[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

coverity code checker in Extras



The folks over at Coverity have offered to allow Fedora Extras to use their services, and would like a yes or no. Rather than make this decision in a vacuum, I believe that the Fedora Extras Steering Committee has earned the right to make this decision for themselves.

If we can get a decision by the end of the week, that would be great.

What follows is my own analysis, for whatever it's worth.

PROS

+ It's good technology, and has been used in Linux projects previously with success. Google "coverity linux" or something similar.

+ If we act on the results, it could be a great boon for the FE code quality in general.

+ It doesn't cost us anything.

+ It forms a relationship between Coverity and Red Hat, and sets the table for more work partnership later, if things go well.

+ Bugs are bugs, and flaws are flaws. We should be happy to know about them, however they are found, and we should fix them.

CONS

+ It's not open source, but there is no free alternative that can do the same thing.

+ We need to make sure it doesn't disrupt or break our build system too much. So that will require some technical work and time from certain folks.

My gut is that we should say that we're interested, and start hashing out the technical details of how it will all work with them.

If we go ahead, I think that in addition to the Board, someone in FESCO needs to "own" this and be our point person for technical questions, etc.

Thanks,
Max

--
Max Spevack
+ http://fedoraproject.org/wiki/MaxSpevack
+ gpg key -- http://spevack.org/max.asc
+ fingerprint -- CD52 5E72 369B B00D 9E9A 773E 2FDB CB46 5A17 CF21


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]