Coverity SA-不包括加速，填充错误 [英] Coverity SA - excluding boost, stlport errors

问题描述

coverity SA发现的缺陷包括STLPort，Boost，Qt库的错误，在运行cov-build或cov-analyze时是否可以排除这些错误?

The defects discovered by coverity SA including errors of STLPort, Boost, Qt libs as well, Is there any way to exclude these errors while running cov-build or cov-analyze?

推荐答案

有几种方法可以排除这些库.

There are several ways to exclude these libraries.

在最高级别，您可以选择在构建或分析期间排除它们，然后它们在UI中将不会有任何结果，不幸的是，这也意味着您将无法完全了解自己的视图您自己的代码中存在错误，因为分析会对各种交互进行跨过程检查.

At the highest level, you can choose to exclude them during build or analysis and then there won't be any results for them in the UI, unfortunately that also means that you will not get as complete of a view of your own errors in your own code, since analysis does inter procedural examination of various interactions.

因此，您可以做一些更简单的事情.继续，分析所有代码，包括所有库等，然后在UI中设置组件，并在与第三方"源相对应的组件上创建权限，以便用户可以看到源代码(并可以导航到它)，但看不到缺陷.这样一来，开发人员就可以在UI中获得完整的信息，以对自己代码中的缺陷进行分类，而不会因无法控制的代码缺陷而分心.

So instead you can do something that's easier. Go ahead, analyze all of the code including all the libraries, etc. but then set up components in the UI and create permissions on the components corresponding to "third party" source such that the users can see the source code (and can navigate to it) but cannot see the defects. This allows complete information in the UI for developers triaging defects in their own code without being distracted by defects in code they don't have control over.

这篇关于Coverity SA-不包括加速，填充错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！