How Samba monitors Coverity Scan report

Andrew Bartlett abartlet at
Fri Apr 26 05:50:56 UTC 2019

On Thu, 2019-04-25 at 23:30 -0400, Nasif Imtiaz via samba-technical
> Hi,
> I see Samba is registered on Coverity Scan
> <> for
> regular
> analysis. I am assuming only the master branch is analysed here (Is
> that correct?)

Well every release branch was at one point master, and almost all
patches added to a release branch are first applied to master, so I
don't think the different is significant. 

> Also, are there any developers from Samba team who regularly monitor
> Coverity reports? What is Samba team's policy on this?

Yes, we regularly monitor the reports and act on them.  

You can see these being fixed by the CID numbers in the patches in

I hope this clarifies things,

Andrew Bartlett
Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT

More information about the samba-technical mailing list