Hi Kostiantyn,
The Coverity tool for TF-M is not fully configured and the work is in progress in tf.org. The current configuration you can find here: https://git.trustedfirmware.org/ci/tf-m-ci-scripts.git/tree/coverity
Being incomplete, the scan results are not used or published. Anyway, the output is on Coverity site https://scan.coverity.com/ under “Trusted Firmware-M” project. It will require a sign-up and authorization.
Hope it helps, Anton
From: Kostiantyn.Tkachov--- via TF-M tf-m@lists.trustedfirmware.org Sent: Thursday, February 17, 2022 11:17 PM To: tf-m@lists.trustedfirmware.org Cc: Roman.Mazurak@infineon.com Subject: [TF-M] TF-M covertly results and configs to align our coverity environment to TF-M project CI
Hi colleagues!
Could we get a list of MISRA/CERT-C violations that were found by tf-m Coverity CI, as example from https://ci.trustedfirmware.org/job/tf-m-coverity/lastSuccessfulBuild/
Also (if it possible), could you provide Coverity configs to help align this tool setup on our side to CI and to check all changes before any pool requests?
Best regards, Kostiantyn Tkachov
Cypress Semiconductor Ukraine Firmware Security