# SELint Changelog

## [1.2.0] 2021-01-18
### Added (general features)
- New ./configure option --enable-werror to compile treating errors as
  warnings.
- Parse errors now display info about exactly where in the line the failure occurred
- spec file for building on rpm based distros

### Added (checks)
- C-006 for unordered declarations in require blocks
- C-007 for missing use of the self keyword
- E-009 for empty optional and require blocks
- E-010 for stray bare words

### Changed
- New C-001 ordering option refpolicy-light (see sample selint.conf for details)
- Extend S-009 to support multi-class av rules
- Improved error messages for various error cases
- selint-disable now allows a space before check ids
- You can now use multiple --context arguments

### Fixed
- Support object class specifications in role transitions
- Lots of cleanup and fixes for C-001 ordering checks
- Support extended permission class av rules (allowxperm etc)
- Internal cleanup and improvements
- Allow multiple roles in role allow statements

## [1.1.0] 2020-05-19
### Added (general features)
- -S flag to print a summary of issue found following an analysis
- --context flag to specify additional files to parse but not scan.
  This is primarily helpful if you want to only scan your modified files
  in a full source repository.  (If you are planning on loading your local
  modules into your already installed policy and have local development
  headers in a standard location, selint should find them by default and you
  don't need to use this option)
- -F flag to return an error code on issues found
- --summary-only flag to output a summary of issues found without displaying
  the actual issues
- ./configure flag to disable unit testing.  This can be used on systems with
  older versions of libcheck.
- Colored output

### Added (checks)
- C-005 for permission ordering
- S-003 for unneeded semicolons
- S-004 for template calls from interfaces
- S-005 for declarations in an interface
- S-006 for the use of a bare module statement instead of policy_module() macro
- S-007 for the use of a gen_context() macro with no mls component specified
- S-008 for gen_require() macro calls with unquoted arguments
- S-009 for permission macros that don't match object class
- S-010 suggestiong usage of permission macros
- W-006 for interface call with empty arguments
- W-007 for unexpected spaces in interface arguments
- W-008 for permission lists with * or ~
- W-009 for module name not matching file name
- E-006 for declaration/interface name clash
- E-007 for usage of unknown permission macros

### Changed
- Turn C-001 off by default.
- Assume the presence of system_u user and object_r role if no config is loaded.
- SELint will no longer scan file_contexts file that are probably generated by the build system.
  This behavior can be turned off by setting skip_checking_generated_fcs=false in the config
- W-001 and W-002 check additional types of rules

### Fixed
- Man page generation in distribution tarballs now works after make clean
- documentation cleanup
- Various parser fixes
- Clean up of check C-001

## [1.0.2] - 2020-01-30
### Fixed
- (Issue #11) Include CHANGELOG, LICENSE and testing input files in release tarballs

## [1.0.1] - 2020-01-28
### Added
- Warning for invalid check ids in config or on command line
- CI for github pushes
- Enabled many warnings in build system
- Changelog

### Fixed
- Check W-002 now handles multiple requires in the same interface correctly
- (Issue #2) Handle types prefixed with "-" correctly in checks
- Handle type aliases correctly in checks W-002 and W-003
- Fix double free in certain parse error corner cases
- Look at role transitions in relevant checks (C-001, W-002, W-003)
- Fix false positives on W-004 when a regex character is in square brackets
- General Code Cleanup

## [1.0.0] - 2020-01-15
Initial Release
