3.6% of heads up: Please correct your #includes or optflags use
Lubomir Kundrak
lkundrak at redhat.com
Thu Mar 20 14:44:17 UTC 2008
Hi Hans, Josh and Richard,
On Thu, 2008-03-20 at 15:13 +0100, Hans de Goede wrote:
> Josh Boyer wrote:
> > On Thu, 20 Mar 2008 13:57:48 +0000
> > "Richard W.M. Jones" <rjones at redhat.com> wrote:
> >
> >> Isn't this something which should be in rpmlint?
> >
> > No? Because it can't catch the header includes... It's an rpm lint
> > checker, not a source scanner.
Surely enough rpmlint can look for offensive symbols; it already
contains checks that look into file content (end-of-line encoding check,
or shebang in scripts check.).
On the other hand there are rpm post install checks that do the similar
thing -- consider the one that checks for rpaths.
I am wondering if they can be merged into rpmlint, and the rpmlint
changed into differentiating between warnings and errors, so it itself
can be invoked as post-install check? Anybody has an opinion on this? Is
this worth filing a rpmlint feature request?
> However this could be added to Makefile.common, it would be simple to check
> this after a make %arch using the generated .build-fooo.log
I am trying to get the script in rpm-build package:
https://bugzilla.redhat.com/show_bug.cgi?id=437627
Then we can add it to default rpmdevtools' rpmmacros.
Then the next steps would be adding making it a mandatory post install
check, what would output warnings, and then cause the builds to fail.
And then we can make "-Werror-implicit-function-declaration" a default
optflag, and whitelist applications that will have to use the old
optflags to build. And then get rid of that whitelist.
But these steps will need to be approved by packaging commitee, or maybe
by FESCO, and I guess they'll not get approvals if they break a big
number of packages. Therefore each step needs some time to reduce number
of broken packages. This is just the first step, to get the idea of
number of packages, and also to clean up the most obvious violators, so
the change proposals have bigger chance to pass once they're written and
presented to respective commitees.
Thanks,
--
Lubomir Kundrak (Red Hat Security Response Team)
More information about the fedora-devel-list
mailing list