-
-
Notifications
You must be signed in to change notification settings - Fork 641
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with GitHub Security Scanning: gmtime #423
Comments
I see the same warning in nlohmann/json, see report: Would be great if this could be fixed. |
I'll take a look at this by the end of December. Btw the link is broken |
onqtam
added a commit
that referenced
this issue
Dec 22, 2020
Fixed in the dev branch - will release a new version before the end of the year. |
Awesome, thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
I've just attempted to enable Security Scanning via https://github.com/AlexanderLanin/ccache/pull/4/files
I expected none or a few warnings.
I did not expect warnings from doctest.
The warning you can see here:
https://github.com/AlexanderLanin/ccache/security/code-scanning/1?query=ref%3Arefs%2Fpull%2F4%2Fhead
Steps to reproduce
Probably the same can be achieved by enabling security scanning on doctest itself, although I have not attempted it.
See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository
Extra information
I'm not quite sure how to avoid the warning, but it seems reasonable to attempt to do so, since everyone trying to enable security scanning will get a warning from doctest. The recommendation to use gmtime_r seems overly simplistic as that one is introduced in C++20. On very first glance it is available on all major systems except older Visual Studio compilers.
The text was updated successfully, but these errors were encountered: