Re: "Trojan Source" (CVE-2021-42574 and CVE-2021-42694): can 'guix lint' help someway?

Hi, On +2021-11-01 09:38:28 -0400, Leo Famulari wrote: > On Mon, Nov 01, 2021 at 12:30:38PM +0100, Giovanni Biscuolo wrote: > > as probably many of you have discovered, today was announced two new > > vulnerabilities that exploits the "bidirectional override" Unicode > > codepoints feature, making

Re: "Trojan Source" (CVE-2021-42574 and CVE-2021-42694): can 'guix lint' help someway?

On Mon, Nov 01, 2021 at 12:30:38PM +0100, Giovanni Biscuolo wrote: > as probably many of you have discovered, today was announced two new > vulnerabilities that exploits the "bidirectional override" Unicode > codepoints feature, making it possible to hide malicious source code in > comments and lit

"Trojan Source" (CVE-2021-42574 and CVE-2021-42694): can 'guix lint' help someway?

Hello, as probably many of you have discovered, today was announced two new vulnerabilities that exploits the "bidirectional override" Unicode codepoints feature, making it possible to hide malicious source code in comments and literal strings /if/ the code review tool (e.g. editor) does not show