Hi,
Le 05/06/2019 à 21:56, Julia Lawall a écrit :
On Wed, 5 Jun 2019, Enrico Weigelt, metux IT consult wrote:
Hi folks,
I'd like to hack up some scripts that automatically scan and report
findings on a daily basis, eg. on the linux-next tree. Obviously,
nobody can seriously read this all at once, especially not on a
daily basis.
Therefore I need to:
* split the findings (eg. by ruleset or affected files / subsystems)
* filter out findings that already have been reported.
The second part seems to be trickiest one, as the code might slightly
change in the meantime, laeding to different patch outputs. Ignoring
the @@ lines should at least drop a large portion of the duplicates,
but I'll yet have to see how well that works ...
Did anyone else already working on that topic ?
The 0-day people do something.
The tool Herodotos addressed this, but seems to be hard to get working.
Still maintained. ;)
I have someone currently working on it to make optional a set of
features that are useless for your purpose.
However, I never used it on linux-next...
You may also take a look at cgum/gumtree to track changes in a more
finer way than diff.
In general, you need to just interpret the report line numbers and the
diff hunks to figure out whether the report lines are or are not in the
changed lines of code.
For example, if the report was on line 69 and is now on line 70, and the
only change was to replace line 2-3 by lines 2-4, ie add a new line, then
the report on line 70 is the same as the report on line 69.
julia
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
--
Nicolas Palix
http://lig-membres.imag.fr/palix/
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
