Coverity Review

It gives advice and training on how to resolve the most common quality issues, but the REST implementation is sub-par


What is our primary use case?

  • Raising the level of code quality, security, and robustness in the codebase
  • Tracking and addressing code quality issues.

How has it helped my organization?

Coverity provides developers with a good, best practice, coding advice, and tracks risks of poor coding quality. Coverity reports have urged developers to improve the quality of their code.

What is most valuable?

  • I like that it gives advice and training on how to resolve the most common quality issues. 
  • Links to more details on each issue and the background and risks.

What needs improvement?

  • Ability to follow source file s-links into the target location for issuing assignments through GIT.  Our current build environment uses symbolic links into the git repo and Coverity does not follow the link into the actual location of the source file to determine the git author.
  • Single API for all interactions. I am not a fan of using both SOAP and REST APIs and Coverity offers a mix of functionality depending on the interface used. I would greatly prefer a full REST API with improved documentation for all actions including issuing assignments, streaming, and project creation. 

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest