Hello everyone! I am vasramc, and I would be participating in this year's Google Summer Of Code program with the project: Continuous static analysis db This project proposes the design and implementation of a system to continuously run multiple security oriented static analyzers on source code and display the alarms related to a specific version of the analyzed software. The alarms to be presented will be ranked based on their importance, where critical flaws shall be ranked first and potential false positives are ranked last. We will develop a tool to perform continuous static analysis with different static analyzers and propose a warning classification method using their outputs. We will also propose a visualization approach for the information generated with our tool. I chose this project because this is something that can be of great help to Fedora if completed successfully. The large amount of code that Fedora ships can be tested with the static analyzers to make sure that it is not faulty. Static analysis can provide very detailed analysis about our code and alert us to bugs in the system before we ship it. Apart from the bugs, it can also alert us to warnings(red flags) in the code that the static analyzers throw. This bundled with a web UI to show the present and past results of the static analysis on a particular software can be used to improve the quality of code that Fedora ships. Hoping to have a great summer! Thank you! _______________________________________________ summer-coding mailing list -- summer-coding@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to summer-coding-leave@xxxxxxxxxxxxxxxxxxxxxxx
