>I'd just like to point out on-list that we shouldn't be patching >away stpcpy everywhere, it is easy to introduce a bug in perfectly >correct code by doing this (as happened in some cases with strlcpy >patches in the ports tree), it's just that gettext is *very* commonly >used and the linker warning adds a lot of noise to the build logs, >so removing that noise is helpful here.
Sorry if this is already addressed elsewhere but is there a way to browse ports' various "code orthodoxy" statistics such as strcpy() usage and other OpenBSD no-nos? I understand compiler warnings are a far cry from full-blown static code analysis, and that a strcpy-clean port could still be a Swiss security-cheese, but whatever stats would be a start. F.ex. Debian's comparison between Clang- and gcc-compiled kernels shows interesting patterns (I know their resources are vastly superior). Maybe such name-and-shame stats could help prod upstream maintainers to improve their code. -- p
