Comment on warnings in goals doc [ci skip]

author: Jack Lloyd <[email protected]> 2017-01-05 18:38:17 -0500
committer: Jack Lloyd <[email protected]> 2017-01-05 18:38:17 -0500
commit: 1df7574b3715848ead3ba349069a9f57ba9ac5df (patch)
tree: c26234e6511d1ace6e271224ed04e86e6dbe4acb /doc/manual
parent: 3eb6b8147e982d43d3ee1c5d69769222b031e835 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/doc/manual/goals.rst b/doc/manual/goals.rst
index 710324ece..cf5522904 100644
--- a/doc/manual/goals.rst
+++ b/doc/manual/goals.rst
@@ -33,8 +33,10 @@ the desired end result. Over time further progress is made in each.
 
 * Well tested. The code should be correct against the spec, with as close to
   100% test coverage as possible. All available static and dynamic analysis
-  tools at our disposal should be used, including fuzzers and specialized attack
-  tools for common protocols.
+  tools at our disposal should be used, including fuzzers, symbolic execution,
+  and protocol specific tools. Within reason, all warnings from compilers and
+  static analyzers should be addressed, even if they seem like false positives,
+  because that maximizes the signal value of new warnings from the tool.
 
 * Safe defaults. Policies should aim to be highly restrictive by default, and if
   they must be made less restrictive by certain applications, it should be
author	Jack Lloyd <[email protected]>	2017-01-05 18:38:17 -0500
committer	Jack Lloyd <[email protected]>	2017-01-05 18:38:17 -0500
commit	1df7574b3715848ead3ba349069a9f57ba9ac5df (patch)
tree	c26234e6511d1ace6e271224ed04e86e6dbe4acb /doc/manual
parent	3eb6b8147e982d43d3ee1c5d69769222b031e835 (diff)