This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Teachable Static Analysis Workbench - Final Review - First Reviewer - D"

From OWASP
Jump to: navigation, search
 
(4 intermediate revisions by the same user not shown)
Line 28: Line 28:
 
3. Please do use the right hand side column to provide advice and make work suggestions.
 
3. Please do use the right hand side column to provide advice and make work suggestions.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
# There should be some clarification on the Wiki for what must be done to merely install and use the tool(s). For example, the "InstallGuide" is then followed by "BuildingFromSource". Does a normal user of TSAW need to build from source?
+
# The Technical Report should have a  "How To" section that describes how to write additional analyzers for the project. If not, then a "Lessons Learned" for security analysts or developers who want to extend the project on their own, but could use your insight from building the first analyzer.
#
+
# I found a couple of minor spelling and grammar errors; it is probably best to just run all the documentation through a spelling/grammar checker and re-post.
 
  |-  
 
  |-  
 
  | style="width:25%; background:white" align="center"|'''PART II'''  
 
  | style="width:25%; background:white" align="center"|'''PART II'''  
Line 45: Line 45:
 
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
 
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
None.
 
  |-
 
  |-
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
 
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
None.
 
  |-  
 
  |-  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
 
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
One-click build, Fortify Software's open source review and FindBugs.
 
  |-   
 
  |-   
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
4. Please do use the right hand side column to provide advice and make work suggestions.
 
4. Please do use the right hand side column to provide advice and make work suggestions.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
I think the documentation could be unified under the Technical Report as the main "Guide", and the current documents could be chapters, e.g., Install, Use, Lessons Learned, Appendix 1 - How To, Appendix 2 - Build Source, etc.
 
|}
 
|}

Latest revision as of 18:53, 16 January 2009

Clik here to return to the previous page.

FINAL REVIEW
PART I

Project Deliveries & Objectives

OWASP Teachable Static Analysis Workbench Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

Input Validation functionality works as stated.

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

The promised deliverables and functionality have been completed 100%.

3. Please do use the right hand side column to provide advice and make work suggestions.

  1. The Technical Report should have a "How To" section that describes how to write additional analyzers for the project. If not, then a "Lessons Learned" for security analysts or developers who want to extend the project on their own, but could use your insight from building the first analyzer.
  2. I found a couple of minor spelling and grammar errors; it is probably best to just run all the documentation through a spelling/grammar checker and re-post.
PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

None.

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

None.

3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

One-click build, Fortify Software's open source review and FindBugs.

4. Please do use the right hand side column to provide advice and make work suggestions.

I think the documentation could be unified under the Technical Report as the main "Guide", and the current documents could be chapters, e.g., Install, Use, Lessons Learned, Appendix 1 - How To, Appendix 2 - Build Source, etc.