Please share with the community what you think needs improvement with Coverity.
What are its weaknesses? What would you like to see changed in a future version?
I would like to see integration with popular IDEs, such as Eclipse. If Coverity were available as a plugin then developers could use it to find security issues while they are coding because right now, as we are using Coverity, it is a reactive way of finding vulnerabilities. We need to find these kinds of problems during the coding phase, rather than waiting for the code to be analyzed after it is written.
The quality of the code needs improvement. They should develop a better code. The interface, efficiency, and the performance also need improvement as well as the languages that it offers. It should have more language options. The user interface is not user-friendly.
My personal opinion is that the webpage of the last version of Coverity is not very easy to use. They've made some unnecessary changes and now I can't see all the analysis results or my status from when we started using the solution up to now. Because we have many components on the integration field, it is sometimes hard to find files of one specific component because we use relative path. When I look at the components, they all look very similar. But that is just my personal opinion. I would also like to see a more user-friendly user interface and configuration. I can see the menu on the left but it's a little different from the other tools that I use, but this is perhaps only a personal thing.
* Ability to follow source file s-links into the target location for issuing assignments through GIT. Our current build environment uses symbolic links into the git repo and Coverity does not follow the link into the actual location of the source file to determine the git author. * Single API for all interactions. I am not a fan of using both SOAP and REST APIs and Coverity offers a mix of functionality depending on the interface used. I would greatly prefer a full REST API with improved documentation for all actions including issuing assignments, streaming, and project creation.
They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier.
* Reporting engine needs to be more robust. * Custom reporting is a must have. * Perhaps, the availability of connectors to popular open source BI tools, such as BIRT, JasperReports, or Pentaho may add value.