Skip to content

Commit

Permalink
doc: add info on project's usage of coverity
Browse files Browse the repository at this point in the history
Document project's used of coverity and how
collaborators can get access.

Signed-off-by: Michael Dawson <mdawson@devrus.com>

PR-URL: #40506
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
  • Loading branch information
mhdawson authored and targos committed Nov 6, 2021
1 parent d81b65c commit 46ec5ac
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 0 deletions.
3 changes: 3 additions & 0 deletions doc/guides/offboarding.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,6 @@ emeritus or leaves the project.
a team listing. For example, if someone is removed from @nodejs/build,
they should also be removed from the Build WG README.md file in the
<https://github.com/nodejs/build> repository.
* Open an issue in the [build](https://github.com/nodejs/build) repository
titled `Remove Collaborator from Coverity` asking that the collaborator
be removed from the Node.js coverity project if they had access.
16 changes: 16 additions & 0 deletions doc/guides/static-analysis.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Static Analysis

The project uses Coverity to scan Node.js source code and to report potential
issues in the C/C++ code base.

Those who have been added to the Node.js coverity project can receive emails
when there are new issues reported as well as view all current issues
through [https://scan9.coverity.com/reports.htm](https://scan9.coverity.com/reports.htm).

Any collaborator can ask to be added to the Node.js coverity project
by opening an issue in the [build](https://github.com/nodejs/build) repository
titled `Please add me to coverity`. A member of the build WG with admin
access will verify that the requestor is an existing collaborator as listed in
the [colloborators section](https://github.com/nodejs/node#collaborators)
on the nodejs/node project repo. Once validated the requestor will added
to to the coverity project.
3 changes: 3 additions & 0 deletions onboarding.md
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,8 @@ needs to be pointed out separately during the onboarding.
project. The Foundation has travel funds to cover participants' expenses
including accommodations, transportation, visa fees, etc. if needed. Check out
the [summit](https://github.com/nodejs/summit) repository for details.
* If you are interested in helping to fix coverity reports consider requesting
access to the projects coverity project as outlined in [static-analysis][].

[Code of Conduct]: https://github.com/nodejs/admin/blob/HEAD/CODE_OF_CONDUCT.md
[Labels]: doc/guides/collaborator-guide.md#labels
Expand All @@ -259,6 +261,7 @@ needs to be pointed out separately during the onboarding.
[`git-node`]: https://github.com/nodejs/node-core-utils/blob/HEAD/docs/git-node.md
[`node-core-utils`]: https://github.com/nodejs/node-core-utils
[set up the credentials]: https://github.com/nodejs/node-core-utils#setting-up-github-credentials
[static-analysis]: doc/guides/static-analysis.md
[two-factor authentication]: https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
[using a TOTP mobile app]: https://help.github.com/articles/configuring-two-factor-authentication-via-a-totp-mobile-app/
[who-to-cc]: doc/guides/collaborator-guide.md#who-to-cc-in-the-issue-tracker

0 comments on commit 46ec5ac

Please sign in to comment.