This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "QA wikiupdates"
(Created page with "=Quality Approach Updates=") |
|||
| Line 1: | Line 1: | ||
=Quality Approach Updates= | =Quality Approach Updates= | ||
| + | ==12 June 2014== | ||
| + | These has been the activities and progress regarding the QA project as described in here: | ||
| + | https://www.owasp.org/index.php/Proposal_Project_Review_QA_Approach | ||
| + | |||
| + | ===JIRA Account configured for Candidate Flagship projects=== | ||
| + | Setup Projects in JIRA(done): | ||
| + | *OWASP AntiSamy Project | ||
| + | *OWASP Enterprise Security API | ||
| + | *OWASP ModSecurity Core Rule Set Project | ||
| + | *OWASP CSRFGuard Project | ||
| + | *OWASP Web Testing Environment Project | ||
| + | *OWASP WebGoat Project | ||
| + | *OWASP Zed Attack Proxy | ||
| + | |||
| + | Setup Accounts for Project leaders and Admins(done) | ||
| + | |||
| + | ==Virtual Server: Testing Environment(In progress)== | ||
| + | Acquired a virtual server through Leaseweb | ||
| + | OS: Windows 2012 | ||
| + | Installed components: | ||
| + | *Eclipse | ||
| + | *Visual Studio Express | ||
| + | *OWASP ZAP 2.3.1 | ||
| + | *TomCat 6 | ||
| + | *MySQL 5.5 | ||
| + | *Tortoise Subversion | ||
| + | *JRE 7 | ||
| + | *Mozilla | ||
| + | *WAVSEP.war | ||
| + | |||
| + | |||
| + | ==SWAMP integration== | ||
| + | Created some tests to load ESAPI C and C++ into the SWAMP but the assessment failed. Probably related to build scripts. | ||
| + | |||
| + | ==Preliminary tests on activity verification== | ||
| + | ESAPI libraries are been right now verified for Health Criteria. From this first assessment the following results | ||
| + | *Perl==> Last maintained 3 years ago | ||
| + | *C++==>last commit 11 months ago | ||
| + | *Python==>last release from 3 years ago | ||
| + | *.NET==>last release from 3 years ago | ||
| + | *C==>Source code last updated 2 years ago | ||
| + | *Java==> Updated a month ago | ||
| + | *Classic ASP==>last release from 3 years ago | ||
| + | |||
| + | Libraries with more than a yea without updates do not pass the health criteria | ||
| + | Email has sent to Project leaders for verification of inactivity levels or any further plans in the future | ||
Revision as of 01:13, 13 June 2014
Quality Approach Updates
12 June 2014
These has been the activities and progress regarding the QA project as described in here: https://www.owasp.org/index.php/Proposal_Project_Review_QA_Approach
JIRA Account configured for Candidate Flagship projects
Setup Projects in JIRA(done):
- OWASP AntiSamy Project
- OWASP Enterprise Security API
- OWASP ModSecurity Core Rule Set Project
- OWASP CSRFGuard Project
- OWASP Web Testing Environment Project
- OWASP WebGoat Project
- OWASP Zed Attack Proxy
Setup Accounts for Project leaders and Admins(done)
Virtual Server: Testing Environment(In progress)
Acquired a virtual server through Leaseweb OS: Windows 2012 Installed components:
- Eclipse
- Visual Studio Express
- OWASP ZAP 2.3.1
- TomCat 6
- MySQL 5.5
- Tortoise Subversion
- JRE 7
- Mozilla
- WAVSEP.war
SWAMP integration
Created some tests to load ESAPI C and C++ into the SWAMP but the assessment failed. Probably related to build scripts.
Preliminary tests on activity verification
ESAPI libraries are been right now verified for Health Criteria. From this first assessment the following results
- Perl==> Last maintained 3 years ago
- C++==>last commit 11 months ago
- Python==>last release from 3 years ago
- .NET==>last release from 3 years ago
- C==>Source code last updated 2 years ago
- Java==> Updated a month ago
- Classic ASP==>last release from 3 years ago
Libraries with more than a yea without updates do not pass the health criteria Email has sent to Project leaders for verification of inactivity levels or any further plans in the future
