php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #72120 Analysis of PHP 7 source code by PVS-Studio static code analyzer
Submitted: 2016-04-28 14:21 UTC Modified: 2016-04-29 14:29 UTC
From: vasiliev at viva64 dot com Assigned: ab (profile)
Status: Closed Package: *General Issues
PHP Version: 7.0Git-2016-04-28 (Git) OS: Windows
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: vasiliev at viva64 dot com
New email:
PHP Version: OS:

 

 [2016-04-28 14:21 UTC] vasiliev at viva64 dot com 
Description:
------------
Development team of proprietary PVS-Studio C/C++/C# static analyzer presents their report on the source code of PHP 7 in the article, which contains the review of the most suspicious code fragments they discovered.

You can read article on the official site:
http://www.viva64.com/en/b/0392/

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-04-28 19:59 UTC] requinix@php.net
-Status: Open +Status: Spam
 [2016-04-29 08:21 UTC] requinix@php.net
-Summary: Analysis of PHP 7 source code by PVS-Studio static code analyzer +Summary: Hidden because of SPAM -Status: Spam +Status: Open
 [2016-04-29 08:22 UTC] requinix@php.net
-Summary: Hidden because of SPAM +Summary: Analysis of PHP 7 source code by PVS-Studio static code analyzer
 [2016-04-29 08:22 UTC] requinix@php.net 
Please don't report bugs using thinly veiled advertising.
 [2016-04-29 10:18 UTC] ab@php.net
-Status: Open +Status: Feedback
 [2016-04-29 10:18 UTC] ab@php.net 
@vasiliev, would the PVS-Studio be so kind giving some free licenses to the PHP project?

Thanks.
 [2016-04-29 10:55 UTC] vasiliev at viva64 dot com
-Status: Feedback +Status: Open
 [2016-04-29 10:55 UTC] vasiliev at viva64 dot com 
Please, contact us writing to support@viva64.com
 [2016-04-29 13:28 UTC] ab@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: ab
 [2016-04-29 13:28 UTC] ab@php.net 
@vasiliev, thanks, but that unlikely to happen. There was earlier some contact request from someone from viva64.com on the mailing list, offering some licenses in exchange for ads. It's unlikely some ads to be put on php.net, so no reason to contact the sales people. And it is kinda disappointing to see it's just a part of some product promoting story now :( 

A free license would faciliate continuous integration, a promotion story faciliates only your product. I slowly start to think that we should not support PVS-Studio in the build system, as no one can use it ATM as no one has a license :( Once I used it for PHP, it was an excellent experience. There was false positives, but also good catches.

The issues from the arcticle are now addressed in the latest commits by Dmitry, so closing this ticket.

Thanks.
 [2016-04-29 14:09 UTC] vasiliev at viva64 dot com 
Hey guys, thank you for the time you took to read the article.

Yes, we contacted you presenting our offer. Our idea was to have some kind of advertisement for us in exchange for a free key of our tool. It's sad that we couldn't reach a concord. We think that we should have a two-side cooperation.

If it's not possible to provide a chance for any mentioning of our company tool on your web-site, then there is probaby no interest for us to provide you with a free license.

If it's not possible to provide a chance for any mentioning our company tool on your web-site, then there is probaby no interest for us to provide you with a free license. That would be a little strange if we gave you something and got nothing in return, right?
 [2016-04-29 14:29 UTC] ab@php.net 
@vasiliev, thanks for the effort on these investiagions, anyway.

No advertisement on php.net is nothing against anyone, it is a project rule.

Some time ago I made an integration with our build system https://github.com/php/php-src/blob/master/win32/build/config.w32#L216 . PVS-Studio can be used directly when building PHP and extensions, can read configure --help. Is it nothing for you to be able to say PVS-Studio is integrated with PHP build system?

As mentioned, I personally used it for quite some time for PHP. And I still think it's a very useful tool. Now this integration seems useless for the most of the core devs. 

Thanks.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed May 01 19:01:31 2024 UTC