Comments (4)
Excellent. When I get a chance I intend to add that to the documentation.
from flawfinder.
Okay, I've added a brief note about character encoding to the README (pointing to the documentation), and in both places specifically noted cvt2utf and iconv (iconv was already noted in the man page). Hopefully that helps the next person!
from flawfinder.
No, because that causes other problems.
The issue isn't migrating into Python3 per se, the problem is that Python3 fails to provide useful built-in libraries to deal with code that isn't perfectly encoded.
I'm trying to ensure that flawfinder can be installed by copying a single file, since some people aren't allowed to use pip etc. to install arbitrary packages. In many circumstances that' restriction is a non-problem because of Python's "batteries included" nature. But Python3 doesn't provide a library to deal with imperfectly-encoded data, even though it added mechanisms to force perfect encoding. BeautifulSoup would certainly help, but that's not a built-in.
You don't HAVE to use UTF-8, as long as you state an encoding and stick to it.
It's very rare that people have this problem anyway, and in the long term I expect this problem to dissipate. Generally people are migrating to UTF-8 for all source files, and once that's done there is no problem.
If you do have to do a conversion, iconv may be the friend you need (as documented).
from flawfinder.
@david-a-wheeler Thanks for the response on this. As a side note, I did find https://github.com/x1angli/cvt2utf : which seems to address both our concerns?
from flawfinder.
Related Issues (20)
- Add a --ignore option
- Invalid helpUri generated HOT 1
- SARIF artifact location paths HOT 3
- Character Encoding Error on UTF-8 Encoded Source File with U+0441 HOT 18
- Warn when PQExec is called with a non-constant to warn about SQL injection in PostgreSQL
- --csv option wont output hits to csv file from mac terminal
- FF1057 is missing CWE attribution in the warning text HOT 1
- Flawfinder does scan the directory with symlinks and exits quietly with error code HOT 1
- binary/hex integer literals with separators lead to parse error HOT 2
- Flawfinder reports abseil::StrCat the same as std:strcat HOT 1
- Can I Modfy more CWE? HOT 1
- SARIF output malformed due to incorrect URI, which causes GitHub upload to fail HOT 1
- Supported python versions HOT 1
- Allow skipping bad characters HOT 4
- flawfinder mis-identifies symbols named "system" as CWE-78
- Declaration of simple C++ method named "read()" triggers CWE-
- Grouping issues by vulnerability title
- Add a smell score for each file
- Improve sscanf and friend vulnerability context
- False positive when a variable is named "system"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flawfinder.