On 27/02/15 20:20, Chris Burroughs wrote: > I've gotten a scan running. Contributors can sign up and view the > results at: > > https://scan.coverity.com/projects/640 > > Also if a ganglia comitter would like to be an admin at > scan.coverity.com that would probably work out best in the long run > instead of me. >
Hi all, I did this for reSIProcate some time ago. Originally, we had to download a tool from Coverity and run it and then post a data file back to Coverity for processing. I wrote a script to do that within travis-ci. Then they offered Github/Travis-CI integration and I didn't get around to updating things. It was awkward for a few reasons: - we run two travis-ci builds of every commit, both gcc and clang compilers, but Coverity should only integrate with one of them - the Coverity tool slows down the build and so for a big project like reSIProcate I had some concerns that it would take too long for developers to get positive confirmation that a pull request was valid. This issue is probably not so significant for a smaller project like Ganglia. - if a project has unit tests, it is not desirable for Coverity to scan that code as they frequently give false positives and the time spent scanning that code is wasted. The reports are definitely useful and Coverity finds some interesting issues. However, I found that these tools can also provide a lot of false positives - in other words, there is a low signal-to-noise ratio. If you have time to pick through each issue one by one though then you will usually find something that should be fixed. One thing that is useful is the report that tells you if a new commit added new issues, e.g. if you had 10,000 issues in your code base before and you never had time to go through them but a pull request adds 15 new issues then you might ask for the contributor to rectify the pull request so the net number of issues remains at 10,000. If you need any admin help to take this integration further please feel free to ping me. Regards, Daniel ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Ganglia-developers mailing list Ganglia-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ganglia-developers
