It seems Coverity scan java open source projects now on request: http://scan.coverity.com/devfaq.html I'm wondering whether this would give us anything significantly beyond the Findbugs/PMD static code analysis run by Alan Berg and team. Should we sign up Sakai for this? Cheers Stephen