static analysis

[Ken Giusti <kg...@redhat.com>]

Hi all,

While cruising slashdot (guilty pleasure), I found that Coverity offers their static analysis code tool for qualifying open source projects.  See:

http://scan.coverity.com/

I've used this tool in the past on a previous employer's large C++ project.  As with any automated code checker, the signal/noise ratio can be rather bad, but it did find a few real issues.

>From what I can tell, the project doesn't get access to the tool - rather, Coverity runs the tool over the sources and makes the results available to the project. There's a faq for getting a project signed up:  http://scan.coverity.com/developers-faq.html   To get started we'd have to designate an official contact.

Thoughts?


-K

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org