On Wed, 2013-05-08 at 19:36 -0500, Austin Seipp wrote:
> Hello all,
>
> On IRC today, Nicolas Trangez brought up the idea of registering GHC
> for Coverity's SCAN project. SCAN is essentially a free service run by
> Coverity, which runs their Static Analyzer on open source projects
> ('open source
On 09/05/13 01:36, Austin Seipp wrote:
Hello all,
On IRC today, Nicolas Trangez brought up the idea of registering GHC
for Coverity's SCAN project. SCAN is essentially a free service run by
Coverity, which runs their Static Analyzer on open source projects
('open source' being defined by OSI) an
Austin brings up an interesting point, which is that the last time
we had a security vulnerability situation was when it was discovered
that CGI scripts could pass +RTS options to Haskell programs and
get programs to do things that they shouldn't. And, AFAICT, we haven't
ever had any CVEs issued a
Hello all,
On IRC today, Nicolas Trangez brought up the idea of registering GHC
for Coverity's SCAN project. SCAN is essentially a free service run by
Coverity, which runs their Static Analyzer on open source projects
('open source' being defined by OSI) and gives the results back to
developers. C