On Fri, Sep 30, 2022 at 11:19:16AM +0200, IOhannes m zmoelnig wrote: > i've bumped into this with my 'o2' builds (which also uses "-fortify") on > salsa, so it is not really "fixed" (as of 2022-09) > > of course i could add a 'blhc: ignore-line-regexp:', but in practice that > would disable the entire blhc check. > or I could add some "--ignore-flag -D_FORTIFY_SOURCE=2" to the invocation > of blhc. > but really i'd like to not do this, as it requires me to manually check > which flags get disabled by which DEB_BUILD_MAINT_OPTIONS=hardening option > and fix this blhc-invocation whenever a package requires special hardening > flags...
Hi IOhannes, I'm somewhat out of the loop regarding Debian's build process. Is this something blhc can extract from the build log? Best, Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9
signature.asc
Description: PGP signature