Issue with GitHub Security Scanning: gmtime #423
Comments
|
I see the same warning in nlohmann/json, see report: Would be great if this could be fixed. |
|
I'll take a look at this by the end of December. Btw the link is broken |
|
Oh, apparently, these links are somehow private.
|
onqtam
added a commit
that referenced
this issue
Dec 22, 2020
|
Fixed in the dev branch - will release a new version before the end of the year. |
|
Awesome, thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
I've just attempted to enable Security Scanning via https://github.com/AlexanderLanin/ccache/pull/4/files
I expected none or a few warnings.
I did not expect warnings from doctest.
The warning you can see here:
https://github.com/AlexanderLanin/ccache/security/code-scanning/1?query=ref%3Arefs%2Fpull%2F4%2Fhead
Steps to reproduce
Probably the same can be achieved by enabling security scanning on doctest itself, although I have not attempted it.
See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository
Extra information
I'm not quite sure how to avoid the warning, but it seems reasonable to attempt to do so, since everyone trying to enable security scanning will get a warning from doctest. The recommendation to use gmtime_r seems overly simplistic as that one is introduced in C++20. On very first glance it is available on all major systems except older Visual Studio compilers.
The text was updated successfully, but these errors were encountered: