tech@mandoc.bsd.lv
 help / color / mirror / Atom feed
From: Ingo Schwarze <schwarze@usta.de>
To: tech@mdocml.bsd.lv
Cc: uqs@spoerlein.net
Subject: Re: [patch] fix wrong argument for calloc
Date: Sun, 19 May 2013 18:11:27 +0200	[thread overview]
Message-ID: <20130519161127.GA30545@iris.usta.de> (raw)
In-Reply-To: <20130519015855.GI2055@acme.spoerlein.net>

Hi Ulrich,

Ulrich Spörlein wrote on Sun, May 19, 2013 at 03:58:56AM +0200:
> On Sat, 2013-05-18 at 18:45:45 +0200, Ingo Schwarze wrote:

>> Hummm...  Please bear with my ignorance...
>> How can anybody do anything with the CID?
>> Is the CID really useful without a project ID?
>> Is there a database somewhere on the net?

> Sorry, got to this mail only now. These IDs are unique on
> http://scan.coverity.com which is where Open Source projects
> can sign up to have Coverity scan their stuff.
> 
> The FreeBSD project used to run their own instance of Coverity Prevent
> (so with local IDs, not global ones), but I'm trying to get us on the
> coverity-run instance, which should scale easier and lessen the
> bus-factor on our side.
> 
> NetBSD is on there too,

Ah, thanks for the explanation.

> maybe OpenBSD should consider doing this as well.

Maybe, maybe not, i really have no idea and don't expect to be among
the people deciding that.  I seem to remember some individual
developers using Coverity as one of several tools to do code reviews
in the past, but i'm not aware of any current plans and don't plan
to propose any future ones, either.

> If you create an account

I tried that yesterday, not for OpenBSD work in general, but just
to work on mandoc.  However, sign on failed, telling me to confirm
the account, but i never received the confirmation email, not even
after requesting a resend.  Meanwhile, they apparently have deleted
my account.  Trying to sign on returns "Username doesn't exist...",
which is different from the message i got yesterday.

> and request access to the FreeBSD project, I should be able to give
> that to you. But they currently migrate their website and some stuff
> seems broken.

Yes, it seems so.

Oh well, i guess i am losing interest, i was hesitant to work
with a commercial vendor in the first place, in particular
regarding security-relevant topics.  All the more if the fail
to even maintain their tools in working state...

Of course, you are still very welcome to report any issues you
are aware of, no matter how you found them!

Yours,
  Ingo
--
 To unsubscribe send an email to tech+unsubscribe@mdocml.bsd.lv

      reply	other threads:[~2013-05-19 16:11 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-05-17  0:29 Ulrich Spörlein
2013-05-18 16:45 ` Ingo Schwarze
2013-05-19  1:58   ` Ulrich Spörlein
2013-05-19 16:11     ` Ingo Schwarze [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130519161127.GA30545@iris.usta.de \
    --to=schwarze@usta.de \
    --cc=tech@mdocml.bsd.lv \
    --cc=uqs@spoerlein.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).