Coverity Scan is a static analysis tool.
Currently we are running Coverity Scan by hand on Triquetrum on a non-Eclipse Foundation machine.
- Coverity Scan output for Triquetrum (probably need to request access or email Christopher)
Hudson FindBugs vs Coverity Scan FindBugs
Oddly, Hudson (https://hudson.eclipse.org/triquetrum/job/triquetrum/findbugs) reports 70 FindBugs issues where as Coverity is only reporting 16 FindBugs issues. The difference is that Coverity Scan is reporting issues for the code that is compiled with "mvn verify".
How to update
The Triquetrum project settings on the Coverity Scan site has a code that is used for the update. The code is put into $HOME/.coverityTriqToken.
Below is the script that is used for the update with the code removed.
Hudson, Jenkins, Coverity Scan Notes
Note that the Hudson and Jenkins Coverity Plug-ins do not work with Coverity Scan. Those plugins are for use with the Coverity Integrity Manager Instances, which are not available as part of Coverity Scan for OSS.
To invoke Coverity Scan on the Eclipse Hudson Instances, we would need to
- Have the Coverity tools installed, see https://scan.coverity.com/download?tab=java, which probably requires a free account.
- Know where those tools are
- Be able to invoke a shell script such as the above script
- Bug 488602 - Add Coverity Scan Plugin to Triquetrum Hudson HIPP
- https://scan.coverity.com/faq#eclipse - out of date instructions for Eclipse projects.
- https://scan.coverity.com/travis_ci - Not sure how up to date it is.