Yes, this appears to be good news (that it's back, at least).

I was waiting for scan.coverity.com to be back up again before mailing the list 
-- as of right now (~6:30pm US Eastern), I still get a proxy timeout when 
attempting to access scan.coverity.com.



> On Mar 16, 2018, at 6:23 PM, Jeff Hammond <[email protected]> wrote:
> 
> To be more explicit, the message is below.
> 
> ---------- Forwarded message ----------
> From: Coverity SCAN <[email protected]>
> Date: Fri, Mar 16, 2018 at 2:18 PM
> Subject: Coverity SCAN is Again Available
> Coverity SCAN Service Community:
> 
> As you may be aware, there recently was an interruption in the availability 
> of the Coverity Scan service. In February 2018, we discovered that servers 
> used for the Coverity Scan service were accessed by an unauthorized 
> third-party. The access appears to have started earlier in the month. We 
> suspect that the access was to utilize our computing power for cryptocurrency 
> mining. We have not found evidence that database files or artifacts uploaded 
> by the open source community users of the Coverity Scan service were 
> accessed. We retained a well-known computer forensics company to assist us in 
> our investigation.
> 
> We have closed the method of access, and the Coverity Scan service is again 
> available as a free service to the open source community. The Coverity Scan 
> service data is backed up frequently, and Coverity Scan service data will be 
> restored. We regret any inconvenience caused by the downtime of the Coverity 
> Scan service.
> 
> We take our commitment to the Open Source community seriously. To that end, 
> we are asking that all Coverity Scan users reset their passwords to regain 
> access to the service. We are continually assessing and improving our systems 
> and practices in this environment, and will work with the Coverity Scan 
> Service community in this effort.
> 
> Please note that the servers in question were not connected to any other 
> Synopsys computer networks. This should have no impact on customers of our 
> commercial products, and this event did not put any Synopsys corporate data 
> or intellectual property at risk.
> 
> If you have any questions or concerns, please contact us at 
> [email protected].
> 
> 
> 
> On Fri, Mar 16, 2018 at 3:21 PM, Jeff Hammond <[email protected]> wrote:
> I assume you all saw the update an hour or two ago explaining the absence.  
> If not, look for it.
> 
> Jeff
> 
> On Wed, Mar 14, 2018 at 1:29 PM, Jeff Squyres (jsquyres) <[email protected]> 
> wrote:
> We could certainly try them all and see which one(s) we like.
> 
> I have no real opinion -- we've been using Coverity for forever; it's 
> disappointing that it has gone offline with zero word from their owners (even 
> if they told us "no, we're not doing this anymore", that would be better than 
> silence).
> 
> 
> 
> > On Mar 14, 2018, at 4:05 PM, Paulson, Erik R <[email protected]> 
> > wrote:
> >
> > Looking at Code Climate's website, it looks like they don't support C.
> >
> > I found this tool: https://about.sonarcloud.io/ I have never used it 
> > before, but it says it supports C and is free for open source.
> >
> >
> > -Erik
> >
> > -----Original Message-----
> > From: ofiwg [mailto:[email protected]] On Behalf Of 
> > Hefty, Sean
> > Sent: Wednesday, March 14, 2018 12:17 PM
> > To: [email protected]
> > Subject: [ofiwg] coverity replacement
> >
> > The ofiwg github projects have made use of Coverity for static code 
> > analysis, which has proven useful in identifying bugs without generating 
> > hundreds of false warnings (I'm looking at you Klockwork).  However, it 
> > went down for maintenance nearly a month ago, with no responses to emails 
> > or updates on when or if the service will ever come back.
> >
> > At this point, I think we need to look at alternatives.  Does anyone have 
> > any personal recommendations on any analysis tools that integrate with 
> > github?  I've done some searches for possible replacements, and Code 
> > Climate came up as a possible alternative.  Has anyone used this or know of 
> > something better?
> >
> > https://codeclimate.com/pricing/
> >
> > We are still using Travis CI and AppVeyor for testing, so this would 
> > primarily be for static analysis.
> >
> > - Sean
> > _______________________________________________
> > ofiwg mailing list
> > [email protected]
> > http://lists.openfabrics.org/mailman/listinfo/ofiwg
> > _______________________________________________
> > ofiwg mailing list
> > [email protected]
> > http://lists.openfabrics.org/mailman/listinfo/ofiwg
> 
> 
> --
> Jeff Squyres
> [email protected]
> 
> _______________________________________________
> ofiwg mailing list
> [email protected]
> http://lists.openfabrics.org/mailman/listinfo/ofiwg
> 
> 
> 
> -- 
> Jeff Hammond
> [email protected]
> http://jeffhammond.github.io/
> 
> 
> 
> -- 
> Jeff Hammond
> [email protected]
> http://jeffhammond.github.io/


-- 
Jeff Squyres
[email protected]

_______________________________________________
ofiwg mailing list
[email protected]
http://lists.openfabrics.org/mailman/listinfo/ofiwg

Reply via email to