May 20th, 2008: Announcing the Open Source Report 2008
[David Maxwell] - Drawing on over two years worth of the Coverity Scan data, we have prepared a report covering many aspects of the Scan results and software metrics.
The press release about the new Open Source Report is available in pdf form here.
The report can be viewed (pdf) from a link on a dedicated page, here
It is also my pleasure to announce an additional resource that will be helping with maintenance and expansion of the Scan project. Erinn Clark brings many years of open source experience to her new role as an Open Source Engineer at Coverity. In addition to her professional experience as a build and release engineer, she has also been involved in the Debian project since 2004.
January 11th, 2008: Notes on the Rung 2 news coverage
[David Maxwell] - This is a followup on the news coverage, discussions, and emails I've received regarding our announcement of Rung 2.
Developers of Firebird and FreeBSD contacted me about some of the
remarks in the stories about Rung 2. Unfortunately, it's not possible to
review writers' articles before publication, or to discuss every detail
of Scan in a thirty minute phone call.
There are a couple of projects like I would like to offer specific notes
regarding.
FreeBSD is unique, in that they have been a Coverity user since before
the Scan project started, and their analysis is run outside of the Scan
framework. The Scan statistics for FreeBSD have not been pulling in the
numbers from that work, though it has been on my to-do list to fix that
for some time.
The news coverity also raised an issue which has come up previously, in
particular from the Firebird and NetBSD projects. Many open source
projects include other open source code as libraries, components,
utilities, or elements of their build toolchain. The statistics for a
project include analysis for all of the code. New functionality in the
software used for Rung 2 will let us break these numbers out on the
webpage. I'll write again when that update happens.
If you've sent an email to myself, or scan-admin, and not received a
response yet, please be assured it hasn't gone missing, but we have had
a surge of requests - and there are still older issues I'm working on as
well. Thanks for your patience.
January 8th, 2008: Announcing - Rung 2
[David Maxwell] - On a personal note, I'd like to thank everyone involved in the Scan project for your continued participation. It's a unique pleasure for me to work with so many other professionals who are passionate about code quality and security. On behalf of the Coverity team, and our friends at Symantec and the U.S. Department of Homeland security, I'd like to congratulate all project participants on the improvements you're made to your code over the past year and I look forward to working even more closely with you in 2008. That said, we have some exciting Scan news to share with you today.
Today, Coverity is announcing the release of Coverity Scan, Rung 2. This new level on the Scan ladder includes upgraded analysis based on a more recent version of Coverity Prevent.
Eleven dilligent projects which had resolved all of the defects identified at Rung 1 are the first projects to be upgraded to Rung 2. Those projects are Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL
The version of Prevent in use for Rung 2 provides the projects with a new user interface, with significant usability improvements, and tracking and management functions. The analysis engine has been updated with eighteen months worth of developer effort, and builds a more accurate Software DNA Map than ever before. As a result, it can identify additional defects, not previously found.
See the Rung2 page for the current status of the active C and C++ projects on Scan.
November 20th: Announcing - Java on Scan
Since March 2006, the Scan Project has been providing the results of Coverity's static analysis tool, Prevent, to open source C and C++ projects.
Today, Scan is expanding to include open source software written in Java.
You must be a member of the open source project to get access to the results. Submit your Java-based open source project by email, to scan-admin@coverity.com
Projects will be added on a first-come, first-served basis, with those projects who have already submitted Java requests in the past on the front of the queue.
| 
