Konrad Weihmann

**Is your feature request related to a problem? Please describe.** UNO is a small linter for C/C++ - Check out if it is usable **Describe a tool that might help...

https://github.com/SVF-tools/SVF could be handy - Have a look at it

https://github.com/future-architect/vuls seems to be fully featured and could be a real enhancement compared to just cve-scanning (based on NVD). Requires Go

https://github.com/knqyf263/trivy

https://github.com/eliasgranderubio/dagda

For new users it is valuable to describe how to setup and run new test cases under `tests/`. Add a README in markdown format to describe the needed steps

``` FILES_${PN} = "${bindir}/*" ``` or ``` FILES_${PN} = "${datadir}/**" ``` in unnecessary as bitbake automatically expands to include subfolder and items. ``` FILES_${PN} += "$[bindir}/*.1.so" ``` shall not give...

fix format-truncation on 64bit

10

GCC 10.x rightfully complains about out-of-bounds snprintf operation on 64bit systems, where size_t could be 64bit sized. Cast bytes_read down to 32bit and printf it without specifying input format Fixes...

License issue?

9

Looking at https://github.com/returntocorp/semgrep-rules/blob/5e37d4c37c39816895f9d1cdbb42226a7c4ae3d2/ruby/lang/security/ssl-mode-no-verify.rb#L1 I'm a bit confused - this repo claims to be LGPL-2.1 & Commons-Clause-1.0 but the site that most of the code is copied from isn't LGPL licensed...