New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ Support for C++ fuzz functions in the fuzzing check, add more const LanguageNames for clients #2001
Conversation
Codecov Report
@@ Coverage Diff @@
## main #2001 +/- ##
==========================================
+ Coverage 42.79% 45.25% +2.45%
==========================================
Files 93 93
Lines 7695 7695
==========================================
+ Hits 3293 3482 +189
+ Misses 4146 3950 -196
- Partials 256 263 +7 |
Integration tests success for |
Integration tests success for |
@oliverchang @Navidem @metzman can you take a look? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doc changes LGTM. Nice work on adding C++ support!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
Integration tests success for |
Integration tests success for |
Integration tests success for |
Integration tests success for |
Integration tests success for |
Integration tests success for |
Integration tests success for |
Stale pull request message |
Keep this PR active. |
Stale pull request message |
Stale pull request message |
@@ -320,7 +320,7 @@ This check tries to determine if the project uses | |||
[fuzzing](https://owasp.org/www-community/Fuzzing) by checking: | |||
1. if the repository name is included in the [OSS-Fuzz](https://github.com/google/oss-fuzz) project list; | |||
2. if [ClusterFuzzLite](https://google.github.io/clusterfuzzlite/) is deployed in the repository; | |||
3. if there are user-defined language-specified fuzzing functions (currently only supports [Go fuzzing](https://go.dev/doc/fuzz/)) in the repository. | |||
3. if there are user-defined language-specified fuzzing functions (currently supports [Go Fuzzing](https://go.dev/doc/fuzz/)) and [C++ Fuzz Test](https://help.code-intelligence.com/create-a-c-fuzz-test) in the repository. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please replace the C++ link with https://llvm.org/docs/LibFuzzer.html#fuzz-target
@@ -377,7 +377,7 @@ checks: | |||
[fuzzing](https://owasp.org/www-community/Fuzzing) by checking: | |||
1. if the repository name is included in the [OSS-Fuzz](https://github.com/google/oss-fuzz) project list; | |||
2. if [ClusterFuzzLite](https://google.github.io/clusterfuzzlite/) is deployed in the repository; | |||
3. if there are user-defined language-specified fuzzing functions (currently only supports [Go fuzzing](https://go.dev/doc/fuzz/)) in the repository. | |||
3. if there are user-defined language-specified fuzzing functions (currently supports [Go Fuzzing](https://go.dev/doc/fuzz/)) and [C++ Fuzz Test](https://help.code-intelligence.com/create-a-c-fuzz-test) in the repository. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please replace the C++ link with https://llvm.org/docs/LibFuzzer.html#fuzz-target
Stale pull request message |
What kind of change does this PR introduce?
clients/languages.go
.What is the current behavior?
Scorecard supports (1) ClusterFuzzLite, (2) OSS-Fuzz, and (3) Go built-in Fuzzing in the fuzzing check.
What is the new behavior (if this is a feature change)?**
Checking for C++ fuzz functions now is included in the fuzzing check.
Special notes for your reviewer
Does this PR introduce a user-facing change?
Yes, same as in PR #1979.
(In particular, describe what changes users might need to make in their
application as a result of this pull request.)