This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "QA wikiupdates"
| Line 51: | Line 51: | ||
Libraries with more than a year without updates do not pass the health criteria | Libraries with more than a year without updates do not pass the health criteria | ||
Email has sent to Project leaders for verification of inactivity levels or any further plans in the future. | Email has sent to Project leaders for verification of inactivity levels or any further plans in the future. | ||
| − | *.NET has been verified as inactive by Project leader | + | *.NET has been verified as inactive by Project leader as inactive |
| + | *Python library too | ||
| + | *Kevin Wall has also confirmed most projects are inactive | ||
| + | |||
| + | ==Development of Python tool for sniffing activities in Repositories== | ||
| + | Ohloh is a nice tool, unfortunately it does not measure activity in multiple branches | ||
| + | We hope the tool built by Enrico Branca can help with this since it can measure activities in all branches | ||
Revision as of 10:42, 13 June 2014
Quality Approach Updates
12 June 2014
These has been the activities and progress regarding the QA project as described in here: https://www.owasp.org/index.php/Proposal_Project_Review_QA_Approach
JIRA Account configured for Candidate Flagship projects
Setup Projects in JIRA(done):
- OWASP AntiSamy Project
- OWASP Enterprise Security API
- OWASP ModSecurity Core Rule Set Project
- OWASP CSRFGuard Project
- OWASP Web Testing Environment Project
- OWASP WebGoat Project
- OWASP Zed Attack Proxy
Setup Accounts for Project leaders and Admins(done)
Virtual Server: Testing Environment(In progress)
Acquired a virtual server through Leaseweb OS: Windows 2012 Installed components:
- Eclipse
- Visual Studio Express
- OWASP ZAP 2.3.1
- TomCat 6
- MySQL 5.5
- Tortoise Subversion
- JRE 7
- Mozilla
- WAVSEP.war
To be installed:
- WebGoat(last version)
SWAMP integration preliminary tests
Created some tests to load ESAPI C into the SWAMP but the assessment failed. Probably related to build scripts. We will continue the tests with ESAPI C++.ESAPI C had more than 2 years inactive.
Preliminary tests on activity verification
ESAPI libraries are been right now verified for Health Criteria. From this first assessment the following results
- Perl==> Last maintained 3 years ago
- C++==>last commit 11 months ago
- Python==>last release from 3 years ago
- .NET==>last release from 3 years ago
- C==>Source code last updated 2 years ago
- Java==> Updated a month ago
- Classic ASP==>last release from 3 years ago
Libraries with more than a year without updates do not pass the health criteria Email has sent to Project leaders for verification of inactivity levels or any further plans in the future.
- .NET has been verified as inactive by Project leader as inactive
- Python library too
- Kevin Wall has also confirmed most projects are inactive
Development of Python tool for sniffing activities in Repositories
Ohloh is a nice tool, unfortunately it does not measure activity in multiple branches We hope the tool built by Enrico Branca can help with this since it can measure activities in all branches
