Change log for check-all-the-things package in Debian
| 1 → 12 of 12 results | First • Previous • Next • Last |
| Published in sid-release |
check-all-the-things (2017.05.20+nmu1) unstable; urgency=medium * Non-maintainer upload. * Drop python2 support; Closes: #942918, #938986 -- Sandro Tosi <email address hidden> Sat, 07 Dec 2019 17:37:15 -0500
| Superseded in sid-release |
check-all-the-things (2017.05.20) unstable; urgency=medium
* New release.
- The "Check Things Securely Yet Again" release
- Support BSD versions of the find command
- Support running in more types of terminals/places
- Support running commands in other dirs for safety
- Support properly disabling flags/checks
- Disable remarks about already disabled checks
- Update documentation, TODO items and URLs
- Print remarks more nicely in certain situations
- Print filenames and line numbers where possible
- Flag checks:
+ dangerous - rpmlint ocaml-lintian
+ run-in-tmp-dir - luacheck puppet-lint epubcheck erl-tidy
+ fixme-silent - flawfinder gettext-lint-* luacheck hlint
+ network - cme-check-dpkg
+ manual - gettext-lint-spell
- Fix complexity - prevent arbitrary code execution
- Fix perlcritic - disable code execution, only run when perl present,
increase verbosity to be more useful
- Fix clang-tidy regression from version 2016.06.29
- Fix zzuf - incorrect path matches
- Fix yamllint - incorrect find argument grouping
- Fix ELF & Perl checks - add MIME types
- Fix grep checks - use short options for portability
- Fix xapian-check - crash due to use of format strings
- Fix uudecode - include filenames in command-line
- Fix insecure-recv-keys - typo in regex
- Fix appstreamcli - unknown command-line option
- Fix m64-m32 - reduce false positives
- Fix gettext-lint-spell - add missing dependency, drop *.pot
- Fix afl - check it is installed properly
- Fix embed-dirs - add inc/ dirs for Perl packages
- Add podchecker - check Perl POD documentation
- Add pscan - check C printf format strings
- Add leaktracer - check programs for memory leaks
- Add tmperamental - check programs for tmpfile issues
- Add govet - report suspicious Go source code
- Add golint - report Go source code lint
- Add goimports - check missing/unused Go import lines
- Add rubocop - check Ruby code against Ruby Style Guide
- Add roodi - check Ruby code for design issues
- Add gendarme - check Mono/.NET ECMA CIL files
- Add make-phony - find misspelled .PHONY targets
- Add mypy - check Python static typing hints
- Add pyroma - check Python packaging quality
- Add bandit - check Python security quality
- Add dodgy - check dodgy lines in Python code
- Add vulture - check for dead Python code
- Add pycodestyle - check Python code style
- Add pydocstyle - check Python documentation style
- Add proselint - check for English prose issues
- Add chktex - check typographic errors in LaTeX docs
- Add fitscheck/wcslint/volint - FITS/VOTable files
- Add putty-private-key & openssh-private-key-rsa1
- Remove ghc-mod - just a wrapper for hlint
- TODO items for wtf flake8-plugins xpi-addons-linter
go-fix libdetectcoll sha1collisiondetection giffix
haxelint dockerlint dockerfile_lint dockerfile_checker
truffleHog pyt chap Devel::Plumber
-- Paul Wise <email address hidden> Sat, 20 May 2017 17:33:18 +0800
Available diffs
- diff from 2017.01.15.1 to 2017.05.20 (14.6 KiB)
check-all-the-things (2017.01.15.1) unstable; urgency=high
* New release.
- The "Check Shiny Things More Securely" release
- Fix perlcritic to not execute code from the current dir
-- Paul Wise <email address hidden> Thu, 27 Apr 2017 20:34:00 +0800
Available diffs
- diff from 2017.01.15 to 2017.01.15.1 (578 bytes)
check-all-the-things (2017.01.15) unstable; urgency=high
* New release.
- The "Check Things Securely Not Portably" release
- Reset terminal modes after commands to avoid colour spew
- Improve compatibility with Python 3.6
- Update python checks to not work on other distros
because the `python -m` command is insecure
- Update checkers removed from Debian - allow to run if installed
- Update lrzip-test/zstd-test - add MIME types
- Add lz4-test - check lz4 compressed files
- Add path-max - check for non-portable path size macros
- TODO items for deep-text-correcter sblint decopy
-- Paul Wise <email address hidden> Sun, 15 Jan 2017 10:37:30 +0800
Available diffs
- diff from 2016.12.25 to 2017.01.15 (4.2 KiB)
check-all-the-things (2016.12.25) unstable; urgency=medium
* New release.
- The "Check Everywhere For Tangerines" release
- Improve the 'no specific checks' remark
- Update php-syntax-check - ignore no files warning
- Update empty - never print inode/x-empty as unchecked
- Update pylint - check text/x-python files too
- Update python checks to work on other distros
- Add make - check Makefiles with GNU make
- Add pkg-config - check pkg-config .pc files
- Add t1lint - check Type 1 font files
- Add zstd-test - check zstd compressed files validity
- TODO items for urlycue multivalent pdf-hul pdfavalidation
huntbugs spotbugs find-sec-bugs binskim
-- Paul Wise <email address hidden> Sun, 25 Dec 2016 08:02:09 +0800
Available diffs
- diff from 2016.09.03 to 2016.12.25 (4.3 KiB)
check-all-the-things (2016.09.03) unstable; urgency=medium
* New release.
- The "Reproducibly Depend On Thing Checkers" release
- Fixes reproducible builds by sorting Recommends/Suggests (Closes: #829297)
- Rename an option in line with final 'Remarks' section rename
- Allow autocompletion with alias cats=check-all-the-things
- Ignore quilt .pc directories in all the places VCSen are ignored
- Eliminate terminal crunk for certain situations
- Update spellintian - ignore *.wav files too
- Update unzip-test - check *.zhfst files too
- Update embed-dirs - warn about deps and 3rdp dirs too
- Update cppcheck - check *.hxx *.hh files too
- Add cypher-lint - check Cypher Query Language files
- Add bitmap-synfig - ask where Synfig SIF source files are
- Add bitmap-povray - ask where POV-Ray POV source files are
- Add bitmap-gnuplot - ask where gnuplot scripts are
- Add bitmap-base64 - check files for embedded base64 images
- Add dsniff - check for passwords in packet capture files
- Add web-to-apt-key - check for blindly installing gpg keys
- Add insecure-recv-keys - check for insecure downloads of gpg keys
- TODO items for rstcheck anorack fuzz linklint webcheck doctorj xmlwf
checkit_tiff pylint-celery pylint-flask pep8-naming vint flay mdetect
markdownlint haxe-checkstyle cmake-lint stylelint httpolice pedant
check-manifest rxp
-- Paul Wise <email address hidden> Sat, 03 Sep 2016 12:14:15 +0800
Available diffs
- diff from 2016.06.29.1 to 2016.09.03 (8.6 KiB)
check-all-the-things (2016.06.29.1) unstable; urgency=medium
* New release.
- The "Check A Few More Things Slightly More Securely" release
- More mitigations for Debian perl bug #588017
- Fix dependencies for uscan based checks
-- Paul Wise <email address hidden> Wed, 29 Jun 2016 13:06:12 +0200
Available diffs
| Deleted in experimental-release (Reason: None provided.) |
check-all-the-things (2016.06.25) experimental; urgency=medium
* New release.
- The "Check A Bunch Of Things" release
- The official abbreviation is now cats. Meow!
- Bump Standards-Version, no changes needed
- Use https for Vcs-Git and other URLs
- Warn away the busy, lazy or noise intolerant
- Drop the separation between groups/flags
- Drop todo item deps down to Suggests
- Fix file matching in a number of cases
- Add argument completion for bash
- Add an indicator of the currently running command
- Add (slow) support for matching files based on MIME type (Closes: #791722)
- Add better advice for style/complexity/other checks
- Disable network checks when there is no default gateway
- Trim check output to 10 lines by default
- Support overlays for older distros
- Add 'modify' flag for commands that modify files and
thus should not be run by default
- Add 'manual' flag for commands that must be manually run
- Handle 'todo' flagged checks properly
- Show list of found file extentions that were not checked
- Rename final section to 'Remarks' since the name grew long
- Give an error when choosing unknown checks/flags
- Report when help is needed for some existing checks
- Match more ZIP-based files for the unzip-test check
- Document the use of usertags for this package
- Document places where more check tools can be found
- Add appstreamcli validate - check AppStream files
- Add appstream-util validate - check AppStream files
- Add bls-standalone - check build logs for issues
- Add build-log-static-library - warn against static linking
- Add complexity - check C code for function complexity
- Add kwstyle - check C code for style conformance
- Add opencolladavalidator - check COLLADA files
- Add csslint-0.6 - check CSS files
- Add wrap-and-sort - wrap and sort various debian/ files
- Add license-reconcile - check debian/copyright files
- Add debmake-k - check debian/copyright files
- Add autodep8 - check if DEP-8 tests can be created
- Add lockdep - check pthread-using programs
- Add zzuf - fuzz program input
- Add afl - intelligently fuzz program input
- Add hardening-check - check programs for hardening
- Add spellintian - check spelling using lintian dictionaries
- Add flightcrew - check epub e-book files
- Add erlang-shell-inject - check for Erlang shell metachar injection
- Add erl-tidy - check Erlang code
- Add font-embedding-restrictions - check TTF embedding restrictions
- Add two jsonlints - check JSON files
- Add autoupdate - update autotools files
- Add autoscan - check completeness of configure.ac
- Add timeless - check for macros that break reproducible builds
- Add http - check for http URLs to switch to https
- Add embed checks - heuristics for embedded code copies
- Add mailto - check mailto: links
- Add ocaml-shell-injection - check for OCaml shell metachar injection
- Add pylint - check Python code for various issues
- Add rpmlint - check RPM files
- Add web-to-shell - check for `curl | sudo sh` antipattern
- Add ssl-cert-check - check SSL key/cert files
- Add yamllint - check YAML files
- TODO items for android-lint smatch rzip-test lrzip-test
csslint scan-copyrights licensecheck2dep5 debian-tracker
erlang-elvis opentype-sanitiser bugpicker nit librejs-cli
jpegoptim lisp-critic project-flint scheck ocaml-unsafe
ocaml-mascot cpants-lint php7cc pngcrush optipng advpng
mypy pycodestyle pydocstyle python3-requirements-detector
pydiatra pytype ruby-reek ruby-sadist ruby-derailer
ruby-space swiftlint x509lint certlint
-- Paul Wise <email address hidden> Sat, 25 Jun 2016 12:08:10 +0200
| Superseded in experimental-release |
check-all-the-things (2015.12.10) experimental; urgency=medium
* New release.
- Option to show commands instead of running them
- Show the currently running command as a progress indicator
- Line-by-line output when the ptyprocess module is not installed
- Show comments that have no associated command
- Make the Debian package build reproducible
- Make the uscan check work when USCAN_VERBOSE is set
- Add php-grinder - check PHP code for various flaws
- TODO items for cppclean js-standard js-modern-standard
Microsoft-Font-Validator sass-lint scss-lint lesslinter
django-template-tests soot plato coffeelint phpcpd
clonedigger xenon brakeman scalastyle tailor
-- Paul Wise <email address hidden> Thu, 10 Dec 2015 12:12:13 +0800
| Superseded in experimental-release |
check-all-the-things (2015.11.08.1) experimental; urgency=medium
* New release.
- Fix traceback when using installed script (Closes: #804491)
-- Paul Wise <email address hidden> Mon, 09 Nov 2015 07:07:24 +0800
| Superseded in experimental-release |
check-all-the-things (2015.11.08) experimental; urgency=medium
* New release.
- Option to quit when interrupted (Closes: #796338)
Quit after recieving two interrupts within 0.5 seconds
- Prune/filter VCS dirs for some checks (Closes: #796340)
- Allow selection of which checks to run based on
check names, flag names and group names
- Hide checks with no output by default
- Minimise display of suppressed checks by default
- Display names of checks that are not yet implemented
- Improve help output and add generated manual page
- Show comments for dangerous checks
- Add upstream-metadata - missing DEP-12 data
- Add licensecheck-generated-files - generated files
- Add puppet/puppet-lint - config management checks
- Add licensecheck-incorrect-fsf-address - bad FSF address
- Add 7z-test - test 7zip compressed archives
- Add disabled-tests - find disabled build-time tests
- Add luacheck - check Lua code for common issues
- Rename -m64-m32 to m64-m32 to fit with check selection options
- Rename rust unsafe check to rust-unsafe for namespacing
- Drop appdata-validate - should not be used any longer
- Fixes for ftlint clang-modernize bashate shellcheck empty
bfbtester *-private-key isutf8 unzip-test
- TODO items for foodcritic dodgy ruby-lint sourcecode-spellchecker
chk-origtargz ansible-lint puppet-syntax cbmc vera nsiqcppstyle
clang-check clang-tidy kwstyle abi-compliance-checker krazy
checkheaders ublinter clazy csslint dart-shell-metachars
dep11-tools spellintian scan-copyright gendarme
-- Paul Wise <email address hidden> Sun, 08 Nov 2015 19:18:25 +0800
| Superseded in experimental-release |
check-all-the-things (2015.08.11.1) experimental; urgency=medium
* New release.
- Actually fix dependencies for suspicious-source test
-- Paul Wise <email address hidden> Tue, 11 Aug 2015 12:40:00 +0200
| 1 → 12 of 12 results | First • Previous • Next • Last |
