Dear git developer team,X41 is processing the current RfP and some questions came up regarding the improvement / integration of Coverity Scans for git and the estimation of the required work:
- Was there a special purpose for the Coverity integration (e.g. custom queries for variant analysis or regression testing?) or did you try to integrate it as a best practice / general security hygiene tool? - Could you tell us more about the amount and types of false positives and problems you've faced trying to eliminate them? This will help us to understand the expectations / requirements for a successful integration of Coverity.
- Could we get access to a sample of the scan results? Many Thanks Markus -- Markus Vervier (Managing Director) X41 D-Sec GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 Geschäftsführer: Markus Vervier
Attachment:
OpenPGP_0x5C5642C317AD0166.asc
Description: OpenPGP public key