ailable?
-Original Message-
From: John Kinsella [mailto:j...@stratosec.co]
Sent: Tuesday, November 20, 2012 11:53 AM
To:
cloudstack-dev@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>
Subject: Re: Static Analysis Tools
Allow me to clarify my previous statement - F
At the conference you showed a URL with the results. Is that publicly
available?
-Original Message-
From: John Kinsella [mailto:j...@stratosec.co]
Sent: Tuesday, November 20, 2012 11:53 AM
To: cloudstack-dev@incubator.apache.org
Subject: Re: Static Analysis Tools
Allow me to clarify
Sonar analysis of Cloudstack is also available via nemo portal at:
http://nemo.sonarsource.org/dashboard/index/org.apache.cloudstack:cloudstack
-sebastien
On Nov 20, 2012, at 7:44 PM, David Nalley wrote:
> On Tue, Nov 20, 2012 at 1:36 PM, Animesh Chaturvedi
> wrote:
>>
>> Folks
>>
>> I want
Agreed
-Original Message-
From: John Kinsella [mailto:j...@stratosec.co]
Sent: Tuesday, November 20, 2012 2:01 PM
To: cloudstack-dev@incubator.apache.org
Subject: Re: Static Analysis Tools
My bad for misintrepertation. :) Coverity for a while actually did try to
market themselves as a
> From: John Kinsella [mailto:j...@stratosec.co]
> Sent: Tuesday, November 20, 2012 11:53 AM
> To: cloudstack-dev@incubator.apache.org
> Subject: Re: Static Analysis Tools
>
> Allow me to clarify my previous statement - Fortify has such a program, as
> well, and they've gi
...@stratosec.co]
Sent: Tuesday, November 20, 2012 11:53 AM
To: cloudstack-dev@incubator.apache.org
Subject: Re: Static Analysis Tools
Allow me to clarify my previous statement - Fortify has such a program, as
well, and they've given me a license to scan ACS for this purpose.
What you run into with thi
k. Here is the link http://scan.coverity.com/getting-started.html
>
>
> -Original Message-
> From: John Kinsella [mailto:j...@stratosec.co]
> Sent: Tuesday, November 20, 2012 11:12 AM
> To: cloudstack-dev@incubator.apache.org
> Subject: Re: Static Analysis Tools
>
-Original Message-
From: John Kinsella [mailto:j...@stratosec.co]
Sent: Tuesday, November 20, 2012 11:12 AM
To: cloudstack-dev@incubator.apache.org
Subject: Re: Static Analysis Tools
Additionally I (and others) run ACS through Fortify Source Code Analyzer.
Personally I think findbugs is a
Additionally I (and others) run ACS through Fortify Source Code Analyzer.
Personally I think findbugs is a bit of a toy, but anything helps...
John
On Nov 20, 2012, at 10:44 AM, David Nalley
wrote:
> On Tue, Nov 20, 2012 at 1:36 PM, Animesh Chaturvedi
> wrote:
>>
>> Folks
>>
>> I want to g
, November 20, 2012 10:45 AM
To: cloudstack-dev@incubator.apache.org
Subject: Re: Static Analysis Tools
On Tue, Nov 20, 2012 at 1:36 PM, Animesh Chaturvedi
wrote:
>
> Folks
>
> I want to get your opinion on using static analysis tools like PMD for
> CloudStack to catch some of th
On Tue, Nov 20, 2012 at 1:36 PM, Animesh Chaturvedi
wrote:
>
> Folks
>
> I want to get your opinion on using static analysis tools like PMD for
> CloudStack to catch some of the bugs early on. Maven has a plugin for PMD
> http://maven.apache.org/plugins/maven-pmd-plugin/
>
> Thanks
> Animesh
S
11 matches
Mail list logo
