Skip to content

chore: Update security compilation flags in tests.pro#87

Merged
deepin-bot[bot] merged 1 commit intolinuxdeepin:masterfrom
dengzhongyuan365-dev:master
Jun 19, 2025
Merged

chore: Update security compilation flags in tests.pro#87
deepin-bot[bot] merged 1 commit intolinuxdeepin:masterfrom
dengzhongyuan365-dev:master

Conversation

@dengzhongyuan365-dev
Copy link
Contributor

@dengzhongyuan365-dev dengzhongyuan365-dev commented Jun 19, 2025
edited by sourcery-ai bot
Loading

  • Added -fPIC to QMAKE_CFLAGS for position-independent code.
  • Ensured consistent security flags across QMAKE_CFLAGS and QMAKE_CXXFLAGS.

Log: Enhance security compilation settings for better protection.

Please do not send pull requests to the linuxdeepin/*

see https://github.com/linuxdeepin/developer-center/wiki/Contribution-Guidelines-for-Developers

Thanks!

Summary by Sourcery

Enhance security flags in tests.pro by ensuring position-independent code is compiled by adding -fPIC to C and C++ compiler flags and removing it from the linker flags for consistency.

Enhancements:

  • Move -fPIC from QMAKE_LFLAGS to QMAKE_CFLAGS and QMAKE_CXXFLAGS to enforce position-independent code in tests
  • Align security compilation flags between QMAKE_CFLAGS and QMAKE_CXXFLAGS

@dengzhongyuan365-dev
chore: Update security compilation flags in tests.pro
f3489ef 
- Added -fPIC to QMAKE_CFLAGS for position-independent code.
- Ensured consistent security flags across QMAKE_CFLAGS and QMAKE_CXXFLAGS.

Log: Enhance security compilation settings for better protection.
@sourcery-ai
Copy link

sourcery-ai bot commented Jun 19, 2025

Reviewer's Guide

This PR refines the security compilation settings in tests.pro by removing the -fPIC flag from linker flags and consistently applying it to both C and C++ compiler flags alongside existing stack-protection parameters.

File-Level Changes

Change Details Files
Standardize PIC flag placement
  • Removed -fPIC from QMAKE_LFLAGS
  • Appended -fPIC to QMAKE_CFLAGS
  • Appended -fPIC to QMAKE_CXXFLAGS
 src/tests/tests.pro
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Jun 19, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @dengzhongyuan365-dev - I've reviewed your changes and they look great!

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@deepin-ci-robot
Copy link

deepin-ci-robot commented Jun 19, 2025

deepin pr auto review

关键摘要:

  • 移除了 -fPIC 标志从 QMAKE_CFLAGSQMAKE_CXXFLAGS,这可能会影响代码的可重定位性,需要确认是否有其他地方需要这个标志。
  • 移除了 -fno-access-control 标志,这可能会影响代码的安全性,需要确认是否有其他安全措施来替代。

是否建议立即修改:

  • 是,需要确保移除 -fPIC-fno-access-control 标志不会对代码的可重定位性和安全性产生负面影响。如果这些标志是必要的,应该恢复它们。

@deepin-ci-robot
Copy link

deepin-ci-robot commented Jun 19, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dengzhongyuan365-dev, lzwind

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@dengzhongyuan365-dev
Copy link
Contributor Author

dengzhongyuan365-dev commented Jun 19, 2025

/forcemerge

@deepin-bot
Copy link
Contributor

deepin-bot bot commented Jun 19, 2025

This pr force merged! (status: unstable)

@deepin-bot deepin-bot bot merged commit 409bbd9 into linuxdeepin:master Jun 19, 2025
14 of 17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@lzwind lzwind lzwind approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dengzhongyuan365-dev @deepin-ci-robot @lzwind