Mercurial > hgrepos > Python2 > PyMuPDF

diff Makefile.freebsd @ 31:baeb8bdeff3a
Fortify sources using _FORTIFY_SOURCE=3 and also apply -fno-delete-null-pointer-checks. See: https://github.com/ossf/wg-best-practices-os-developers/issues/659.
author: Franz Glasner <fzglas.hg@dom66.de>
date: Sun, 21 Sep 2025 13:11:30 +0200
parents: 2f43e400f144
children: 72c1b70d4f5c
--- a/Makefile.freebsd	Fri Sep 19 19:59:44 2025 +0200
+++ b/Makefile.freebsd	Sun Sep 21 13:11:30 2025 +0200
@@ -51,6 +51,17 @@
 #CC=	$(CLANG_DIR)/bin/clang
 #CXX=	$(CLANG_DIR)/bin/clang++
 
+# Define _FORTIFY_SOURCE=$(FORTIFY) (if != 0, default 0)
+FORTIFY?=	3
+#
+# If != 0 (default 1):
+#    -fno-delete-null-pointer-checks
+#
+#       Should always be done when fortifying:
+#       https://github.com/ossf/wg-best-practices-os-developers/issues/659
+#
+EXTRA_CHECKS?=	1
+
 
 all: sdist wheel
 
@@ -61,7 +72,7 @@
 	$(TEST) -e $(firstword $(PYTHON_PREFIXES))/bin/cc || $(SYMLINK) $(CLANG_DIR)/bin/clang $(firstword $(PYTHON_PREFIXES))/bin/cc
 	$(TEST) -e $(firstword $(PYTHON_PREFIXES))/bin/c++ || $(SYMLINK) $(CLANG_DIR)/bin/clang++ $(firstword $(PYTHON_PREFIXES))/bin/c++
 	$(TEST) -e $(firstword $(PYTHON_PREFIXES))/bin/ld || $(SYMLINK) $(CLANG_DIR)/bin/ld.lld $(firstword $(PYTHON_PREFIXES))/bin/ld
-	PIPCL_VERBOSE=2 LIBCLANG_LIBRARY_PATH=$(LIBCLANG_LIBRARY_PATH) PYMUPDF_SETUP_MUPDF_BUILD=$(PYMUPDF_SETUP_MUPDF_BUILD) PYMUPDF_SETUP_MUPDF_TESSERACT=$(PYMUPDF_SETUP_MUPDF_TESSERACT) $(PYTHON) -m build --wheel --verbose --no-isolation
+	FORTIFY=$(FORTIFY) EXTRA_CHECKS=$(EXTRA_CHECKS) PIPCL_VERBOSE=2 LIBCLANG_LIBRARY_PATH=$(LIBCLANG_LIBRARY_PATH) PYMUPDF_SETUP_MUPDF_BUILD=$(PYMUPDF_SETUP_MUPDF_BUILD) PYMUPDF_SETUP_MUPDF_TESSERACT=$(PYMUPDF_SETUP_MUPDF_TESSERACT) $(PYTHON) -m build --wheel --verbose --no-isolation
 
 
 sdist: check
author	Franz Glasner <fzglas.hg@dom66.de>
date	Sun, 21 Sep 2025 13:11:30 +0200
parents	2f43e400f144
children	72c1b70d4f5c