Development Testing Blog

Coverity Open Source Report: Past and Present

As we issue the 2010 version of the Coverity Open Source Report, we acknowledge that another year has passed. There are a variety of topics of interest to open-source developers and scan users in particular that are more operational in nature, and less suited to inclusion in the report. I’ll use this blog post as a forum to provide those updates on the year’s activities and also to outline the next steps for Scan.

First, we have embarked upon the largest upgrade to the Scan service since its launch. We are migrating more than a terabyte worth of data from our legacy database system to the system and schema used by the latest Coverity tools. This migration will occur in stages. Each project will receive a great deal of additional analysis results due to the use of Coverity’s newest analysis engines.

In addition to the updates to the analysis, the latest tools also include functionality such as the ability to analyze multiple branches of development, and correctly retain the status information for each defect on an independent per branch basis. This is an often requested feature, since many of our projects have a variety of build options, including building for different platforms and architectures, debug and non-debug builds, integer versus floating-point builds, etc…

Furthermore there are changes to the scan ladder, which are detailed in the 2010 report.

At this time last year there were a very large number of outstanding requests that had been submitted through our scan admin address as well emailed to me directly. Some shifts in open source such as the proliferation of version control systems have affected our ability to deliver regular builds for all projects on an ongoing basis. For example, when a project moves to a new version control system, we at Coverity must update our build scripts to retrieve the source code from the new system. In some cases this is straightforward, but in other cases it can be labor-intensive, or the change can occur without us knowing, particularly in the case where the older system remains online but is no longer updated.

Over the last year we reduced the outstanding request queue by about 80%. We also initiated a number of projects to reduce the administrative bottleneck in Scan operations. Several of the features of these projects will be rolled out over the next year, as the development and refinement of them is still underway. We realize that there are still a large number of users awaiting responses, and we expect that the new system features will allow us to catch up with the request list soon.

We look forward to working with you over the next year and helping you to eliminate even more bugs from your code.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Current day month ye@r *