From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 14283 invoked by alias); 25 Apr 2014 08:35:05 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 14267 invoked by uid 89); 25 Apr 2014 08:35:04 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 25 Apr 2014 08:35:03 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id C4DD48E08FA; Fri, 25 Apr 2014 10:35:00 +0200 (CEST) Date: Fri, 25 Apr 2014 08:35:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: Coverity Scan Message-ID: <20140425083500.GA5666@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <5359F391.8060309@tiscali.co.uk> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="M9NhX3UHpAaciwkO" Content-Disposition: inline In-Reply-To: <5359F391.8060309@tiscali.co.uk> User-Agent: Mutt/1.5.21 (2010-09-15) X-SW-Source: 2014-04/txt/msg00560.txt.bz2 --M9NhX3UHpAaciwkO Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 1752 On Apr 25 06:33, David Stacey wrote: > Coverity Scan [1] is a commercial (paid for) static analysis tool, but > they offer it to Open Source programmes for free. I was having a browse > through the list of Open Source programmes using Coverity Scan, and > noticed that Cygwin wasn't listed. Would there be any interest in > analysing the cygwin1.dll source code on a fairly regular basis? If so, > I would be happy to have a go at setting up an analysis job for Cygwin. >=20 > I would imagine this would be of interest to CGF, Corinna and anyone > else who regularly updates the Cygwin source code. Obviously, this is > only worth doing if the analysis results are looked at and acted upon. Depends. If the report contains lots of false positives, it's getting annoying pretty quickly. > There are some conditions associated with using Coverity Scan [2]. The > one thing that jumps out is that our relationship with RedHat might be > a stumbling block. We can but ask - the worst that can happen is that > they politely decline. They will. #7 won't fly due to the buyout license clause. > There have been a few hints on this list about a possible move from CVS > to git. If such a move were on the cards then that should probably > happen first - I wouldn't want the nugatory effort of getting this > working from CVS only to have to change it almost immediately. Yeah, I'm n ot exactly looking forward to it since I'm very familiar with CVS or SVN, but have nothing but trouble with git. But since everybody else is so very happy with git, I guess I'll have to adapt. Teeth-gnashingly. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --M9NhX3UHpAaciwkO Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTWh40AAoJEPU2Bp2uRE+g+Z8P/0jkurvbFvBRUKRu7eNzX8kM chtnXrqnIrApS5gGa5PGtjtAxnNqDvdvAeWYrHOX1AxDRu6hwFrSaeSSii/O9sqF TvUej6lpmHAtaq4je77XwowoAWcmNUrUtled0YWMUkF1N0+POqY+7k13q3geR07e 72RHouDVO4JTw35xe5HWyISyifnc2nAljxrJKJgSZvGhiPPUhWfVYQSZl4vtYHSP aXzVwD2fW3SGx1kdx5usSkHT0XZSU8mlO+kyRQXyFvxwRhO71jXKcFMoKrJSLYxh 3+OwySiDEF+2gaK9CPlEoyjwK/EsZ+JRmCz4F6TznmSXDzsh6gXo91pfAzs+LJqd 4NvrwvDjBfFRKCzJyAkx2gxzbIkEo05Gqmi/ipqUR6b8BQIhsKxEmDJRnM9pCtiY op4s52crzCNaux+kGijGD1GuPfWoI+smfll7PCPv5RM41vuqYtYXTdZiZTlce9zt 3hhBdNRDsjknERkCb7RR2lGXtVmjDbUebveBwH5e2kgBe1OXQ44K9BZJ3LVs3/uI 1z4c27ztd+ZaxJq7CAYJT68RVXJKnGoOksz4esRcupNYzzXBMSYQBEq5dSgENAZc Z325bPZV/ODEcUd3QQQLG6GNRI9KjEitaXJSe6/ROv0b1O6gpRnzZuaLPR2cNi2C rNkHcgKQkXO3drCRPhau =16iX -----END PGP SIGNATURE----- --M9NhX3UHpAaciwkO--