On Sat, Jul 6, 2024 at 2:05 AM Siteshwar Vashisht <svashi...@redhat.com> wrote:
> Hello, > > I am writing this message to get feedback from the community on possibly > new defects identified by static analyzers in Critical Path Packages that > have changed in Fedora 41. For context, please see my previous email[1]. > There were a large number of false positives reported due to cppcheck warning about limiting analysis of branches. I have added the --check-level=exhaustive option to cppcheck. Here is an example report: Without --check-level=exhaustive: https://openscanhub.fedoraproject.org/task/242/log/units-2.22-6.fc39/scan-results.html With --check-level=exhaustive: https://openscanhub.fedoraproject.org/task/2029/log/units-2.22-6.fc39/scan-results.html So this issue should not happen in the future. > > TLDR: This report[2] contains 73976 identified defects. Please review the > report and provide feedback. > > A mass scan was performed this week on the packages that have changed in > Fedora 41. This report[2] contains all the new defects that have been > identified in the packages listed in Critical Path Packages. Please review > the report and fix or report any defects to upstream that may be real bugs. > Not all defects reported by OpenScanHub may be actual bugs, so please > verify reported defects before investing time into fixing or reporting > them. We hope this is helpful for the packages you maintain and for the > upstream projects. Questions can be asked on the OpenScanHub mailing > list[3]. If you want to see the full logs of the scans, they are available > on the tasks[4] page. User documentation for performing a scan is available > on the Fedora wiki[5]. > > Please remember this is currently an early production stage for > OpenScanHub scanning. Constructive feedback is appreciated. Thank you! > > [1] > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/OMKLJFW4VC242QSA7R4KMGI6IGBT3YLM/ > [2] https://svashisht.fedorapeople.org/f41-03-Jul-2024/ > [3] > https://lists.fedoraproject.org/archives/list/openscan...@lists.fedoraproject.org/ > [4] https://openscanhub.fedoraproject.org/task/ > [5] https://fedoraproject.org/wiki/OpenScanHub > > > -- > Siteshwar Vashisht >
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue