科技回声

7 条评论

Coverity Scan regularly goes down for hours or days.In February of 2018 it was down for over a month with no word or ETA on when it would be fixed. I hadn't thought about it since then (we discontinued use), but researching it now they released a statement saying that it was hacked. There was not a single status update during the outage. <a href="https://www.theregister.co.uk/2018/03/19/coverity_scan_cryptomining/" rel="nofollow">https://www.theregister.co.uk/2018/03/19/coverity_scan_crypt...</a>

kstrauser超过 6 年前

I wonder who the hosting provider was. I'm not seeing much in the news about one that "unexpectedly ceased operations", just the expected background news of scattered outages.

评论 #18869947 未加载

sanxiyn超过 6 年前

Coverity is really good. It is a pity some of its advances, effective in practice but not really "publishable", will forever remain as proprietary secret.Source: I worked on static code analysis product and we extensively black-box tested Coverity.

评论 #18870547 未加载

walterbell超过 6 年前

Has anyone tried LGTM / Semmle QL for automated code review? They claim 100K OSS projects are using the service. It's a bit hard to find technical information on the product, but they have found CVEs in mainstream products, including iOS.<a href="https://lgtm.com" rel="nofollow">https://lgtm.com</a> & <a href="https://semmle.com/ql" rel="nofollow">https://semmle.com/ql</a>

评论 #18869748 未加载

评论 #18873365 未加载

评论 #18869834 未加载

评论 #18885338 未加载

sunyc超过 6 年前

I honestly thought it is gone!All links are dead, and synopsis.com’s big Corp style website isn’t helping one bit.

joshstrange超过 6 年前

> Coverity Scan is a free static code analysis tool for Java, C, C++, C# and JavaScript. It analyzes every line of code and potential execution path and produces a list of potential code defects.There we go, I had no clue what this even was. Do a lot of people here use it?

评论 #18869345 未加载

评论 #18869443 未加载

评论 #18870039 未加载

评论 #18869417 未加载

评论 #18869605 未加载

评论 #18869515 未加载

rurban超过 6 年前

Wouldn't it be great if professional websites will someday get to the level of non-professional websites? E.g. by giving this announcement page a proper title: "Coverity Scan Outage".Update is a change, this is an outage.

7 条评论

danielhochman超过 6 年前

kstrauser超过 6 年前

I wonder who the hosting provider was. I'm not seeing much in the news about one that "unexpectedly ceased operations", just the expected background news of scattered outages.

评论 #18869947 未加载

sanxiyn超过 6 年前

评论 #18870547 未加载

walterbell超过 6 年前

评论 #18869748 未加载

评论 #18873365 未加载

评论 #18869834 未加载

评论 #18885338 未加载

sunyc超过 6 年前

I honestly thought it is gone!All links are dead, and synopsis.com’s big Corp style website isn’t helping one bit.

Coverity Scan Update

7 条评论

Coverity Scan Update

7 条评论