Skip to content

git-vuln-finder v1.4 released - bugs fixed for commit messages with undetected language

Latest
Latest
Compare
Choose a tag to compare
@adulau adulau released this 27 Nov 09:47
· 12 commits to master since this release
v1.4
This tag was signed with the committer’s verified signature.
adulau Alexandre Dulaunoy
GPG key ID: 09E2CD4944E6CBCD
Learn about vigilant mode.
4c25087
This commit was signed with the committer’s verified signature.
adulau Alexandre Dulaunoy
GPG key ID: 09E2CD4944E6CBCD
Learn about vigilant mode.

git-vuln-finder v1.4 released - bugs fixed for commit messages with undetected language (2022-11-27)

Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search is based on a set of regular expressions against the commit messages only. If CVE IDs are present, those are added automatically in the output. The input can be any git repositories or a GH archive source.

Changes

  • [poetry] prepare for v1.4 release. [Alexandre Dulaunoy]

  • [doc] clean-up and a note about the GH Archive support. [Alexandre Dulaunoy]

Fix

  • [authors] David added. [Alexandre Dulaunoy]

Other

  • Fix #17 [main] - set language to unknown when langdetect cannot detect the language for some reasons like empty commit message or unknown language. [Alexandre Dulaunoy]

    Notes: langdetect exception handler seems to be crap and do not use
    a Base Exception handler. That's why the catch-all ;-)

  • Create codeql.yml. [Alexandre Dulaunoy]

Assets 2
Loading