The scanning doesn't really seem to be fully integrated into the SSC platform. It is kind of taking a bunch of different scanners, and SSC is just kind of managing the results. Based on the things that I've done, it could also be a bit more automated. It needs to be more simple." "It could have a little bit more streamlined installation procedure. "I would like to see improvement in CI integration and integration with GitLab or Jenkins. If they decrease the executable, it will be much easier to work in an environment like Docker." "Coverity is not stable." If they can reduce it to approximately 600 or 700MB, that would be great. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better." "Right now, the Coverity executable is around 1.2GB to download. It doesn't seem to be reporting while we are changing our code." "The solution is a bit complex to use in comparison to other products that have many plugins." "Coverity could improve the ease of use. We need exactly what we are looking for, i.e. The solution could be improved by providing a SBOM, a software bill of material." "The solution could use more rules." "The level of vulnerability that this solution covers could be improved compared to other open source tools." "Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. "When I put my code into Coverity for scanning, the code information of the product is in the system.
0 Comments
Leave a Reply. |