Am 26.07.2013 00:00, schrieb Terry Reedy: >> http://www.coverity.com/company/press-releases/read/coverity-introduces-monthly-spotlight-series-for-coverity-scan-open-source-projects >> > > The intention is to promote the best of open source to industry.
I think it's also a marketing tool. They like to sell their product. I don't have a problem with that. After all Coverity provides a useful service for free that supplements our own debugging tools. >> Lines of Code: 396,179 > > C only? or does Python code now count as 'source code'? It's just C code and headers. Coverity doesn't analyze Python code. According to cloc Python has 296707 + 78126 == 374833 lines of code in C and header files. I'm not sure why Coverity detects more. > >> Defect Density: 0.05 > > = defects per thousand lines = 20/400 > > Anything under 1 is good. The release above reports Samba now at .6. > http://www.pcworld.com/article/2038244/linux-code-is-the-benchmark-of-quality-study-concludes.html > > reports Linux 3.8 as having the same for 7.6 million lines. These are amazing numbers. Python is much smaller. > >> Total defects: 1,054 >> Outstanding: 21 (Coverity Connect shows less) >> Dismissed: 222 > > This implies that they accept our designation of some things as False > Positives or Intentional. Does Coverity do any review of such > designations, so a project cannot cheat? What's the point of cheating? :) I could dismiss any remaining defect as intentionally or false positive but that would only harm ourselves. As you already pointed out Coverity reserves the right to inspect dismissed bugs for their highest ranking. I'm in the process of looking through all dismissed defects. Some of them are relics of deleted files and removed code. Some other may go away with proper modeling. Christian _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
