Hi,
On 1/19/22 14:04, bauen1 wrote:
On 1/18/22 16:48, James Carter wrote:
On Fri, Jan 14, 2022 at 2:44 PM bauen1 <j2468h@xxxxxxxxxxxxxx> wrote:
Hi,
as a heavy user of neverallow / neverallowx, please don't limit this.
When adding a new neverallow rule there might quite a few types violating them, and having to rebuild the policy every 2 types would make fixing them incredibly annoying.
If you want to limit this, then please make it opt-in or add it as a command line option.
I am trying to limit error messages because oss-fuzz seems to be good
at creating policies that generate a lot of error messages and
subsequently take a lot of time to process.
But I am not going to do that at the expense of people actually using secilc.
I was already thinking about making the amount of error reporting
depending on the verbosity level. What would think of it limiting it
to two by default, but unlimited at any higher verbosity level. I can
even add a message to use "-v" to see all of the errors.
Thanks, something like that would be totally fine for me.
I've also just noticed that typebounds will only print the first 2 violations.
So if you make this depend on the verbosity level you might want to change that too, just to be consistent.
--
bauen1
https://dn42.bauen1.xyz/