Hi Jody, All
Security is definitely part of it, but static analysis finds other
problems as well.. if you're familiar with FindBugs, same idea.
For what it's worth, I'm not sure I agree with the idea that security is
moot for desktop software. Proposed remedy: debate over beer. ;-)
Andrew
On 01/10/2013 08:56 PM, Jody Garnett wrote:
Interested to know more about what is being checked? Website indicates
security risks - a moot point for desktop software. I tend to use the
highly recommended FindBugs on the QA side of the street.
I think the next area we can use assistance on is transitioning the
codebase (as it is) and setting up a build box :-)
--
Jody Garnett
On Friday, 11 January 2013 at 2:55 AM, Andrew Ross wrote:
Hi uDig Community,
Happy New Year! I hope everyone is well.
A new member called Checkmarx just joined the Eclipse Foundation in
December and is interested in offering free static analysis scans to
Eclipse & LocationTech projects. Already they're working with Jetty and
making contact with some others. I was wondering if uDig might be
interested? If so, I'm glad to introduce one of the team to my contact
who's driving this at Checkmarx.
Cheers,
Andrew
_______________________________________________
User-friendly Desktop Internet GIS (uDig)
http://udig.refractions.net
http://lists.refractions.net/mailman/listinfo/udig-devel
