Boost :

Date view	Thread view	Subject view	Author view

Subject: Re: [boost] Coverity Static Code Analysis
From: vicente.botet (vicente.botet_at_[hidden])
Date: 2009-02-04 07:40:22

Next message: klaus triendl: "[boost] [mpl] holder class for types with external linkage (similar to integral contants)"
Previous message: Paul A. Bristow: "Re: [boost] [time series] What happened to this library?"
In reply to: Gennaro Prota: "Re: [boost] Coverity Static Code Analysis"
Next in thread: Mathias Gaunard: "Re: [boost] Coverity Static Code Analysis"

----- Original Message -----
From: "Gennaro Prota" <gennaro.prota_at_[hidden]>
To: <boost_at_[hidden]>
Sent: Wednesday, February 04, 2009 10:38 AM
Subject: Re: [boost] Coverity Static Code Analysis

> Michael Fawcett wrote:
>> On Tue, Feb 3, 2009 at 5:15 PM, Gennaro Prota
>> <gennaro.prota_at_[hidden]> wrote:
>>> Because there's already enough nonsense to show off on the
>>> site's corners? :-)
>>
>> Do you mean Coverity's or Boost's site?
>
> Boost ("most expertly designed in the world", etc.)

> It may well be that adding a "Coverity certified" or anything
> like that to the Boost home page will convince more people to
> "buy"; it's likely in fact (I hate to say it, but a lot of the
> people who gravitate around OSS are amateurs, and are easily
> excited). Personally, I still dream of a world were software
> quality is quality, not labels or marks.

What matters is not the "Coverity certified" but if the warnings signaled let you see you see a hidden bug.

> FWIW, nobody in Boost
> does anything about unnamed namespaces in include files, for
> instance. In fact, nobody looks at the inspection report (it
> would have been the quickest way to notice the new CMake files
> :-)).

Well currently the inspection is much more for the form than the contents, so I understand that people is not interested.
I look at on each release it.
IMO tools such as coverity can be seen as test tools.

> Most (all?) of Boost relies on Boost Testing, which is one
> of the most complex sub-libraries, and one where I've seen some
> of the worst engineering practices applied. The "new"
> lexical_cast is a close friend, and there are simply authors who
> don't know where the house of simplicity is (looking at the
> source code of one of the tools I found boost::tuple used
> --which in turn meant type_traits, which in turn meant mpl,
> lambda and God knows what-- when std::pair would just do). I
> could continue for hours, really (but please don't ask). At the
> end of the day, nobody is going to complain to anyone, because
> everything is "volunteer contribution". That may be humanly
> understandable, but don't expect to have quality in this kind of
> ecosystem ("patches are welcome", "if you notice anything wrong
> you can fix it" are easy escapes:

Hi,

what about sending your std::pair patch for lexical_cats if you think that this can improve things?

Best,
Vicente

Next message: klaus triendl: "[boost] [mpl] holder class for types with external linkage (similar to integral contants)"
Previous message: Paul A. Bristow: "Re: [boost] [time series] What happened to this library?"
In reply to: Gennaro Prota: "Re: [boost] Coverity Static Code Analysis"
Next in thread: Mathias Gaunard: "Re: [boost] Coverity Static Code Analysis"

Date view	Thread view	Subject view	Author view

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk