diff options
author | Jack Lloyd <[email protected]> | 2017-01-05 18:38:17 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-01-05 18:38:17 -0500 |
commit | 1df7574b3715848ead3ba349069a9f57ba9ac5df (patch) | |
tree | c26234e6511d1ace6e271224ed04e86e6dbe4acb /doc | |
parent | 3eb6b8147e982d43d3ee1c5d69769222b031e835 (diff) |
Comment on warnings in goals doc [ci skip]
Diffstat (limited to 'doc')
-rw-r--r-- | doc/manual/goals.rst | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/doc/manual/goals.rst b/doc/manual/goals.rst index 710324ece..cf5522904 100644 --- a/doc/manual/goals.rst +++ b/doc/manual/goals.rst @@ -33,8 +33,10 @@ the desired end result. Over time further progress is made in each. * Well tested. The code should be correct against the spec, with as close to 100% test coverage as possible. All available static and dynamic analysis - tools at our disposal should be used, including fuzzers and specialized attack - tools for common protocols. + tools at our disposal should be used, including fuzzers, symbolic execution, + and protocol specific tools. Within reason, all warnings from compilers and + static analyzers should be addressed, even if they seem like false positives, + because that maximizes the signal value of new warnings from the tool. * Safe defaults. Policies should aim to be highly restrictive by default, and if they must be made less restrictive by certain applications, it should be |