| Thomas Wouters | 0e3f591 | 2006-08-11 14:57:12 +0000 | [diff] [blame] | 1 | |
| 2 | Coverity has a static analysis tool (Prevent) which is similar to Klocwork. |
| 3 | They run their tool on the Python source code (SVN head) on a daily basis. |
| 4 | The results are available at: |
| 5 | |
| 6 | http://scan.coverity.com/ |
| 7 | |
| 8 | About 20 people have access to the analysis reports. Other |
| 9 | people can be added by request. |
| 10 | |
| 11 | Prevent was first run on the Python 2.5 source code in March 2006. |
| 12 | There were originally about 100 defects reported. Some of these |
| 13 | were false positives. Over 70 issues were uncovered. |
| 14 | |
| 15 | Each warning has a unique id and comments that can be made on it. |
| 16 | When checking in changes due to a warning, the unique id |
| 17 | as reported by the tool was added to the SVN commit message. |
| 18 | |
| 19 | False positives were annotated so that the comments can |
| 20 | be reviewed and reversed if the analysis was incorrect. |
| 21 | |
| 22 | Contact python-dev@python.org for more information. |