Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: for the plan.

Jump to: navigation, search

Triquetrum/Coverity Scan


Coverity Scan is a static analysis tool.

Currently we are running Coverity Scan by hand on Triquetrum on a non-Eclipse Foundation machine.

Hudson FindBugs vs Coverity Scan FindBugs

Oddly, Hudson ( reports 70 FindBugs issues where as Coverity is only reporting 16 FindBugs issues. The difference is that Coverity Scan is reporting issues for the code that is compiled with "mvn verify".

How to update

The Triquetrum project settings on the Coverity Scan site has a code that is used for the update. The code is put into $HOME/.coverityTriqToken.

Below is the script that is used for the update with the code removed.

# Upload stats to coverity.                                                                                                                 

if [ ! -f $TRIQ_TOKEN_FILE ]; then
    echo "$0: Exiting. The Coverity Triquetrum Token file is not present."
    exit 2

cd $HOME/src/triquetrum/triquetrum

rm -rf reports/cov-int
mkdir -p reports/cov-int

mvn clean

# Use --fs-capture-search so that we get JavaScript and Java.  See                             
$HOME/src/cov-analysis-linux64/bin/cov-build --dir reports/cov-int --fs-capture-search ./ mvn verify

(cd reports; tar czvf myproject.tgz cov-int)

VERSION="Triquetrum0.0.1`date +%Y%M%d`"

curl --form token=`cat $TRIQ_TOKEN_FILE` \
  --form \
  --form file=@reports/myproject.tgz \
  --form version="$VERSION" \
  --form description="nightly" \

Hudson, Jenkins, Coverity Scan Notes

Note that the Hudson and Jenkins Coverity Plug-ins do not work with Coverity Scan. Those plugins are for use with the Coverity Integrity Manager Instances, which are not available as part of Coverity Scan for OSS.

To invoke Coverity Scan on the Eclipse Hudson Instances, we would need to

  1. Have the Coverity tools installed, see, which probably requires a free account.
  2. Know where those tools are
  3. Be able to invoke a shell script such as the above script

See Also

Back to the top