Hi all, The Coverity Scan tool is a highly regarded tool for static analysis of complex c++ projects. It's able to pro-actively identify many code issues (such as potential crashes, memory leaks, and other unsafe behavior) which aren't picked up by other tools (such as clang-tidy or cppcheck).
Currently, the tool reports around 1075 open issues when run on the QGIS master codebase. These issues range from false positives to trivial fixes through to serious issues which require substantial work to fix. Unfortunately, the large number of trivial issues currently reported in QGIS make the tool effectively useless for QGIS, as the critical issues are hidden amongst the many hundreds of trivial issues. The newly submitted QEP https://github.com/qgis/QGIS-Enhancement-Proposals/pull/337 seeks to cleanup the Coverity Scan results for QGIS, by fixing trivial issues and closing false positives. See the QEP PR at https://github.com/qgis/QGIS-Enhancement-Proposals/pull/337 for further details and discussion. (This project will be submitted as a candidate for the 2025 grant funding) Nyall _______________________________________________ QGIS-Developer mailing list QGIS-Developer@lists.osgeo.org List info: https://lists.osgeo.org/mailman/listinfo/qgis-developer Unsubscribe: https://lists.osgeo.org/mailman/listinfo/qgis-developer
