Yes, this appears to be good news (that it's back, at least). I was waiting for scan.coverity.com to be back up again before mailing the list -- as of right now (~6:30pm US Eastern), I still get a proxy timeout when attempting to access scan.coverity.com.
> On Mar 16, 2018, at 6:23 PM, Jeff Hammond <[email protected]> wrote: > > To be more explicit, the message is below. > > ---------- Forwarded message ---------- > From: Coverity SCAN <[email protected]> > Date: Fri, Mar 16, 2018 at 2:18 PM > Subject: Coverity SCAN is Again Available > Coverity SCAN Service Community: > > As you may be aware, there recently was an interruption in the availability > of the Coverity Scan service. In February 2018, we discovered that servers > used for the Coverity Scan service were accessed by an unauthorized > third-party. The access appears to have started earlier in the month. We > suspect that the access was to utilize our computing power for cryptocurrency > mining. We have not found evidence that database files or artifacts uploaded > by the open source community users of the Coverity Scan service were > accessed. We retained a well-known computer forensics company to assist us in > our investigation. > > We have closed the method of access, and the Coverity Scan service is again > available as a free service to the open source community. The Coverity Scan > service data is backed up frequently, and Coverity Scan service data will be > restored. We regret any inconvenience caused by the downtime of the Coverity > Scan service. > > We take our commitment to the Open Source community seriously. To that end, > we are asking that all Coverity Scan users reset their passwords to regain > access to the service. We are continually assessing and improving our systems > and practices in this environment, and will work with the Coverity Scan > Service community in this effort. > > Please note that the servers in question were not connected to any other > Synopsys computer networks. This should have no impact on customers of our > commercial products, and this event did not put any Synopsys corporate data > or intellectual property at risk. > > If you have any questions or concerns, please contact us at > [email protected]. > > > > On Fri, Mar 16, 2018 at 3:21 PM, Jeff Hammond <[email protected]> wrote: > I assume you all saw the update an hour or two ago explaining the absence. > If not, look for it. > > Jeff > > On Wed, Mar 14, 2018 at 1:29 PM, Jeff Squyres (jsquyres) <[email protected]> > wrote: > We could certainly try them all and see which one(s) we like. > > I have no real opinion -- we've been using Coverity for forever; it's > disappointing that it has gone offline with zero word from their owners (even > if they told us "no, we're not doing this anymore", that would be better than > silence). > > > > > On Mar 14, 2018, at 4:05 PM, Paulson, Erik R <[email protected]> > > wrote: > > > > Looking at Code Climate's website, it looks like they don't support C. > > > > I found this tool: https://about.sonarcloud.io/ I have never used it > > before, but it says it supports C and is free for open source. > > > > > > -Erik > > > > -----Original Message----- > > From: ofiwg [mailto:[email protected]] On Behalf Of > > Hefty, Sean > > Sent: Wednesday, March 14, 2018 12:17 PM > > To: [email protected] > > Subject: [ofiwg] coverity replacement > > > > The ofiwg github projects have made use of Coverity for static code > > analysis, which has proven useful in identifying bugs without generating > > hundreds of false warnings (I'm looking at you Klockwork). However, it > > went down for maintenance nearly a month ago, with no responses to emails > > or updates on when or if the service will ever come back. > > > > At this point, I think we need to look at alternatives. Does anyone have > > any personal recommendations on any analysis tools that integrate with > > github? I've done some searches for possible replacements, and Code > > Climate came up as a possible alternative. Has anyone used this or know of > > something better? > > > > https://codeclimate.com/pricing/ > > > > We are still using Travis CI and AppVeyor for testing, so this would > > primarily be for static analysis. > > > > - Sean > > _______________________________________________ > > ofiwg mailing list > > [email protected] > > http://lists.openfabrics.org/mailman/listinfo/ofiwg > > _______________________________________________ > > ofiwg mailing list > > [email protected] > > http://lists.openfabrics.org/mailman/listinfo/ofiwg > > > -- > Jeff Squyres > [email protected] > > _______________________________________________ > ofiwg mailing list > [email protected] > http://lists.openfabrics.org/mailman/listinfo/ofiwg > > > > -- > Jeff Hammond > [email protected] > http://jeffhammond.github.io/ > > > > -- > Jeff Hammond > [email protected] > http://jeffhammond.github.io/ -- Jeff Squyres [email protected] _______________________________________________ ofiwg mailing list [email protected] http://lists.openfabrics.org/mailman/listinfo/ofiwg
