Hello, Last September, I wrote a summary about the ongoing efforts on static analyzers [1].
I am glad to share some more good news. Andi (also known as Bogdan) joined the Softvision team a few weeks ago to help us with this project. We have three main goals: * manage the new issues found by the static analyzers * deal with the backlog of defects found by the static analyzers (coverity, scan-build, infer, etc). This means reporting bugs with patches, ignoring false positives, etc We are using these two meta bugs to keep track of the changes: - scan-build/clang analyzer - https://bugzilla.mozilla.org/show_bug.cgi?id=712350 - coverity - https://bugzilla.mozilla.org/show_bug.cgi?id=1230156 * develop a better understanding of the quality of each checkers. By nature, checkers in static analyzers have different false positives ratio. As we plan to integrate more these tools in our workflow, we want to know which checkers we can trust (or not!). Of course, this is done in parallel of Ehsan's efforts. This is a complementary project. Cheers, Sylvestre [1] https://groups.google.com/forum/embed/#!topic/mozilla.dev.platform/VO2rGCSRgNA _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
