This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Source Code Review OWASP Projects"

From OWASP
Jump to: navigation, search
(Added workflow incorporating reviewer comments)
 
(34 intermediate revisions by 7 users not shown)
Line 1: Line 1:
 +
----
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
  ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
+
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Source Code Review OWASP-Projects Project'''  
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Source Code Review OWASP-Projects Project'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
  | colspan="6" style="width:85%; background:#cccccc" align="left"|The objectives of this project are: 1. Develop and document a workflow for open source projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select open source projects to create a baseline for comparing security amongst open source projects.  
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|The objectives of this project are: 1. Develop and document a workflow for FLOSS projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select FLOSS projects to create a baseline for comparing security amongst FLOSS projects.  
 
  |-
 
  |-
  | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
+
  | style="width:15%; background:#7B8ABD" align="center"|'''Project key Information'''
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:[email protected] '''Dan Cornell''']<br>SoC's Project Leader<br>[mailto:[email protected] '''James Walden''']
+
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Dancornell|'''Dan Cornell''']]<br>SoC's Project Leader<br>[[User:Walden|'''James Walden''']]
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>[mailto:[email protected] '''Justin Derry''']<br>
+
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>[[User:Jderry|'''Justin Derry''']]<br>[[User:Mdoylema|'''Maureen Doyle''']]<br>[mailto:[email protected] '''Michael Whelan''']<br>[mailto:[email protected] '''Grant Welch''']
[mailto:[email protected] '''Maureen Doyle''']<br>
+
  | style="width:14%; background:#cccccc" align="center"|Mailing list<br>[https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects '''Subscribe here''']<br>[mailto:OWASP-SCode-Review-OWASP-Projects(at)lists.owasp.org '''Use here''']
[mailto:[email protected] '''Michael Whelan''']
+
| style="width:14%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0''']
  | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects '''Mailing List/Subscribe''']<br>[mailto:OWASP-SCode-Review-OWASP-Projects(at)lists.owasp.org '''Mailing List/Use''']
+
  | style="width:14%; background:#cccccc" align="center"|Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Documentation''']]
| style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:afry(at)strongcrypto.biz '''Alex Fry''']<br>[http://www.linkedin.com/in/alexanderfry Profile]
+
  | style="width:15%; background:#cccccc" align="center"|Sponsor<br>[[OWASP Summer of Code 2008|'''OWASP SoC 08''']]<br>[https://owasp.fortify.com/teamserver/welcome.fhtml '''Fortify''']
  | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:marco.m.morana(at)gmail.com '''Marco M. Morana''']<br>[[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Marco M Morana Curriculum|Curriculum]]
 
  | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>[mailto:name(at)name '''Name&Email''']
 
 
  |}
 
  |}
{| style="width:100%" border="0" align="center"
+
{| style="width:100%" border="0" align="center"  
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT MAIN LINKS'''  
+
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Release Status'''  
|-
+
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Main Links'''
| style="width:100%; background:#cccccc" align="center"|
+
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''  
* 7/11/08 - Updated workflow [[Image:Workflow_July11a.zip]]
 
* replaced 7/11/08 - [[Image:Workflow_Draft1.pdf]]
 
* replaced 7/11/08 - [[Image:CreateProjectExample.pdf]]
 
|}
 
{| style="width:100%" border="0" align="center"
 
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''RELATED PROJECTS'''  
 
|-
 
| style="width:100%; background:#cccccc" align="center"|
 
[https://opensource.fortify.com/teamserver/welcome.fhtml Fortify Code Review Application]
 
|}
 
{| style="width:100%" border="0" align="center"
 
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES'''
 
|-
 
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
 
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Source Code Review OWASP Projects|'''Sponsored Project/Guidelines/Roadmap''']]
 
|}
 
{| style="width:100%" border="0" align="center"
 
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
 
|-
 
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
 
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation'''<br>(applicable for Alpha Quality & further)
 
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer'''<br>(applicable for Alpha Quality & further)
 
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer'''<br>(applicable for Beta Quality & further)
 
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member'''<br>(applicable just for Release Quality)
 
|-
 
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
 
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
 
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
 
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
 
| style="width:22%; background:#C2C2C2" align="center"|X
 
|-
 
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
 
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
 
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
 
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
 
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Source Code Review OWASP Projects - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
 
 
  |-
 
  |-
 +
| style="width:29%; background:#cccccc" align="center"|
 +
'''[[:Category:OWASP_Project_Assessment#Release Quality Documentation Criteria|Release Quality]]'''<br>[[:OWASP Source Code Review OWASP Projects - Assessment Frame|Please see here for complete information.]]
 +
| style="width:42%; background:#cccccc" align="center"|
 +
* [https://www.owasp.org/images/c/c9/OWASPEU_SourceReview.ppt Power Point Presentation]
 +
* [[:Image:Workflow_July_11a.zip|Updated Workflow/Zip Folder]]
 +
* [[:Image:Workflow_Draft1.pdf|Workflow - Draft1]]
 +
* [[:Image:CreateProjectExample.pdf|Example flow diagram for creating a new project to be reviewed/PDF File]]
 +
* [https://owasp.fortify.com/teamserver/welcome.fhtml Fortify OWASP Open Review Project]
 +
| style="width:29%; background:#cccccc" align="center"|
 +
* [[:Category:OWASP Open Review Project|'''OWASP Open Review Project (ORPRO)''']]
 
  |}
 
  |}
 +
----

Latest revision as of 17:05, 20 January 2009


PROJECT IDENTIFICATION
Project Name OWASP Source Code Review OWASP-Projects Project
Short Project Description The objectives of this project are: 1. Develop and document a workflow for FLOSS projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select FLOSS projects to create a baseline for comparing security amongst FLOSS projects.
Project key Information Project Leader
Dan Cornell
SoC's Project Leader
James Walden
Project Contributors
Justin Derry
Maureen Doyle
Michael Whelan
Grant Welch
Mailing list
Subscribe here
Use here
License
Creative Commons Attribution Share Alike 3.0
Project Type
Documentation
Sponsor
OWASP SoC 08
Fortify
Release Status Main Links Related Projects

Release Quality
Please see here for complete information.