diff options
author | Ludovic Courtès <ludo@gnu.org> | 2015-11-26 22:59:06 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2015-11-26 23:04:19 +0100 |
commit | 5432734b00ae14c3a93af358fc7bbf80e3db5ee8 (patch) | |
tree | a2dbd935bfb43f2d7e4523a2182de26f3268103f /doc/guix.texi | |
parent | 0eef7551303e3fc855809d84eed8421d2a075cfa (diff) | |
download | guix-5432734b00ae14c3a93af358fc7bbf80e3db5ee8.tar guix-5432734b00ae14c3a93af358fc7bbf80e3db5ee8.tar.gz |
lint: Add "cve" checker.
Fixes <http://bugs.gnu.org/21289>.
* guix/scripts/lint.scm (package-name->cpe-name, package-vulnerabilities)
(check-vulnerabilities): New procedures.
* guix/scripts/lint.scm (%checkers): Add "cve" checker.
* tests/lint.scm ("cve", "cve: one vulnerability"): New tests.
* doc/guix.texi (Invoking guix lint): Mention it.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r-- | doc/guix.texi | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 058b3598dc..8ecb7ccc17 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4452,6 +4452,12 @@ invalid. Check that the source file name is meaningful, e.g. is not just a version number or ``git-checkout'', and should not have a @code{file-name} declared (@pxref{origin Reference}). +@item cve +Report known vulnerabilities found in the Common Vulnerabilities and +Exposures (CVE) database +@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US +NIST}. + @item formatting Warn about obvious source code formatting issues: trailing white space, use of tabulations, etc. |