This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Project Information:template Teachable Static Analysis Workbench - Final Review - Second Reviewer - F

From OWASP
Jump to: navigation, search

Clik here to return to the previous page.

FINAL REVIEW
PART I

Project Deliveries & Objectives

OWASP Teachable Static Analysis Workbench Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

Input Validation functionality is present and complete.

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

100% completion of promised deliverables and functionality

3. Please do use the right hand side column to provide advice and make work suggestions.

Install guide is great. Very easy to use and installation took <10 minutes!

Consider create a "getting Started" section on the ProjectOverview page and include the install guide and user guide links here.

Within the UsersGuide, include a link to download the project you are using for the examples.

To help distinguish the output of TeSA from the findbugs results prepend all TeSA findings with "TeSA". This will help identify what TeSA is doing that findbugs was not able to do.

I'd recommend creating some documentation and perhaps example code which illustrates what TeSA can do that existing tools, such as findbugs, cannot. Since this is a new tool it is important to "sell" it to a new user. Why should they use this tool instead of others, what benefits and capabilities does TeSA have that other tools don't.

PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

None

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

None

3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

Publicly accessible bug tracking system established

Be run through Fortify Software's open source review (if appropriate) and FindBugs.

Reviewed by OWASP Board Member

4. Please do use the right hand side column to provide advice and make work suggestions.

No additional comments. All thoughts addressed above.