Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 13 Sep 2012 15:44:48 -0400 (EDT)
From: "Robert B. Harris" <rs904c@...scape.net>
To: john-dev@...ts.openwall.com
Subject: Static analysis of John using Coverity


Alex and developers,

What do you think about taking advantage of the free (since we are Open source) static analysis of John using Coverity software?  This software seems to have a pretty good reputation.  It appears that Alex or someone he designates, would submit the source code to their website below, and they would generate a report that could be view by again, the people Alex designates.

See below

http://scan.coverity.com/developers-faq.html

How do I get my project included in the Scan?


The following definitions are Coverity's guideline for including projects in the Scan.
Project licenses must meet the criteria described by the Open Source Initiative. 
Projects initiated and maintained by registered nonprofit organizations (any nationality), individuals, or groups with no associated corporation are automatically eligible.
Projects initiated and maintained by for-profit corporations, or with licenses outside the OSI guidelines, or with licenses within the OSI guidelines, but which are conditional to different audiences, are included at Coverity's discretion.
If your project is already listed on the website and you have a user account, click the Sign In link beside the project name, sign in and review the information there. If you need an account, please have the official contact for your project request an account be created for you.
If you are Coverity's first contact with the project, the first step in getting your project online is to select the project's official contacts. Discuss this within the project by irc, mailing-lists, or other intra-project communication methods. Identify the project's official contacts who will represent the project to Coverity.
If your project is not already listed on the site, review the comments about project requirements in this FAQ and follow the guidelines defined on Getting Started with Coveriy Scan.

My project is already in the Scan, how do I get an account?
If you are not a registered user of Scan and would like to be added, you can either contact the project owner or send an email request to scan-admin@...erity.com.

Does the project or do project members have to sign an NDA?
For the current Scan Site, signed, paper NDAs are not required. Signed paper NDAs may be included as part of a process for projects receive access to advanced features or additional tools.
Project members signing up are required to accept a click-through license.
The click-through license is designed to not conflict with employees' obligations to their employers or make any promise on behalf of their employers. We understand the problems that could cause for individuals.
Additional web site automation is being implemented, to allow the license to actually behave as a 'click-through'. While the current text includes a 'Coverity may update this' clause, it is our intention to remove this clause when click-through functionality is in place.

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.