On Sun, Nov 24, 2013 at 3:53 AM, Darius Jahandarie wrote: > Although Debian *developers* can't find and fix all upstream bugs, the > Debian project, as the funnel between code and users, provides an > interesting location to perform this sort of automated static analysis > on all source code flowing through it, and present that information > to both the package maintainers and users of the packages.
Some Debian folks are working on that in conjunction with Fedora. We could use some help, especially with packaging new checkers and with writing firehose output converters for existing checkers. Please get involved, links below. PS: STACK isn't currently possible to package because it needs a special build of llvm that isn't in Debian yet. https://fedoraproject.org/wiki/StaticAnalysis https://github.com/fedora-static-analysis/firehose http://debile.debian.net/ http://firewoes.debian.net/ http://debuild.me/ https://wiki.debian.org/HowToPackageForDebian#Check_points_for_any_package -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caktje6hzr-p2nnhku_24rp7vgsb02jet_fb9cy2bwurcgaa...@mail.gmail.com
