Hello, let me give a quick overview for openSUSE Factory, which is also the base for openSUSE distribution releases. The devel-projects (where packages for Factory are made) and other projects in the buildservice don't have all the checks mentioned below. Note that I'm "just" a packager, so I probably don't know all details. I assume you are familiar enough with openSUSE (or can use google) to understand some abbreviations we typically use - if not, just ask ;-) You might also want to read https://en.opensuse.org/Portal:Factory Am Dienstag, 24. Februar 2015 schrieb Radjino Bholanath:

I'm doing research on code reviews and static analysis tools at the SERG group (http://swerl.tudelft.nl/bin/view/Main/WebHome) of the Delft University of Technology. Currently, we want to give an overview of the usage of code review and static analysis tools in open source projects. Therefore, I would be very happy to know a little bit more about how code reviews are used in OpenSUSE and if (and maybe how) static analysis tools are used. I have a couple of questions for anyone willing to answer:

1. Do all developers (contributors and core developers) have to submit a code review for every change? I’m asking because many projects only review changes made by contributors.

All submissions to Factory - are reviewed by humans (probably only specfile changes, patches etc, but not the upstream tarball) - are reviewed by bots, for example to check if patches are mentioned in the changelog etc. - best check some submit requests to see all details. These bots can also add more humans for review, for example if the license tag is changed. - must pass several rpmlint checks (see the rpmlint package or some build logs), which can be warnings or errors - must pass a staging project build, which means not breaking any other package - the staging projects also must pass several tests in openQA - (did I miss anything?)

2. Which code review tools are used?

Lots of tools around OBS, including various osc plugins. And of course our most important tool is Coolo ;-) [1]

3. Are static analyzers used? If they are used: a. Is passing the checks of the static analyzers necessary for a change to be accepted? b. Which static analyzers are used?

Does rpmlint count as static analyzer? ;-) While you didn't explicitely ask for it, let me also give a quick overview about AppArmor development, which is one of the packages I maintain and also contribute upstream: 1) all patches must get a review before commiting to bzr 2) patches posted to the mailinglist - not really a "tool", but it works ;-) 3) pyflakes for the python tools (aa-logprof etc.), automated tests for various parts of the code - see the "check" Makefile targets for details. Regards, Christian Boltz [1] in case you are new to openSUSE: Coolo is our release manager ;-) (and there are some more people who share the work) -- I've asked Miklos for his take on this patch. It could be that I'll get laughed out of the room. It at least works, though. [Jeff Mahoney in https://bugzilla.novell.com/728774#c67] -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org