On Fri, Apr 14, 2017 at 09:09:18PM +0200, Erik Huelsmann wrote: > > As we are a webapp and as we pride ourselves in delivering secure code, I > think we should live up to the promise by requiring the CERT secure coding > standards to be applied -- at least as far as our new code goes. There may > be a few points in the new code where we are currently violating the > policies because we're "calling out" to old code. This definitely can't be > the case for all of the listed violations. So, I think that *if* we need to > allow a violation (and need to add a Critic suppression), we should *only* > do that under the condition that there's a well documented explanation of > why this is required.
It looks like a good set of critiques. I can help silence the P::C beast. Let me know. Rob ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Ledger-smb-devel mailing list Ledger-smb-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
