From 113a7a363faf1ace6b08a28cf4075dbce05f8f04 Mon Sep 17 00:00:00 2001
From: fanquake <fanquake@gmail.com>
Date: Mon, 17 Feb 2025 16:19:09 +0000
Subject: [PATCH] build: remove ENABLE_HARDENING cond from check-security

This check is only used in release builds, where hardening should always
be enabled. I can't think of a reason we'd want to silently skip these
checks if hardening was inadvertently disabled.
---
 cmake/module/Maintenance.cmake | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/cmake/module/Maintenance.cmake b/cmake/module/Maintenance.cmake
index d337625abc8..a1ae7c9e8f6 100644
--- a/cmake/module/Maintenance.cmake
+++ b/cmake/module/Maintenance.cmake
@@ -35,15 +35,11 @@ function(add_maintenance_targets)
     VERBATIM
   )
 
-  if(ENABLE_HARDENING)
-    add_custom_target(check-security
-      COMMAND ${CMAKE_COMMAND} -E echo "Checking binary security..."
-      COMMAND ${PYTHON_COMMAND} ${PROJECT_SOURCE_DIR}/contrib/devtools/security-check.py ${executables}
-      VERBATIM
-    )
-  else()
-    add_custom_target(check-security)
-  endif()
+  add_custom_target(check-security
+    COMMAND ${CMAKE_COMMAND} -E echo "Checking binary security..."
+    COMMAND ${PYTHON_COMMAND} ${PROJECT_SOURCE_DIR}/contrib/devtools/security-check.py ${executables}
+    VERBATIM
+  )
 endfunction()
 
 function(add_windows_deploy_target)