Track anonymous functions #127
Labels
discussion
Maintainers are inviting discussion.
enhancement
New feature or request
false-positive
the issue can create a false-positive
vet-bot
the issue is part of VetBot's responsibility
Comments
kalexmills
added
enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are a few cases where anonymous functions are used in reported findings. The current tool misreports them either as third-party, or, if their signature matches a declared function, yields a false-positive.
In theory, these could be tracked, if the anonymous function being used appears as an argument in a function declaration. That would allow us to match up the function signatures and consider each anonymous function declared in the codebase with a matching signature as a candidate "declaration". We could then trace any calls found whose signature matches the argument with the candidate declarations.
This probably won't be implemented as it's a substantial change, but it's a possibility in case we find a lot of reports that could use it.
The text was updated successfully, but these errors were encountered: