It's nice if testing doesn't produce unnecessary artifacts after running with success but keeps relevant info on fail for further inspection.

Pytest should have a nice way of creating fixtures that can post-process a test based on whether it failed or not https://docs.pytest.org/en/latest/example/simple.html#making-test-result-information-available-in-fixtures

If a test fails, then keep the

I wrote some of the code to do this in a branch https://github.com/python-security/pyt/compare/class_based_views, but since I'm working on other things and this feature seems cool and important I'm making this issue 👍

Let me know if you would like any help in implementing.

We have 3 similar functions:

• strdup() from libc
• rz_str_dup()
• rz_str_new()

Some places use strdup() directly, while some - either rz_str_dup() or rz_str_new(). We should decide which one to choose and stick to the one, I think.

// Returns a new heap-allocated copy of str.
// XXX what's the diff with rz_str_dup ?
RZ_API char *rz_str_new(const char *str) {
    retu

I noticed you have a plugin for Ghidra, but it is not the only one FOSS tool available.
Radare2 is a highly-portable cross-platform reverse engineering framework and a toolkit without dependencies. It has support for analyzing binaries, disassembling code, debugging programs, attaching to remote GDB/LLDB, WinDbg servers, rich plugin system (see r2pm), an

We should probably run go generate and other commands that generate code, such as goa gen, as part of our autobuilder.

Describe the bug
See returntocorp/semgrep#3065

Steps to reproduce
https://semgrep.dev/s/enochii:false-negative-of-sql-injection

The fix seems very easy: the original reporter proposed

To avoid false positives, we might prefer
`- pattern: $OB