From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 15893 invoked by alias); 25 Apr 2014 05:33:33 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 15878 invoked by uid 89); 25 Apr 2014 05:33:32 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.5 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_COUK,SPF_PASS autolearn=no version=3.3.2 X-HELO: out.ipsmtp1nec.opaltelecom.net Received: from out.ipsmtp1nec.opaltelecom.net (HELO out.ipsmtp1nec.opaltelecom.net) (62.24.202.73) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (CAMELLIA256-SHA encrypted) ESMTPS; Fri, 25 Apr 2014 05:33:30 +0000 X-SMTPAUTH: drstacey@tiscali.co.uk X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApMBAGjyWVNV0kdf/2dsb2JhbAANTINVxiaDWDoGPRYYAwIBAgFYCAEBiEqmOqRSBI52hCMErwQ X-IPAS-Result: ApMBAGjyWVNV0kdf/2dsb2JhbAANTINVxiaDWDoGPRYYAwIBAgFYCAEBiEqmOqRSBI52hCMErwQ Received: from 85-210-71-95.dynamic.dsl.as9105.com (HELO [192.168.1.67]) ([85.210.71.95]) by out.ipsmtp1nec.opaltelecom.net with ESMTP; 25 Apr 2014 06:33:18 +0100 Message-ID: <5359F391.8060309@tiscali.co.uk> Date: Fri, 25 Apr 2014 05:33:00 -0000 From: David Stacey User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Coverity Scan Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2014-04/txt/msg00558.txt.bz2 Coverity Scan [1] is a commercial (paid for) static analysis tool, but they offer it to Open Source programmes for free. I was having a browse through the list of Open Source programmes using Coverity Scan, and noticed that Cygwin wasn't listed. Would there be any interest in analysing the cygwin1.dll source code on a fairly regular basis? If so, I would be happy to have a go at setting up an analysis job for Cygwin. I would imagine this would be of interest to CGF, Corinna and anyone else who regularly updates the Cygwin source code. Obviously, this is only worth doing if the analysis results are looked at and acted upon. There are some conditions associated with using Coverity Scan [2]. The one thing that jumps out is that our relationship with RedHat might be a stumbling block. We can but ask - the worst that can happen is that they politely decline. There have been a few hints on this list about a possible move from CVS to git. If such a move were on the cards then that should probably happen first - I wouldn't want the nugatory effort of getting this working from CVS only to have to change it almost immediately. Any thoughts? Dave. [1] - https://scan.coverity.com/ [2] - https://scan.coverity.com/faq#how-get-project-included-in-scan -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple