Joachim Strömbergson <joac...@assured.se> writes: >I think we should try and get Coverity Scan up and running for Cryptech. And >scan-build. Should we also create a mirror repo at Github?
Getting set up for Coverity is actually pretty easy, you just sign up, download their scan tool to wherever your code is, run it, and upload the results to Coverity. Their web-based dashboard is a bit painful to use, but apart from that the process is pretty straightforward. I can provide notes on how to do it if it's useful. Not sure how useful OSS-Fuzz is, there's a lot of initial config and setup you need to do and I found it easier to just run AFL directly on my code. If it's a library, you can use libFuzzer and honggfuzz as well, the two are fairly easily interchangeable. Peter. _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
