[Geany-Devel] using Coverity to audit the code base

[Liviu Andronic]

Hi Colomban,

On Thu, Feb 26, 2015 at 10:55 PM, Colomban Wendling
<lists.ban at herbesfolles.org> wrote:
> Le 26/02/2015 19:18, Colomban Wendling a écrit :
>> […]
>>
>> Quoting Coverity's Scan User Agreement:
>>
>> "You will not publish any findings regarding or resulting from use of
>> the Service or the Software;"
>>
>> IANAL, but this looks like we couldn't discuss an issue it found on e.g.
>> this mailing list.
>
> OK, someone gave me the argument "well but it's just to avoid security
> vulnerability disclosure", but even if it was true (the UA really isn't
> specific on this), as the UA is written I don't think we could *ever*
> talk about *anything* we see there.  Not even days after an actual bugs
> was found, nor ever -- which in addition of being silly disallows
> discussion on how not to reproduce it in the future.
>
Nice catch.  I sent a request for clarification to the Scanner admins.


>> […]
>>
>> And this is the Scan User Agreement, I couldn't even find the Scan Terms
>> of Use (at least not without trying to actually register myself).
>
> Hum, I tried to register with my GitHub account just to see if I'd get a
> link to these mythical Scan Terms of Use during the process, and… I
> didn't have to accept *anything*, no nothing, like click and boom
> "you're registered".  So apparently now I do have an account there --
> but I still can't find these Scan Term of Use.
>
I guess you're looking for this:
http://www.coverity.com/terms-of-use/

They seem broad enough to cover the Scanner, too.

Liviu


> Colomban
> _______________________________________________
> Devel mailing list
> Devel at lists.geany.org
> https://lists.geany.org/cgi-bin/mailman/listinfo/devel



-- 
Do you think you know what math is?
http://www.ideasroadshow.com/issues/ian-stewart-2013-08-02
Or what it means to be intelligent?
http://www.ideasroadshow.com/issues/john-duncan-2013-08-30
Think again:
http://www.ideasroadshow.com/library