[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH OSSTEST] Add a weekly coverity flight
On Mon, 2016-01-04 at 16:47 +0000, Ian Jackson wrote: > Ian Campbell writes ("[PATCH OSSTEST] Add a weekly coverity flight"): > > Move collectversions into Osstest::BuildSupport rather than > > duplicating with ts-xen-build (nothing else is really duplicated) > > This could profitably be split into a separate patch IMO. > > > For the cr-* integration we treat branch=coverity as a special case of > > tree=xen. I didn't think tree=coverity made much sense, and would > > probably reach tendrils into lots of other places (such as the > > invocations of check_tested). > > > > TODO: How to pick $c{CoverityEmail}, needs to be a real email which is > > in coverity project (which security@xxxxxxx used here is not) > > I don't have an answer to this but perhaps osstest-admin@xenproject ? > Or will it get lots of annoying output ?ÂÂ(We could filter it to make > it go to osstest-output I guess...) It's not lots of output, but it will contain potential security vulnerabilities. In principal it should only contain newly introduced vulnerabilities, which we would obviously fix before releasing, but: a) We might not notice but someone more nefarious might b) Some kinds of changes can cause previously discovered (but not fixed) issues to be re-reported > > +CoverityEmail security@xxxxxxx > > +CoverityTools cov-analysis-linux64-7.7.0.4.tar.gz > > This file needs a DEPLOYMENT NOTE I think. Yes. > > The rest of this looks OK.ÂÂA review from Andrew Cooper might be > worthwhile ? > > Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |