Summary:
Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/websockets/ws/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1451
Reviewed By: skcho
Differential Revision: D28929739
Pulled By: jvillard
fbshipit-source-id: b0bcd031c
Summary:
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="ebdf849da5"><code>ebdf849</code></a> 1.3.4</li>
<li><a href="ac578722f2"><code>ac57872</code></a> move all allocUnsafes to allocs for easier maintenance</li>
<li><a href="c64c9507e5"><code>c64c950</code></a> 1.3.3</li>
<li><a href="0598ba19d1"><code>0598ba1</code></a> fix .. in encodingLength</li>
<li><a href="010aedb33c"><code>010aedb</code></a> 1.3.2</li>
<li><a href="0d0d593f8d"><code>0d0d593</code></a> backport encodingLength fix to v1</li>
<li>See full diff in <a href="https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1449
Reviewed By: ngorogiannis
Differential Revision: D28795053
Pulled By: jvillard
fbshipit-source-id: 5a0f6cf79
Summary:
Freenode.net has changed ownership and many communities are moving to
Libera.chat as a result.
Reviewed By: ngorogiannis
Differential Revision: D28708298
fbshipit-source-id: 4395adc55
Summary:
Update the website to include nil related issues for objective-c
Also fixed a typo + syntax highlighting
Reviewed By: jvillard
Differential Revision: D28638621
fbshipit-source-id: 148f2dd3f
Summary:
The internal links for the "old latest" 1.0.0 version were wrong. The
fix to `make new-website-version` is in the next diff.
Reviewed By: martintrojer
Differential Revision: D27360089
fbshipit-source-id: 8abefbd8f
Summary:
Copied the documentation from a document created by rgrig
(thanks!!).
Reviewed By: rgrig
Differential Revision: D27325829
fbshipit-source-id: 118e1a2be
Summary:
Almost all of the information on this page is wrong :)
I moved some documentation on debug mode to the previous commit.
Debug information is present in CONTRIBUTING.md which is a better source
of truth. Anecdotally it's been kept more up to date than this web page
so far!
Reviewed By: skcho
Differential Revision: D27268171
fbshipit-source-id: 25314a823
Summary:
- some editing of the text
- the documentation of NULLPTR_DEREFERENCE was duplicated in
NULL_DEREFERENCE. Make the latter point to the former instead.
Reviewed By: skcho
Differential Revision: D27162785
fbshipit-source-id: 442d6efb9
Summary:
These links have changed it seems. Also delete the mini-table of
contents at the top of the Hello, World! page as docusaurus now produces
a nice (and up to date!) one automatically.
Reviewed By: skcho
Differential Revision: D26544300
fbshipit-source-id: 664a0eea1
Summary:
These pages are not referenced from anywhere and are stale, oops! We
even linked to checker-bug-types from our footer on all pages... These
pages are stale and replaced with auto-generated ones now.
Reviewed By: skcho
Differential Revision: D26544298
fbshipit-source-id: c3b7742b8
Summary: No need to keep more than one version + next version around.
Reviewed By: skcho
Differential Revision: D26544299
fbshipit-source-id: 1aff562cf
Summary:
Links to pages in static resources have been broken for a while it
seems: Docusaurus generates a Page not Found error for them, then
refreshing the URL loads the page properly... This is because of wrong
routing from the Docusaurus Single-Page App.
See https://github.com/facebook/docusaurus/issues/3309
A suggested workaround is to prepend `pathname://` in front of each link
not managed by docusaurus. This makes the page open in a new tab, which
is actually quite ok for our use cases: OCaml API docs and man pages.
Reviewed By: skcho
Differential Revision: D26544273
fbshipit-source-id: 2ed86ca4f
Summary:
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
<details>
<summary>Commits</summary>
<ul>
<li><a href="a2c5da8660"><code>a2c5da8</code></a> 1.3.8</li>
<li><a href="af5c6bb5dc"><code>af5c6bb</code></a> Do not use Object.create(null)</li>
<li><a href="8b648a1ac4"><code>8b648a1</code></a> don't test where our devdeps don't even work</li>
<li><a href="c74c8af35f"><code>c74c8af</code></a> 1.3.7</li>
<li><a href="024b8b55ac"><code>024b8b5</code></a> update deps, add linting</li>
<li><a href="032fbaf5f0"><code>032fbaf</code></a> Use Object.create(null) to avoid default object property hazards</li>
<li><a href="2da90391ef"><code>2da9039</code></a> 1.3.6</li>
<li><a href="cfea636f53"><code>cfea636</code></a> better git push script, before publish instead of after</li>
<li><a href="56d2805e07"><code>56d2805</code></a> do not allow invalid hazardous string as section name</li>
<li>See full diff in <a href="https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~isaacs">isaacs</a>, a new releaser for ini since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1359
Reviewed By: da319
Differential Revision: D25638014
Pulled By: jvillard
fbshipit-source-id: bcae03523
Summary:
Similar to the `tar` command, append `sudo` to the `ln` command since it fails due to 'Permission Denied' errors on Linux
Pull Request resolved: https://github.com/facebook/infer/pull/1344
Reviewed By: skcho
Differential Revision: D24917642
Pulled By: jvillard
fbshipit-source-id: d593d12b8
Summary: Includes all changes made from the last time of `make doc-publish`
Reviewed By: jvillard
Differential Revision: D24728644
fbshipit-source-id: c0006a8dd
Summary:
- rename the checker "Uninitialized Variable" to "Uninitialized Value"
as this is the name of the issue type
- delete timestamp XML comment from the man pages to avoid future git
churn when updating the website
- counting is hard
Reviewed By: martintrojer
Differential Revision: D24219165
fbshipit-source-id: cf3057373
Summary:
This is required for versioning to work correctly when creating a new
version of the website.
Reviewed By: martintrojer
Differential Revision: D24217125
fbshipit-source-id: 8f7a4bc44
Summary:
We forgot to add this when adding the new subcommand. These should
really be auto-generated but let's save that for another diff.
Reviewed By: martintrojer
Differential Revision: D24217111
fbshipit-source-id: 860860533
Summary:
- freshen up /docs/next/absint-framework to give sensible advice, and
delete outdated bits that are now in the API docs so they remain fresh
- delete SimpleChecker.ml as it's just a source of bitrot
- delete the "adding checkers" page as it's completely outdated and
subsumed by the "AI framework" page + the labs.
Reviewed By: jberdine
Differential Revision: D23597271
fbshipit-source-id: 78b541746
Summary:
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p>
<blockquote>
<h2>4.17.16</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d7fbc52ee0"><code>d7fbc52</code></a> Bump to v4.17.19</li>
<li><a href="2e1c0f22f4"><code>2e1c0f2</code></a> Add npm-package</li>
<li><a href="1b6c282299"><code>1b6c282</code></a> Bump to v4.17.18</li>
<li><a href="a370ac8140"><code>a370ac8</code></a> Bump to v4.17.17</li>
<li><a href="1144918f35"><code>1144918</code></a> Rebuild lodash and docs</li>
<li><a href="3a3b0fd339"><code>3a3b0fd</code></a> Bump to v4.17.16</li>
<li><a href="c84fe82760"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li>
<li><a href="e7b28ea6cb"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li>
<li><a href="0cec225778"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li>
<li><a href="94c3a8133c"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p>
</details>
<br />
[](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1291
Reviewed By: dulmarod
Differential Revision: D22665400
Pulled By: jvillard
fbshipit-source-id: f40ff0590
Summary:
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p>
<blockquote>
<h3>0.1.4 / 2020-06-02</h3>
<ul>
<li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by
Robert McLaughlin)</li>
<li>Change license from MIT to Apache 2.0</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8efd0cd6e3"><code>8efd0cd</code></a> Bump version to 0.1.4</li>
<li><a href="3dad4ad44a"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li>
<li><a href="4a76c75efb"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li>
<li><a href="44a677a9c0"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li>
<li><a href="f6c50aba0c"><code>f6c50ab</code></a> Let npm reformat package.json</li>
<li><a href="2d211f3705"><code>2d211f3</code></a> Change markdown formatting of docs.</li>
<li><a href="0b620834cc"><code>0b62083</code></a> Update Travis target versions.</li>
<li><a href="729a465307"><code>729a465</code></a> Switch license to Apache 2.0.</li>
<li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li>
</ul>
</details>
<br />
[](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1279
Reviewed By: ezgicicek
Differential Revision: D22334261
Pulled By: jvillard
fbshipit-source-id: 0f08d6873
Summary:
Better API for creating issue types:
- distinguish hidden/normal/dynamic issue types
- normal issue types should always be documented
- add "TODO" to missing documentation
- dynamic issue types are the only ones that can be created outside of
IssueType.ml
I had to document the new CCBM and the resource leak lab exercise to
keep Help.ml happy, did `make doc-publish`.
Reviewed By: ngorogiannis
Differential Revision: D22118766
fbshipit-source-id: 3d0194518
Summary:
A bug in docusaurus makes relative URLs fail depending on how the page
was accessed, because the URL of a page in docs/ will end in / if
accessed directly or via hyperlink, but that / will be omitted when
clicking on the sidebar. The final / makes all the difference when
interpreting relative URLs so relative URLs are essentially broken.
See https://github.com/facebook/docusaurus/issues/2832 for more details.
This changes URL generation to generate URLs /docs/next/..., and
manually substitute relative URLs that had been written by hand.
Also fix a few other things about outdated links/comments.
Finally, `make doc-publish`.
Reviewed By: dulmarod
Differential Revision: D22117187
fbshipit-source-id: 32e2ba7e1
Summary:
Needed to remove user_documentation for the new
CONFIG_CHECK_BETWEEN_MARKERS issue type otherwise it violated the
invariant that the corresponding checker should be documented too but
its development has just started.
Reviewed By: skcho
Differential Revision: D22065820
fbshipit-source-id: 4b3a58850
Summary:
alicelieutier graciously contributed this React component to savagely
include the HTML from the man pages into docusaurus. Now they render
like the rest of the documentation!
Reviewed By: cristianoc
Differential Revision: D22050580
fbshipit-source-id: e8e314109
Summary:
Hi,
I have found a couple of small issues while reading the docs. The pull request contains the fixes.
BTW, the link to PLDI slices is also broken here: https://fbinfer.com/docs/absint-framework. I haven't found the slides anywhere, so not sure how to fix it.
Pull Request resolved: https://github.com/facebook/infer/pull/1278
Reviewed By: dulmarod
Differential Revision: D22018947
Pulled By: jvillard
fbshipit-source-id: 13f6d27b1
Summary:
The page itself was already there but not linked from the rest of the
website.
Reviewed By: ezgicicek
Differential Revision: D21997950
fbshipit-source-id: 30380da65
Summary:
Delete the following outdated pages. Some of them have better
replacements now but some of them are just too out of date to easily
salvage.
- 01-adding-models.md: this is biabduction-specific and hard to make
that distinction. Most checkers have no way to add models. Even
suggesting that people add their own biabduction models was a bit
awkward as it requires recompiling infer to use.
- 01-checkers.md: outdated document that describes "new" checkers like
Quandary :)
- 01-experimental-checkers.md: very outdated!
- 02-limitations.md: also outdated: it roughly says "we don't do concurrency or
arithmetic, the former is basically impossible but the latter should
be easy"... well, 5 years later this hasn't aged too well ;)
- 01-eradicate.md: content has moved to auto-generated documentation
- 01-linters.md: content has moved to auto-generated documentation
- 01-racerd.md: content has moved to auto-generated documentation
Reviewed By: mityal
Differential Revision: D21934748
fbshipit-source-id: a933e5022
Summary:
New website! Now with one page per checker, and only one page containing
all issue types for easy tooling. Each checker page also lists the
issue types it can report.
For now only issue types with documentation appear in either page,
filling these up is still TODO.
Reviewed By: mityal
Differential Revision: D21934465
fbshipit-source-id: 82ae1e417
Daiva Naudziuniene
dependabot[bot]
Jules Villard
Nikos Gorogiannis
Matthew Jin
Gabriela Cunha Sampaio
Sungkeun Cho
Adam Ernst
Sora Morimoto
Petr Plavjanik
Edwin Kofler
Sora Morimoto
Dulma Churchill
Artem Pianykh
Marat Khabibullin