Project

General

Profile

Misc #15202

Updated by jaruga (Jun Aruga) over 5 years ago

Recently I reported issues detected by code analysis tool mainly using Coverity Scan.  

 The 9 issues categorized as "important" was fixed by #15116. (Thank you!) 

 > https://bugs.ruby-lang.org/issues/15116 
 > 
 > However as a "not important" issues, around 1000 issues were detected by the tool for the ruby 2.5.1. 
 > I am considering how to deal with this or report those. 
 > I might open an another ticket for that. 

 However there are around 1000 "not important" issues. 

 Right now I do not share the report file (840KByte) for that, because it makes people tired. 
 If someone want to see it, I am happy that to share it here as an attachment. 

 Instead of that, It looks good to me that someone could see the result of coverity scan casually anytime to fix those in long term. 

 What I want to propose is it to add coverity scan test on rubyci or Travis CI. 

 I do not know how coverity scan is used on current Ruby project as a regular workflow. 
 But I could see it is actually used from the setting [2] and some tickets. [3] 

 I found how to use Coverity Scan on Travis CI [4], and the used cases [5][6]. 

 How do you think? 


 * [1] rubyci: https://www.rubyci.org/ 
 * [2] coverity scan ruby project: https://scan.coverity.com/projects/ruby 
 * [3] coverity scan used tickets: 
   * https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/61862 
   * https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/55763 
   * https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/50734 
 * [4] How to use Coverity Scan on Travis CI: https://scan.coverity.com/travis_ci 
 * [5] The cases for coverity scan on Travis CI: 
   * https://github.com/nanoporetech/scrappie/blob/master/.travis.yml 
   * https://github.com/JanusGraph/janusgraph/blob/master/.travis.yml 

Back