----- Original Message ----- From: "Gennaro Prota" <gennaro.prota@yahoo.com> To: <boost@lists.boost.org> Sent: Wednesday, February 04, 2009 10:38 AM Subject: Re: [boost] Coverity Static Code Analysis
Michael Fawcett wrote:
On Tue, Feb 3, 2009 at 5:15 PM, Gennaro Prota <gennaro.prota@yahoo.com> wrote:
Because there's already enough nonsense to show off on the site's corners? :-)
Do you mean Coverity's or Boost's site?
Boost ("most expertly designed in the world", etc.)
It may well be that adding a "Coverity certified" or anything like that to the Boost home page will convince more people to "buy"; it's likely in fact (I hate to say it, but a lot of the people who gravitate around OSS are amateurs, and are easily excited). Personally, I still dream of a world were software quality is quality, not labels or marks.
What matters is not the "Coverity certified" but if the warnings signaled let you see you see a hidden bug.
FWIW, nobody in Boost does anything about unnamed namespaces in include files, for instance. In fact, nobody looks at the inspection report (it would have been the quickest way to notice the new CMake files :-)).
Well currently the inspection is much more for the form than the contents, so I understand that people is not interested. I look at on each release it. IMO tools such as coverity can be seen as test tools.
Most (all?) of Boost relies on Boost Testing, which is one of the most complex sub-libraries, and one where I've seen some of the worst engineering practices applied. The "new" lexical_cast is a close friend, and there are simply authors who don't know where the house of simplicity is (looking at the source code of one of the tools I found boost::tuple used --which in turn meant type_traits, which in turn meant mpl, lambda and God knows what-- when std::pair would just do). I could continue for hours, really (but please don't ask). At the end of the day, nobody is going to complain to anyone, because everything is "volunteer contribution". That may be humanly understandable, but don't expect to have quality in this kind of ecosystem ("patches are welcome", "if you notice anything wrong you can fix it" are easy escapes:
Hi, what about sending your std::pair patch for lexical_cats if you think that this can improve things? Best, Vicente