Coverity access
(too old to reply)
Neil Hodgson
2014-06-23 03:11:53 UTC
Coverity is a hosted static checker that can be used for free by open-source projects. Scintilla has been on Coverity for about a year. There is already one other Scintilla user authorised to view the Scintilla scan results. If anyone else wants to see the scan results, create an account at Coverity and I'll add you to the project. I think the reason they don't automatically make the results public is that the issues uncovered could be exploited by malware.

I only check the Windows builds for Scintilla and SciTE. Others could contribute by checking Qt, GTK+, or Cocoa builds. Coverity has found some minor errors including a write-beyond-array-end in the Rust lexer. There have been a total of 48 'defects' in Scintilla although most are false positives or unimportant.


You received this message because you are subscribed to the Google Groups "scintilla-interest" group.
To unsubscribe from this group and stop receiving emails from it, send an email to scintilla-interest+***@googlegroups.com.
To post to this group, send email to scintilla-***@googlegroups.com.
Visit this group at http://groups.google.com/group/scintilla-interest.
For more options, visit https://groups.google.com/d/optout.
Continue reading on narkive: