[Geany-Devel] using Coverity to audit the code base
Colomban Wendling
lists.ban at xxxxx
Thu Feb 26 18:18:55 UTC 2015
Hey,
Le 12/02/2015 22:21, Liviu Andronic a écrit :
> Dear all,
> Recently I've discovered Coverity, a code checking tool, and went
> ahead and submitted the Geany code for static analysis by this
> service:
> https://scan.coverity.com/projects/1388
Quoting Coverity's Scan User Agreement:
"You will not publish any findings regarding or resulting from use of
the Service or the Software;"
IANAL, but this looks like we couldn't discuss an issue it found on e.g.
this mailing list. And your report about what it did find in Geany's
code is already a violation of that agreement.
More, just for the fun:
"“Confidential Information” means: […] (d) any results of operation from
use of the Software or the Service;"
"Without limiting the generality of the foregoing, You agree that You
will not post […] the results of the Service […] on any network that is
accessible by anyone."
And this is the Scan User Agreement, I couldn't even find the Scan Terms
of Use (at least not without trying to actually register myself).
So… really?
Regards,
Colomban
PS: Of course one will tell me that "in practice" they won't come after
us for discussing a fix, but if it really is against the UA I'd rather
not try and see what happens.
More information about the Devel
mailing list