David Wheeler writes:
> I have a feature suggestion - adding automated support for
> "flawfinder". Flawfinder is a lint-like program that
> searches for common security flaws in C/C++ programs and
> reports them. It's GPLed.
>
> It'd be nice if a lead developer could press a button
> and then receive (via the web or email) a flawfinder report
> listing all the potential vulnerabilities found in a current project.
>
> Flawfinder is available at:
> http://www.dwheeler.com/flawfinder.
>
> I'm willing to help integrate it.
I apt-get installed flawfinder 0.21-1 on Savannah. Could you
provide a patch to Savannah that would allow to use it ? Also we would
ask you to provide documentation and support for flawfinder for the
next 12 months.
Is this agreeable to you ?
--
Loic Dachary http://www.dachary.org/ [EMAIL PROTECTED]
12 bd Magenta http://www.senga.org/ [EMAIL PROTECTED]
75010 Paris T: 33 1 42 45 07 97 [EMAIL PROTECTED]
GPG Public Key: http://www.dachary.org/loic/gpg.txt
