Changes between Version 2 and Version 3 of Ticket #3710


Ignore:
Timestamp:
Jun 27, 2019, 9:30:46 PM (3 years ago)
Author:
Gedare Bloom
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #3710 – Description

    v2 v3  
    1515Since security tools tend to be costly in terms of time or compute resources, they are normally run on nightly or even weekly builds rather than on every commit as done for typical continuous integration (CI). It can be tedious to merge commits to the development master and trigger a scan to determine if the issue has been fixed. Instead, we would like to develop fixes and trigger Coverity Scan as needed (subject to staying within the allowed scan rates). Coverity Scan integrates with Github and can be triggered to scan by merging new code to a specific git repository branch. As a first step, a special 'coverity' branch could be created for scanning commits that are pushed there, so that developers who are testing changes can work through the coverity branch before merging fixes into the master. Alternate solutions should be discussed with any mentors.
    1616
     17**Coding Rule Scans**
     18Investigation on this direction is needed. Coverity supports for example a couple of MISRA rules:
     19https://www.synopsys.com/content/dam/synopsys/sig-assets/datasheets/coverity-misra-standards-ds-ul.pdf
     20
     21These rules are not enabled currently. Would it be possible to enable a subset of these rules in our current setup?