Slashdot Mirror

← Back to Stories (view on slashdot.org)

Java Open Review Project

Posted by ryuzaki0 on from the many-eyeballs dept.

bvc writes "We Launched the Java Open Review Project today. We're reviewing open source Java code all the way from Tomcat down to PetStore looking for bugs and security vulnerabilities. We're using two static analysis tools to do the heavy lifting: the open source tool FindBugs, and the commercial tool Fortify SCA. We can use plenty of human eyes to help sort through the results. We're also soliciting ideas for which projects we should be reviewing next. Please help!"

1 of 50 comments (clear)

  1. Why so broad? by kevin_conaway · · Score: 2, Interesting

    Why so many projects?

    Why not pick one or two and really run them through the wringer? Most of the heavily used projects like Tomcat have already been viewed by thousands of eyes so a cursory overview probably won't be worth the time

    Anyways, good luck