Updated: see https://xenproject.org/help/contribution-guidelines.html
The text now is
Code Security Scanning
The Xen Project is registered with the "Coverity Scan" service which applies
Coverity's static analyser to the Open Source projects. The tool can and does
find flaws in the source code which can include security issues. Currently only
the Xen Project Hypervisor (i.e. xen.git) is covered by these scans. Triaging
and proposing solutions for the flaws found by Coverity is a useful way in
which Community members can contribute to the Xen Project.
Members of the community may request access to the Coverity database. However,
Coverity requires that you create an account and apply for Xen Project
membership by searching for the Xen Project and then requesting to be added to
the project. We typically will approve requests within a few days, but reserve
rejecting requests from accounts who never engaged with the project (aka never
posted to a mailing list) or which look like spam accounts.
On 04/04/2018, 16:50, "Wei Liu" <wei.l...@citrix.com> wrote:
On Wed, Apr 04, 2018 at 03:47:44PM +0100, Lars Kurth wrote:
> On 28/03/2018, 19:23, "George Dunlap" <george.dun...@citrix.com> wrote:
> > Lars, if you don't object I'm going to open up the results. And I
> > leave the task to update the contribution guide webpage to you. :-)
> I'd wait at least until EOD Thursday. :-)
> Sure. I am assuming this is public now?
Yes, it is supposed to be public. But Roger says he still can't access
it. I have sent an email to admin@coverity, but they haven't come back.
We should definitely update our policy document.
Xen-devel mailing list