[openbeos] Re: Letting adding to Scan.Coverity.com

From my understanding, while they do accept requests for new additions and it might get Haiku on their radar/list for the next round, the Coverity folks haven't added any new open source projects since their "second round" from about a year ago. I've made requests on behalf of a couple prominent open source projects and gotten back a response of effectively "thanks, we'll keep your interest in mind and consider you for the next group that we put together."
It's a great developer resource as it will generally identify several outright bugs that may have been long overlooked if you've ever had the chance to run it yourself. There are a couple open source alternatives like flawfinder, rats, splint, and bfbtester, but they can sometimes be downright unproductive (because they can be "too" verbose on the warnings, and too many false positives on the errors). None of them hold a candle to Coverity. Their report usefulness holds true even for "unstable" code and is still more than worth-while, in my humble opinion, though you need someone who has a bit of a passion for bug hunting as many reported issues can be very non-obvious at first. 

Cheers!
Sean



On Mar 30, 2007, at 12:14 AM, Michael S wrote:


I brought this up to Michael Phipps.

To quote him from June of 2006 on the use Coverity, "we could, but I
think that the time is not here yet."

Of course that was then, and this is now. But seeing as the code still
has to be optimized, refactored, tossed out, redone, sliced, diced,
julienned, frenched, stabilized, and finalized; his answer probably
hasn't changed.

Although, it's good to see the opinions of more of the people who do
the actual programming.

Guys ?

Other related posts: