[Fedora-infrastructure-list] Re: coverity code checker in Extras

Ulrich Drepper drepper at redhat.com
Thu Aug 31 16:02:03 UTC 2006

Warren Togami wrote:
> How so?  mock putting together its own buildroots and doing rpmbuild -bp
> is not the same thing?

The nature of the two tasks running independently automatically makes it
impossible to guarantee that the same code is analyzed and shipped.  The
nice thing about the way the tools work is that they can work
transparently while building the actual packages.

This not only guarantees the same sources are analyzed and shipped, it
also significantly reduces the resources needed since the build root and
untarred packages don't have to be created again.

Also note that the actual Coverity tool isn't run at the time of the
data collection.  This is only a tiny little piece which collects the
data.  The actual analysis is done in a separate step.

➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20060831/4d17312d/attachment.bin 

More information about the infrastructure mailing list