The following definitions are Coverity's guideline for including projects in the Scan.
Project licenses must meet the criteria described by the Open Source Initiative.
Projects initiated and maintained by registered nonprofit organizations (any nationality), individuals, or groups with no associated corporation are automatically eligible.
Projects initiated and maintained by for-profit corporations, or with licenses outside the OSI guidelines, or with licenses within the OSI guidelines, but which are conditional to different audiences, are included at Coverity's discretion.
If your project is already listed on the website and you have a user account, click the Sign In link beside the project name, sign in and review the information there. If you need an account, please have the official contact for your project request an account be created for you.
If you are Coverity's first contact with the project, the first step in getting your project online is to select the project's official contacts. Discuss this within the project by irc, mailing-lists, or other intra-project communication methods. Identify the project's official contacts who will represent the project to Coverity.
If your project is not already listed on the site, review the comments about project requirements in this FAQ and send email with requested information to scan-admin@coverity.com.
Locate your project on the Full List of the Scan ladder. Account requests must be approved by the project's official contacts.
For the current Scan Site, signed, paper NDAs are not required. Signed paper NDAs may be included as part of a process for projects receive access to advanced features or additional tools.
Project members signing up are required to accept a click-through license.
The click-through license is designed to not conflict with employees' obligations to their employers or make any promise on behalf of their employers. We understand the problems that could cause for individuals.
Additional web site automation is being implemented, to allow the license to actually behave as a 'click-through'. While the current text includes a 'Coverity may update this' clause, it is our intention to remove this clause when click-through functionality is in place.
We've started a transition from the old Scan Ladder to the new Ranking system, please be patient, as we are migrating Terabytes of data to new defect management system.
Once the migration to the new Ranking system is complete, there will be no rungs. All projects will receive all of their results immediately. The latest user interface provides information about the impact level of each defect, so projects receive the full result set instead of only a portion.
This allows Coverity to eliminate the upgrade bottleneck which was too often experienced by projects that were working hard to progress up the old Scan Ladder, but ended up waiting on Coverity to perform upgrades.
Projects have asked how to detect being built by Scan in order to enable conditional code (i.e. ifdefs). When your code is compiling under Scan, __COVERITY__ is defined. Any code included within #ifdef __COVERITY__ will be included only when being built by us. If you think you need to use it for your build, please contact scan-admin@coverity.com with any questions.
Brought to you by 
