slamhound doesn't consider metadata/annotations

Question

slamhound doesn't consider metadata/annotations

Opened this issue 8 years ago · 0 comments

After running slamhound on lvh/caesium, it came up with the following suggestion:

   [[caesium.crypto.generichash]], [[caesium.crypto.sign]]  et cetera,
   namespaces."
   (:require [clojure.string :as s])
-  (:import [jnr.ffi LibraryLoader]
-           [jnr.ffi.annotations In Out Pinned LongLong]
-           [jnr.ffi.types size_t]))
+  (:import (jnr.ffi LibraryLoader)))

 (def ^:private bound-fns

The removed types are in fact used, e.g.:

    ^void randombytes
    [^bytes ^{Pinned {}} buf
     ^long ^{LongLong {}} buflen]

    ^long ^{size_t {}} crypto_secretbox_keybytes []
    ^long ^{size_t {}} crypto_secretbox_noncebytes []
    ^long ^{size_t {}} crypto_secretbox_macbytes []
    ^String ^{size_t {}} crypto_secretbox_primitive[]

Unfortunately in this case they are even quite significant and change the behavior of the program in an important way.