How Samba monitors Coverity Scan report

Andrew Bartlett abartlet at samba.org
Fri Apr 26 05:50:56 UTC 2019


On Thu, 2019-04-25 at 23:30 -0400, Nasif Imtiaz via samba-technical
wrote:
> Hi,
> 
> I see Samba is registered on Coverity Scan
> <https://scan.coverity.com/projects/samba?tab=project_settings> for
> regular
> analysis. I am assuming only the master branch is analysed here (Is
> that correct?)

Well every release branch was at one point master, and almost all
patches added to a release branch are first applied to master, so I
don't think the different is significant. 

> Also, are there any developers from Samba team who regularly monitor
> Coverity reports? What is Samba team's policy on this?

Yes, we regularly monitor the reports and act on them.  

You can see these being fixed by the CID numbers in the patches in
master. 

I hope this clarifies things,

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba






More information about the samba-technical mailing list