Hi Guys, I'm the leading the development of the SonarQube platform. If you want any personal login/password to http://nemo.sonarqube.org/ and/or if you want us to tune the set of coding rules used to analyze the Tomcat project, feel free to ping me or
Obviously, if you're getting some false-positives, I'm also eager to get your feedback to help us tuning our java analyser. Thanks ----- twitter.com/FreddyMallet SonarQube for Continuous Inspection ---------- Forwarded message ---------- > From: Henri Gomez <henri.go...@gmail.com> > Date: 2014-08-26 23:52 GMT+02:00 > Subject: Re: Coverity static analysis scanning > To: Tomcat Developers List <dev@tomcat.apache.org> > > > Hi all > > Are you aware SonarQube is analysing Tomcat in Nemo for years ? > > > http://nemo.sonarqube.org/dashboard/index/50544 > > 310 Blocker issues, 121 Critical issues. > > Wondering if Coverity will provides more informations than SonarQube ? > > BTW, SonarQube is analysing major ASF projects for a long time now :) > > > 2014-08-26 11:20 GMT+02:00 Mark Thomas <ma...@apache.org>: > > All, > > > > I have been pinged off-list by Coverity to say that they have set up > > Tomcat with a free account with their static code analysis service. > > > > I think I have the ability to send invitations so if anyone wants to > > take a look at the results, just reply here. > > > > I have taken a quick look and they do appear to have found some valid > > threading issues. There are ~350 issues in total and I don't yet have a > > feel for the false positive rate. > > > > Mark > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: dev-h...@tomcat.apache.org > > > >
