Coverity Scan

Static Analysis

Find and fix defects in your Java, C/C++, C#, JavaScript, Ruby, or Python open source project for free

  • Test every line of code and potential execution path.
  • The root cause of each defect is clearly explained, making it easy to fix bugs
  • Integrated with

More than 4100 open source projects and 18000 developers use Coverity Scan

Announcements

Updated Build Limits

Effective immediately, the build limits have been increased across all project sizes.

The number of weekly builds per project are as follows:

  • Up to 28 builds per week, with a maximum of 4 builds per day, for projects with fewer than 100K lines of code
  • Up to 21 builds per week, with a maximum of 3 builds per day, for projects with 100K to 500K lines of code
  • Up to 14 builds per week, with a maximum of 2 build per day, for projects with 500K to 1 million lines of code
  • Up to 7 builds per week, with a maximum of 1 build per day, for projects with more than 1 million lines of code
As before, once a project reaches the maximum builds per week, additional build requests will be rejected.

Updates

Coverity 8.7.0 has been released!

This release includes new/improved support for the Jack-and-Jill Android Toolchain. In addition, there a number of new checkers available for C#/Java/Android/Javascript.

The following improvements have been made:

  • Support for C++11 noexcept exception specifiers has been improved for implicitly declared special member functions.
  • Support for C++11 noexcept exception specifiers has been improved.
  • Added parsing support of C11 atomic feature.
  • Support for Clang modules has been added. It is no longer necessary to disable Clang modules support in native builds in order to capture a build.
  • Added support for clang version 3.9.
  • Uncaught exception defects will now be reported for functions declared with the C++11 noexcept exception specifier.
  • Apple Clang 8.0 is now supported.

All users who are experiencing build issues should upgrade to this version; a number of bugs have been fixed with this release.

WARNING: Linux users on kernel version 4.8.x and newer will need to apply a sysctl parameter to support our binaries. Without this parameter, our binaries will not work on your platform. This is a known issue which we will address with a future release.

# sysctl vsyscall=emulate

Notifications

Version 7.6.0.x is no longer supported.

The current supported versions are:

  • 7.7.0.x (to be retired July 2017)
  • 8.5.0.x
  • 8.7.0.x

Users are encouraged to download the latest tools in Downloads.

Going forward, only the latest three releases will be supported. This means projects should be expected to update their tools approximately once a year (or more frequently if you want the latest features/support).

}

Interested in open source quality?

Check out what's happening with your favorite open source projects.

Find Your Project

Free Report

2014 Coverity Scan
open source report

Download the 2014 Scan report and benchmark your defect density against the world's top open source projects

Download the Report

Get Started in 3 Easy Steps

icon

1. Sign up and register your project

icon

2. Upload your build for analysis

icon

3. View and fix your defects