hardening support with dpkg 1.19.0.5.
116 - Use proper look back for non-verbose detection if DEB_BUILD_OPTIONS=parallel
117 is present. Previously it was too small causing false-positives if the
124 - Sync architecture specific hardening support with dpkg 1.18.10.
125 - Fix false positive in "gcc > file" (Debian Bug #828789), reported by Mathieu
127 - Fix another Ada false positive for format flags (Debian Bug #833939),
128 reported by Nicolas Boulenguez.
134 - Sync architecture specific hardening support with dpkg 1.18.7.
135 - Fix false positive in "libtool: link: g++ -include test.h .." (Debian Bug
136 #784959), reported by Raphaël Hertzog.
137 - Fix false positive with `gcc -v` (Debian Bug #765756), reported by Andreas
139 - Fix false positive in `rm` lines (Debian Bug #772853), reported by Jakub
141 - Update t/tests.t for new output of Pod::Usage in 1.65 (Debian Bug #825428),
142 reported by Niko Tyni, patch by Gregor Herrmann.
143 - Fix false positives for comment lines (Debian Bug #825671), reported by
145 - Improve non-verbose detection for parallel builds (Debian Bug #801492),
146 reported by Mattia Rizzolo, initial patch by Julien Lamy.
152 - Fix false positive in configure output if $CC contains options (Debian bug
153 #710135), reported by Bastien Roucariès.
154 - Handle another case of Qt's `moc` (Debian bug #710780), reported by Felix
156 - Fix detection of build dependencies for buildd logs (Debian bug #719656),
157 reported by Nicolas Boulenguez.
158 - Fix buildd architecture detection. Only relevant if the chroot setup fails
159 and dpkg-buildpackage is never run; therefore a minor issue.
160 - Fix false positive when "compiling" python files (Debian bugs #714630 and
161 #753080), reported by Matthias Klose, patch by James McCoy.
162 - Don't check for hardening flags in non-verbose compiler commands spanning
164 - Better handling of libtool commands (Debug bug #717598), reported by Stefan
167 - Sync architecture specific hardening support with dpkg 1.17.13.
168 - Check for -fstack-protector-strong on supported platforms (since dpkg
169 1.17.11) (Debian bug #757885), reported by Markus Koschany.
170 - Consider lines with -O0 or -Og debug builds and disable checks for -O2
171 (Debian bug #714628), reported by Matthias Klose. Also don't check for
172 fortification in those lines as it requires optimization (Debian bug
173 #757683), also reported by Matthias Klose.
179 - Fix many false positives, this includes compiled header files, lines with
180 only CC=gcc but no other compiler commands and `moc-qt4`/`moc-qt5` commands.
181 - Accept -Wformat=2 because it implies -Wformat.
182 - Accept --param ssp-buffer-size=4 (space instead of equals sign).
183 - Fix build dependency related checks (Ada, hardening-wrapper) for pbuilder
185 - Fix architecture detection in old buildd build logs which use an additional
186 "is" in the "dpkg-buildpackage: host architecture" field.
188 - Updated output in buildd mode.
189 - Only return non-zero exit codes for errors in buildd mode, not for warnings.
190 - Minor performance improvements.
191 - Support for Ada files.
197 - Fix --ignore-flag with -fPIE.
198 - Detect overwrite of -D_FORTIFY_SOURCE=2 with -D_FORTIFY_SOURCE=0 or 1 or
201 - Add --ignore-arch-flag and --ignore-arch-line options to ignore flags and
202 lines on certain architectures only.
203 - Buildd tags "no-compiler-commands" and "invalid-cmake-used" are now
204 information ('I-') instead of warning ('W-').
205 - Ignore false positives when using moc-qt4.
211 - Fix --version, --help.
213 - Remove -Wformat-security from expected CFLAGS because it's already implied
214 by -Werror=format-security (removed in dpkg-dev >= 1.16.3).
ruderich.org/simon / blhc / blhc.git / blob