Thanks, Roman, that's definitely still true. The web interface provides all sorts of cross-referencing, code browsing, defect history, and other capabilities that are lost in a simple report.
For what it's worth, there are multiple unrelated issues so it probably doesn't make sense to throw them into a single JIRA anyway. Jon (214) 531-3496 > -----Original Message----- > From: shaposh...@gmail.com [mailto:shaposh...@gmail.com] On Behalf Of > Roman Shaposhnik > Sent: Monday, August 26, 2013 12:50 PM > To: common-dev@hadoop.apache.org > Subject: Re: Coverity Scan (MAPREDUCE-5032) > > On Mon, Aug 26, 2013 at 10:43 AM, Vinod Kumar Vavilapalli > <vino...@apache.org> wrote: > > > > Can you file a JIRA and attach the report there? That is the best way to > move this forward. > > Last time I was involved in a Coverity scan was when they scanned another > project I'm committer on (FFmpeg). The lesson there was that the value you > get out of browsing on their site https://scan.coverity.com is immeasurably > higher than from any static report that can be attached to a JIRA. > > Also, at least in FFmpeg's case, Coverity identified a few things that > could've > been used as potential exploits so it made perfect sense to have a white-list > of project members who could get access to the initial report instead of going > all public with it to begin with (which would happen if it just gets attached > to > a JIRA in its entirety). > > Just my 2c worth of working with them in the past. > > Thanks, > Roman.
