csmock-3.7.1

• csmock: use the term findings instead of defects in do_diff_scan() (#184)
• packaging: provide csmock-plugin-shellcheck-core with run-shellcheck.sh (#185)

csmock-3.7.0

• shellcheck: introduce the --shellcheck-batch option (#182)
• shellcheck: introduce the --shellcheck-timeout option (#182)
• shellcheck: use a new version of run-shellcheck.sh (#182)
• KFP: fix shell quoting in handle_known_fp_list() (#183)

csmock-3.6.1

• cppcheck: suppress information[normalCheckLevelMaxBranches] findings (#181)
• chroot-fixups: prevent %install of llvm from taking ages to complete (#180)
• cwe-map.csv: fix a misplaced quote that was causing a parsing error (#178)

csmock-3.6.0

• use NOCHECK_RPM_OPTS also for %build when not executing tests (#176)
• use rpmbuild --without test ... when execution of tests is not needed (#175)
• fix initialization of lock_name in MockWrapper (#172)
• make KFP work for project-koku-koku-[SHA1] (#168)
• chroot-fixups: make our scripts work again in pre-UsrMove chroots (#167)
• snyk: explicitly enable networking for snyk client execution (#165)
• fix Permission denied errors on /builddir while scanning tarballs (#163)
• results: set the imp flag in the list of important findings (#159)
• results: record the RPM package that provided KFP (#161)
• gcc: eliminate misaligned ASCII art coming from GCC analyzer (#162)
• make KFP work for quarkus-registry.quarkus.redhat.com (#158)
• clippy: experimental plug-in for clippy (#157 #164 #169 #170 #171 #173 #174)
• semgrep: experimental plug-in for semgrep (#149)

csmock-3.5.3

• snyk: skip writing of scan metadata when no supported project is found (#155)
• snyk: sanitize options passed to --snyk-code-test-opts (CVE-2024-2243)

csmock-3.5.2

• snyk: record file capture statistics in scan metadata (#153)
• use the root mock profile property for lock names (#151)
• introduce csmock --scrub-on-exit to invoke mock --scrub=all on exit (#154)
• skip comments in exclude-paths.txt provided by known-false-positives (#150)

csmock-3.5.1

• snyk: do not fail if there is nothing to scan (#131 #132 #133)
• snyk: unify the names of intermediate files with cspodman (#134)
• do not treat exit codes above 192 as fatal (#135)
• improve handling of known-false-positives for scans of source code tarballs (#136)
• avoid tagging of important findings in the list of important findings only (#138)
• gcc: properly disable annobin for RPM packages (#139)
• snyk: introduce --snyk-code-test-opts to pass options to the snyk CLI (#137)
• eliminate a run-time warning caused by insufficient regex escaping in csmock code (#143)
• always install tar into chroot because it is used by csmock itself (#144)
• avoid duplicating important findings (#147)
• scan.log print warning rather than error for recoverable errors (#148)

csmock-3.5.0

csmock-3.5.0

csmock-3.4.2

csmock-3.4.2

csmock-3.4.1

csmock-3.4.1