[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Make coverity results public

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Wed, 28 Mar 2018 14:49:39 +0100
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 28 Mar 2018 13:50:05 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Wed, Mar 28, 2018 at 02:33:37PM +0100, Roger Pau Monné wrote:
> Hello,
> 
> According to the contribution guidelines document [0] the coverity
> database of issues is private, which makes it hard for new people to
> see issues. IMO it makes no sense to keep the result private anymore:
> 
>  - They have been audited for plenty of time by different people
>    that currently has access to the database.
>  - Anyone can reproduce the same results by forking Xen on github and
>    sending a build to coverity for analysis AFAICT.
> 
> On the plus side, having the database open would allow us the
> following:
> 
>  - Coverity reports could be sent to xen-devel, so anyone could pick
>    and fix new issues.
>  - Newcomers could use coverity in order to find small size tasks to
>    work on.
> 

+1 for making it public.

It used to be the case that people had access manually forward issues to
new comers. It was not fun for anyone involved.

The way the current policy is written makes it only theoretically
possible for new comers to access the results (note the signed by PGP
key in a part of the strong set of web of trust), but is more likely to
be impossible in practice.

Wei.

> Thanks, Roger.
> 
> [0] https://xenproject.org/help/contribution-guidelines.html

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] Make coverity results public
  - From: George Dunlap

References:
- [Xen-devel] Make coverity results public
  - From: Roger Pau Monné

Prev by Date: Re: [Xen-devel] possible I/O emulation state machine issue
Next by Date: Re: [Xen-devel] [PATCH v4 4/7] xen/x86: use invpcid for flushing the TLB
Previous by thread: Re: [Xen-devel] Make coverity results public
Next by thread: Re: [Xen-devel] Make coverity results public
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.