OWASP - User contributions [en]

Category:OWASP Source Code Review OWASP Projects Project

2008-12-12T16:09:59Z

Mdoylema: /* Process */

[[:Category:OWASP Project|Click here to return to OWASP Projects page.]] 
[[:Project Information:template Source Code Review OWASP Projects|Click here to see (& edit, if wanted) the template.]]
{{:Project Information:template Source Code Review OWASP Projects}}
[[Category:OWASP Project]]

== Summary ==

This project involving creating a process for integrating the Fortify Open Review Process into the OWASP project development lifecycle and working with Fortify to develop and test their new Open Review site at [http://owasp.fortify.com/ http://owasp.fortify.com/].

== Goals ==

The goals of this project were to:

# Create a process for integrating the Fortify Open Review into open source development, so that source code review can be a required step in OWASP development.
# Test functionality of the new Fortify Open Review site introduced in Summer 2008.
# Scan 10 OWASP projects with the Fortify Open Review to verify the site's functionality and establish a baseline.
# Scan 25 popular open source PHP projects to verify the site's ability to handle large scale projects and establish a baseline.

== Process ==
The workflow diagrams can be found in [https://www.owasp.org/index.php/Image:Workflow_July_11a.zip Workflow.zip]. Within the ZIP file, overview.pdf describes the relationships between the different parts of the workflow. The file start.pdf describes the first step of the workflow which verifies that the project is an OWASP project. If it is not then the project is added as a new OWASP project [[Image:Workflow_Draft1.pdf#file]]. Once the project is established as an OWASP project, it can be added by an OWASP administrator (contact the project mailing list below to contact an OWASP administrator) to the Fortify Open Review (reference createProject.pdf).

As described in the Fortify Open Review process, the Project Lead or Source Code Review Lead can choose between a continuous evaluation, where the project is checked out from its repository and the Open Review scan is updated on a weekly basis, or a one time analysis as part of their usual development process (see waterfall.pdf and iterative.pdf) after unit testing and prior to final system testing. The single analysis requires the evaluator to produce and upload a Fortify FPR scan file, which requires either that the evaluator uses their own copy of Fortify SCA or contacts an OWASP administrator via the project mailing list to request a scan. In order to track project progress over time, single analyses of major project versions will be maintained on the project web site so that software vulnerability metrics can be tracked. The continuous evaluation is automated, does not require the developer have a Fortify SCA license. There are additional open source static analysis tools that can be used as part of a project's development lifecycle on a regular basis, such as FindBugs (see findBugs.pdf) and OWASP Orizon.

Of course, once vulnerabilities are detected, they need to be either fixed or marked as false positives through the Fortify Open Review site interface. See the [http://www.lulu.com/content/1415989 OWASP Code Review Guide] for information on how to fix common vulnerabilities.

The purpose of this workflow is to integrate and automate SCA into the development cycle of open source applications for the sole purpose of decreasing software vulnerabilities. This effort can, and should, be supplemented by a manual code review as described in the OWASP Open Review Project.

== OWASP Projects Scanned ==

AntiSamy

CSRFGuard

CSRFTester

DirBuster

JBroFuzz

Lapse

Stinger

Webekci

WebGoat

WebScarab

Non-OWASP projects scanned in MediaWiki, WordPress, and many others. See [https://owasp.fortify.com/ owasp.fortify.com] for details.

== Get involved ==

We need OWASP project leaders to submit their projects for review. We will work with you to upload your project and review the findings, so that we can get each OWASP project to show zero defects.

Please go to https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects to subscribe to the list to contact us. You can post to the mailing list by emailing [mailto:owasp-scode-review-owasp-projects@lists.owasp.org].

== People ==

Project lead: [[User:Walden|James Walden]]

Contributors: Maureen Doyle, Grant Welch, Michael Whelan

Reviewers: Marco Morano, Alex Fry

[http://www.fortify.com Fortify Software] has generously made their Source Code Analyzer (SCA) technology available for use by open source projects at [http://owasp.fortify.com/ owasp.fortify.com].

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T21:13:48Z

Mdoylema: /* Process */ Ready for James

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T20:15:47Z

Mdoylema: /* Process */

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T20:13:55Z

Mdoylema: /* Process */

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T20:10:58Z

Mdoylema: /* Process */ Added workflow zip

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T05:06:32Z

Mdoylema: /* Process */ Added a bit more for James to review

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T04:52:58Z

Mdoylema: /* Process */

Category:OWASP Source Code Review OWASP Projects Project

2008-12-11T04:52:00Z

Mdoylema: /* Process */ -- Started process description

Project Information:template Source Code Review OWASP Projects

2008-07-11T22:20:29Z

Mdoylema:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''OWASP Source Code Review OWASP-Projects Project'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|The objectives of this project are: 1. Develop and document a workflow for open source projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select open source projects to create a baseline for comparing security amongst open source projects.
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
| style="width:14%; background:#cccccc" align="center"|Project Leader [mailto:dan@denimgroup.com '''Dan Cornell'''] SoC's Project Leader [mailto:waldenj1@nku.edu '''James Walden''']
| style="width:14%; background:#cccccc" align="center"|Project Contributors [mailto:jderry@owasp.org '''Justin Derry'''] 
[mailto:doylem3@nku.edu '''Maureen Doyle'''] 
[mailto:whelanm87@gmail.com '''Michael Whelan''']
| style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects '''Mailing List/Subscribe'''] [mailto:OWASP-SCode-Review-OWASP-Projects(at)lists.owasp.org '''Mailing List/Use''']
| style="width:14%; background:#cccccc" align="center"|First Reviewer [mailto:afry(at)strongcrypto.biz '''Alex Fry'''] [http://www.linkedin.com/in/alexanderfry Profile]
| style="width:14%; background:#cccccc" align="center"|Second Reviewer [mailto:marco.m.morana(at)gmail.com '''Marco M. Morana'''] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Marco M Morana Curriculum|Curriculum]]
| style="width:15%; background:#cccccc" align="center"|OWASP Board Member [mailto:name(at)name '''Name&Email''']
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''PROJECT MAIN LINKS'''
|-
| style="width:100%; background:#cccccc" align="center"|
* 7/11/08 - Updated workflow [[Image:Workflow_July_11a.zip]]
* replaced 7/11/08 - [[Image:Workflow_Draft1.pdf]]
* replaced 7/11/08 - [[Image:CreateProjectExample.pdf]]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''RELATED PROJECTS'''
|-
| style="width:100%; background:#cccccc" align="center"|
[https://opensource.fortify.com/teamserver/welcome.fhtml Fortify Code Review Application]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''SPONSORS & GUIDELINES'''
|-
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Source Code Review OWASP Projects|'''Sponsored Project/Guidelines/Roadmap''']]
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
|-
|}

Project Information:template Source Code Review OWASP Projects

2008-07-11T22:18:15Z

Mdoylema: Added workflow incorporating reviewer comments

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''OWASP Source Code Review OWASP-Projects Project'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|The objectives of this project are: 1. Develop and document a workflow for open source projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select open source projects to create a baseline for comparing security amongst open source projects.
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
| style="width:14%; background:#cccccc" align="center"|Project Leader [mailto:dan@denimgroup.com '''Dan Cornell'''] SoC's Project Leader [mailto:waldenj1@nku.edu '''James Walden''']
| style="width:14%; background:#cccccc" align="center"|Project Contributors [mailto:jderry@owasp.org '''Justin Derry'''] 
[mailto:doylem3@nku.edu '''Maureen Doyle'''] 
[mailto:whelanm87@gmail.com '''Michael Whelan''']
| style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects '''Mailing List/Subscribe'''] [mailto:OWASP-SCode-Review-OWASP-Projects(at)lists.owasp.org '''Mailing List/Use''']
| style="width:14%; background:#cccccc" align="center"|First Reviewer [mailto:afry(at)strongcrypto.biz '''Alex Fry'''] [http://www.linkedin.com/in/alexanderfry Profile]
| style="width:14%; background:#cccccc" align="center"|Second Reviewer [mailto:marco.m.morana(at)gmail.com '''Marco M. Morana'''] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Marco M Morana Curriculum|Curriculum]]
| style="width:15%; background:#cccccc" align="center"|OWASP Board Member [mailto:name(at)name '''Name&Email''']
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''PROJECT MAIN LINKS'''
|-
| style="width:100%; background:#cccccc" align="center"|
* 7/11/08 - Updated workflow [[Image:Workflow_July11a.zip]]
* replaced 7/11/08 - [[Image:Workflow_Draft1.pdf]]
* replaced 7/11/08 - [[Image:CreateProjectExample.pdf]]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''RELATED PROJECTS'''
|-
| style="width:100%; background:#cccccc" align="center"|
[https://opensource.fortify.com/teamserver/welcome.fhtml Fortify Code Review Application]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''SPONSORS & GUIDELINES'''
|-
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Source Code Review OWASP Projects|'''Sponsored Project/Guidelines/Roadmap''']]
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
|-
|}

Project Information:template Source Code Review OWASP Projects

2008-07-11T22:17:04Z

Mdoylema:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''OWASP Source Code Review OWASP-Projects Project'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|The objectives of this project are: 1. Develop and document a workflow for open source projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select open source projects to create a baseline for comparing security amongst open source projects.
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
| style="width:14%; background:#cccccc" align="center"|Project Leader [mailto:dan@denimgroup.com '''Dan Cornell'''] SoC's Project Leader [mailto:waldenj1@nku.edu '''James Walden''']
| style="width:14%; background:#cccccc" align="center"|Project Contributors [mailto:jderry@owasp.org '''Justin Derry'''] 
[mailto:doylem3@nku.edu '''Maureen Doyle'''] 
[mailto:whelanm87@gmail.com '''Michael Whelan''']
| style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects '''Mailing List/Subscribe'''] [mailto:OWASP-SCode-Review-OWASP-Projects(at)lists.owasp.org '''Mailing List/Use''']
| style="width:14%; background:#cccccc" align="center"|First Reviewer [mailto:afry(at)strongcrypto.biz '''Alex Fry'''] [http://www.linkedin.com/in/alexanderfry Profile]
| style="width:14%; background:#cccccc" align="center"|Second Reviewer [mailto:marco.m.morana(at)gmail.com '''Marco M. Morana'''] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Marco M Morana Curriculum|Curriculum]]
| style="width:15%; background:#cccccc" align="center"|OWASP Board Member [mailto:name(at)name '''Name&Email''']
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''PROJECT MAIN LINKS'''
|-
| style="width:100%; background:#cccccc" align="center"|
* 7/11/08 - Updated workflow [[Image:Workflow July11a.zip]]
* replaced 7/11/08 - [[Image:Workflow_Draft1.pdf]]
* replaced 7/11/08 - [[Image:CreateProjectExample.pdf]]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''RELATED PROJECTS'''
|-
| style="width:100%; background:#cccccc" align="center"|
[https://opensource.fortify.com/teamserver/welcome.fhtml Fortify Code Review Application]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''SPONSORS & GUIDELINES'''
|-
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Source Code Review OWASP Projects|'''Sponsored Project/Guidelines/Roadmap''']]
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- [[Project Information:template Source Code Review OWASP Projects 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Source Code Review OWASP Projects - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
|-
|}

File:Workflow July 11a.zip

2008-07-11T22:13:22Z

Mdoylema: Updated Workflow for OWASP Source Code Review for OWASP Projects (OWASP Summer of Code 2008)

Updated Workflow for OWASP Source Code Review for OWASP Projects (OWASP Summer of Code 2008)