defensive-coding-guide

Created 8 years ago
Maintained by huzaifas
A guide about coding securely.  |  https://docs.fedoraproject.org/en-US/defensive-coding/
Members 6
Huzaifa Sidhpurwala committed 2 years ago

Security coding guide

This is Fedora secure coding guide.

The guide is present in HTML form (auto-generated from this repository) at:

Building HTML documentation

  1. Type "make".

When you type "make", the code examples in src/ are compiled (mainly to check for obvious syntax errors, but also for manual testing). If you lack the necessary libraries, the code examples are still included in the manual.

Local preview

This repo includes scripts to build and preview the contents of this repository.

NOTE: Please note that if you reference pages from other repositoreis, such links will be broken in this local preview as it only builds this repository. If you want to rebuild the whole Fedora Docs site, please see the Fedora Docs build repository for instructions.

Both scripts use docker, so please make sure you have it installed on your system. Please see below for instructions.

To build and preview the site, run:

$ ./build.sh && ./preview.sh

The result will be available at http://localhost:8080

Installing docker on Fedora

$ sudo dnf install docker
$ sudo systemctl start docker && sudo systemctl enable docker

Preview as a part of the whole Fedora Docs site

You can also build the whole Fedora Docs site locally to see your changes in the whole context. This is especially useful for checking if your xref links work properly.

To do this, you need to clone the main Fedora Docs build repository, modify the site.yml file to reference a repo with your changes, and build it. Steps:

Clone the main repository and cd into it:

$ git clone https://pagure.io/fedora-docs/docs-fp-o.git
$ cd docs-fp-o

Find a reference to the repository you're changing in the site.yml file, and change it so it points to your change. So for example, if I made a modification to the Modularity docs, I would find:

...
   - url: https://pagure.io/fedora-docs/modularity.git
     branches:
       - master
...

And replaced it with a pointer to my fork:

...
   - url: https://pagure.io/forks/asamalik/fedora-docs/modularity.git
     branches:
       - master
...

I could also point to a local repository, using HEAD as a branch to preview the what's changed without the need of making a commit.

Note: I would need to move the repository under the docs-fp-o directory, because the builder won't see anything above. So I would need to create a repositories directory in docs-fp-o and copy my repository into it.

...
   - url: ./repositories/modularity
     branches:
       - HEAD
...

To build the whole site, I would run the following in the docs-fp-o directory.

$ ./build.sh && ./preview.sh