Thanks for the interest. I'm in the process of building the 2.1.0 beta as suggested by Roman.
Jon (214) 531-3496 > -----Original Message----- > From: Ottenheimer, Davi [mailto:davi.ottenhei...@emc.com] > Sent: Monday, August 26, 2013 1:11 PM > To: common-dev@hadoop.apache.org > Subject: RE: Coverity Scan (MAPREDUCE-5032) > > Perhaps open the JIRA with only a reference/link to the Coverity report, and > limit access to only those working on the issues. > > Full disclosure, update the JIRA, after fix. > > -- > Davi Ottenheimer > Senior Director of Trust > EMC Corporation > davi.ottenhei...@emc.com | @daviottenheimer | +1-415-271-6259 > blog: http://www.flyingpenguin.com/ > > > > -----Original Message----- > > From: shaposh...@gmail.com [mailto:shaposh...@gmail.com] On Behalf > Of > > Roman Shaposhnik > > Sent: Monday, August 26, 2013 10:50 AM > > To: common-dev@hadoop.apache.org > > Subject: Re: Coverity Scan (MAPREDUCE-5032) > > > > On Mon, Aug 26, 2013 at 10:43 AM, Vinod Kumar Vavilapalli > > <vino...@apache.org> wrote: > > > > > > Can you file a JIRA and attach the report there? That is the best > > > way to > > move this forward. > > > > Last time I was involved in a Coverity scan was when they scanned > > another project I'm committer on (FFmpeg). The lesson there was that > > the value you get out of browsing on their site > > https://scan.coverity.com is immeasurably higher than from any static > report that can be attached to a JIRA. > > > > Also, at least in FFmpeg's case, Coverity identified a few things that > > could've been used as potential exploits so it made perfect sense to > > have a white-list of project members who could get access to the > > initial report instead of going all public with it to begin with > > (which would happen if it just gets attached to a JIRA in its entirety). > > > > Just my 2c worth of working with them in the past. > > > > Thanks, > > Roman. >
