Hi all,

A while ago, I set up the FVWM repository to hook into Coverity [0], who
specialise in static analysis and allow open source projects to be run against
their tools for free.

To that end the results are in:

https://scan.coverity.com/projects/fvwm/view_defects

I think it's rather interesting and perhaps alarming since there's quite a few
defects it considers "high".  But hey, FVWM's still working so improving those
is still a good thing.  Note that I haven't really started looking at these to
see how many are false-positives, but a quick scan suggests these are
legitimate.

So if anyone wants to have a stab at looking at these, now's the time to start
submitting pull-requests!  However, I suspect I'll be the one doing most of
the work anyway...

Can't hurt to ask, and to make other contributors (potential or otherwise)
aware.

-- Thomas Adam

[0]  Another good example of why moving to Github was a good idea.

Reply via email to