We commonly advise not to do automatic importing of issues. Too much churn.
Issue notification email is only net-new issues from analysis to analysis. No news is good news. Analysis 'more often' is better. Some users analyze on each commit, some analyze nightly, some weekly. Release to release tends to introduce all the issues when the schedule is the tightest. Eric triages issues on the SCAN server and adds special comments to address intentional or noisy issues. The web view includes quite a lot of interactive material. Reports are much harder to use. > On Mar 30, 2016, at 6:55 PM, Hal Murray <hmur...@megapathdsl.net> wrote: > > > dtpoi...@gmail.com said: >> I am starting up a NTPsec instance of the suite of Synopsys development >> testing tools - Coverity, Defensics and Protecode. > > Thanks. > > ... >> Is there any interest in this level of integration and reporting? > > I think we should fix any problems. I don't think we should clutter up > issues tracker with simple Coverty bugs. If they don't get fixed promptly, > they will get rediscovered next time. > > The Coverty printout that I've looked at have been quite verbose. If there > is a way to automatically run it after (or better, just before) a release, I > think a summary of the problems to this list would be helpful. I might > change my mind if I get bored with too many "All OK" reports. > > I'm not familiar with the other tools. > > > > -- > These are my opinions. I hate spam. > > > _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
