Re: Self introduction: David Carlos - Gsoc Student

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Welcome, David!!!!

On Mon, May 15, 2017 at 11:05:43PM +0200, Dridi Boukelmoune wrote:
> > The main ideia is to monitor repositories, and when a new package or
> > a new version of an existent package is released, we download the package source code,
> > and run several static analyzers on it. Each monitored distribution will be a kiskadee
> > plugin, that implements an interface that we will define.  The result of these
> > analyses, which is parsed using the Fedora Firehose project, will be
> > stored in a relational database (this idea has been discussed a while ago in the
> > devel mailing lists, by the guys in the Static Analysis SIG [2]). With this
> > database several analyses can be made, and by using several static analyzers we
> > want to find heuristics to identify false positives (this is not part of GSoC
> > though).
> 
> Having myself recently found a bug in zlib thanks to static analysis I
> was a bit surprised that such a critical library wouldn't get more
> "static" eyes on it.
> 
> > A similar tool exists in the Debian distribution, but it is way
> > dependent on their infrastructure, and one of our objetives is to keep kiskadee
> > simple, and extensible.
> 
> Naive question, but wouldn't it be interesting to piggyback on
> release-monitoring.org and fedmsg for the monitoring part? And start
> static analysis when notified of new upstream releases?

That is a great idea which we haven't considered yet. We will definitely
consider doing so (the idea is to have an extensible tool which we could
point to different software repositories). Thank you for the input!

I Cc'd the summer-coding mailing list here :)

-- 
Athos Ribeiro

http://www.ime.usp.br/~athoscr
_______________________________________________
summer-coding mailing list -- summer-coding@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to summer-coding-leave@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux