The post's core message seems to be lost on HN. It's about screening sources for... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tannhaeuser on Aug 7, 2019 | parent | context | favorite | on: Don’t underestimate grep-based code scanning

The post's core message seems to be lost on HN. It's about screening sources for supposedly insecure and/or injection-prone funcs using simple text scanning (such as strcat, which however is considered in iOS apps when it is a C std API func); supposedly grepability is also about quickly finding code locations of messages and variables. But comments are all about Rust or Go superiority, irrelevant grep implementation details, and AST-based code analysis tools when these are specifically dismissed in TFA as producing too many false positives. Talk about bubbles and echo chambers.

secure on Aug 7, 2019 | [–]

Or maybe the core message just resonates and people have additional discussion in the comments?

fastbeef on Aug 7, 2019 | [–]

Man, n-gate.com is going to have a field day.

Consider applying for YC's Summer 2025 batch! Applications are open till May 13
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact