[torquedev] Interest in submitting Torque to Coverity Scan ?

Chris Samuel samuel at unimelb.edu.au
Tue Mar 8 15:48:34 MST 2011


Hi folks,

Coverity Scan is a static code analysis tool (closed source)
which provides a free service to qualifying projects to have
their code analysed for security bugs.  Projects like Open-MPI,
Apache, etc, already use this service.

According to the FAQ:

 http://scan.coverity.com/developers-faq.html

projects that are maintained by for-profit corporations
are included at Coverity's discretion, projects maintained
by individuals or non-profits are automatically eligible.

The Open-MPI people have kindly documented how they
interact with Coverity (page uses self-signed cert):

 https://svn.open-mpi.org/trac/ompi/wiki/Coverity

They've got a good reputation for finding security bugs
and I believe it could be a good tool for Torque.

Thoughts ?

cheers!
Chris
-- 
Christopher Samuel          Senior Systems Administrator
VLSCI - Victorian Life Sciences Computational Initiative
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
          http://www.vlsci.unimelb.edu.au/


More information about the torquedev mailing list