Using coverity scan to find issues on ManageIQ

My name is Eyal and I’m from the CI group which handles all the automation and CI infrastructure for oVirt.

We have been successfully using for the past few years to run static code analysis and helped find various security and code issues in oVirt.

The service is given for free for OSS projects.

I was wondering if ManageIQ considered using it as well, and if so, who will be the best person to talk to about adding it?

What kind of code issues are you suggesting that coverity might help finding, given that MiQ is in Ruby on Rails (dynamic language + a web framework with very specific rules) , and the project is also spread across many repos? (which don’t really live as standalone projects that can be ran autonomously)