On Feb 7, 2023 18:23, Hal Murray via devel <devel@ntpsec.org> wrote:
Thanks.
matthew.sel...@twosigma.com said:
> No. We run the Coverity CI job weekly via a schedule, ...
> I'll work on running Coverity post-merge.
I agree that running it every merge is overkill.
A button that says run-now would be nice if we are working on fixing Coverity
problems.
Can you poke it by hand?
Not as such, no. But it is easy for an authorized user to trigger a scheduled run at GitLab. It's under ci > schedules on the left sidebar.
How does Coverity fit into the release procedure?
"Check with the buildbot reports, assure that there are no unplanned regressions on the supported platforms."
Along with flawfinder and semgrep presumably.
Should we schedule releases after a Coverity run?
_______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
