Hi,
We've received a batch of 10 issues from, I quote, "Varangian is a bot
which uses Augmented Static Analysis to automatically create issues for
bugs in the latest commit. More information:
https://github.com/AICoE/Varangian <https://github.com/AICoE/Varangian>"
Look at the top of
https://gitlab.com/libtiff/libtiff/-/issues?scope=all&state=all if
you're interested.
My initial look at that is that it is far from being obvious that they
are actual flows (I've closed about half of them as I estimated them as
false positives, and feel the other half should receive the same
treatment), and they are at best in the hypothetical issues until
someone actually comes with a reproducer demonstrating that they can
happen in practice, and we have already enough of confirmed issues in
the last category that we can't already cope with.
I'm not sure if we want to welcoime other batches of such reports (since
apparently they plan to submit others), as our funded or volunteer time
is limited.
Even
--
http://www.spatialys.com
My software is free, but my time generally not.
_______________________________________________
Tiff mailing list
[email protected]
https://lists.osgeo.org/mailman/listinfo/tiff
