Opened 14 years ago
Last modified 2 years ago
#23 accepted TODO (General task list)
Integrate code security analysis tools into Buildbot
Reported by: | Samuli Seppänen | Owned by: | Samuli Seppänen |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.1.0 / 2.1.1 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: | samuli@… |
Description
In the IRC meeting on 22nd Apr 2010 it was agreed that all patches should be checked with (security) auditing tools such as Valgrind and Coverity. These tools need to be integrated into our Continuous integration server app, Buildbot.
Change History (12)
comment:1 Changed 14 years ago by
Status: | new → accepted |
---|
comment:2 Changed 14 years ago by
Cc: | samuli@… added |
---|
comment:3 Changed 14 years ago by
comment:4 Changed 11 years ago by
Coverity has made some changes to their service since this ticket was last modified. It's possible that nowadays it can track a Git tree.
comment:5 Changed 11 years ago by
Hiya. I know you have gotten coverity to check our git tree, but I think their check results are slightly stale (as lots of our code base has changed).
Is there a way to make their system forget everything it knows, and re-start with the latest git master? Then we could try to go systematically through it and fix stuff.
(Also, when I looked last time, their system didn't grok ASSERT() and gave lots of false positives. If they haven't fixed that yet, we could report it back...)
comment:6 Changed 10 years ago by
I will have a look at this again. I read that Coverity has made some changes to the source code upload process lately - that might help us here.
comment:7 Changed 8 years ago by
We now have Coverity track a special branch. This was necessary as the number of allowable builds per day is limited. Do we consider this enough to close the ticket?
It's not possible to integrate Coverity into Buildbot. Coverity tracks a static codebase, which in our case is also outdated.