...
The purpose of the ONAPÂ static code scanning is perform static code scans of the code as it is introduced into the ONAP repositories looking for vulnerabilities.
3.2 Approaches
The ONAP sub-committee is converging on that coverity is a suitable choice for the static code scans.
The discussion now is how to include this in the git/gerrit code contribution process.Describe the approaches here
3.3 Recommendation
Capture the recommendation here
...