fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thisura Philips <ttcphil...@gmail.com>
Subject Re: [Mifos-developer][Gsoc2017]Integrating TOIF static analysis with Apache Fineract
Date Mon, 24 Jul 2017 03:37:06 GMT
Hi Mark,

As I have mentioned, I have done the integration with apache-fineract. I
have faced with the following problems.
Please see the updated PR at
https://github.com/ThisuraThejith/incubator-fineract/pull/2

1) The task takes more than half an hour at times to complete.
2) The result is a set of xml format files. We need to find out a way to
show the results graphically. That will help the developers to identify the
security vulnerabilities easily.

 Currently, I have integrated it as a gradle task. Since it takes a lot of
time to complete, didn't include in the build task.

It would be nice if we can discuss on the above improvements and start
working on that.

Thanks & Regards

On Wed, May 17, 2017 at 10:54 PM, Mark Reynolds <markreyn@bu.edu> wrote:

> Thisura,
>
> Yes, we can move ahead with the plan.
>
>
> On Mon, May 15, 2017 at 8:11 AM, Ed Cable <edcable@mifos.org> wrote:
>
> > Mark,
> >
> > Can you please review the previous email of Thisura's so he can proceed
> > ahead.
> >
> > Ed
> >
> > On Sun, May 14, 2017 at 9:47 PM, Thisura Philips <ttcphilips@gmail.com>
> > wrote:
> >
> >> Hi all,
> >>
> >> Shall we move on with the above plan? Any suggestions from the community
> >> are highly appreciated.
> >>
> >>
> >>
> >>
> >> On Wed, Apr 19, 2017 at 7:00 AM, Thisura Philips <ttcphilips@gmail.com>
> >> wrote:
> >>
> >> >
> >> > Hi all,
> >> >
> >> > I have done a POC for the $ubject at github
> >> > <https://github.com/ThisuraThejith/incubator-
> fineract/tree/develop-TOIF
> >> >
> >> > [1]. The change set it shown at here
> >> > <https://github.com/ThisuraThejith/incubator-fineract/pull/1> [2].
> >> Please
> >> > review this and let me know your ideas to improve the integration. As
> of
> >> > now I have done the following things.
> >> >
> >> >
> >> >    -
> >> >
> >> >    Added toif directory into fineract-provider which includes
> >> >    - report (folder which includes the TOIF reports)
> >> >       - housekeeping
> >> >       - toifscan.py
> >> >    -
> >> >
> >> >    Added two TOIF adapters for Findbugs and JLint
> >> >    -
> >> >
> >> >    Added gradle task to manually run after gradle build. Later we can
> >> add
> >> >    it as a task which will run automatically run after build.
> >> >
> >> > (Only 6 reports files for scanning two classes attached since there
> are
> >> > lot of files after scanning)
> >> >
> >> >
> >> > Going forward, we can do the following improvements.
> >> >
> >> >
> >> > * Move the reports in the report folder(mentioned above) into
> >> > build/reports/toif.
> >> >
> >> > * Run the gradle task "toif", at the end of the build.
> >> >
> >> >
> >> > Please let me know your ideas to improve the integration.
> >> >
> >> >
> >> >
> >> > [1] https://github.com/ThisuraThejith/incubator-fineract/tree/
> >> develop-TOIF
> >> > [2] https://github.com/ThisuraThejith/incubator-fineract/pull/1
> >> >
> >> > Thanks & Regards
> >> > --
> >> > T.T.C Philips (BSc.Eng (Undergrad))
> >> > Computer Science and Engineering,
> >> > Sri Lanka Institute of Information Technology(SLIIT)
> >> >
> >> >
> >> >
> >> >
> >>
> >>
> >> --
> >> T.T.C Philips (BSc.Eng (Undergrad))
> >> Computer Science and Engineering,
> >> Sri Lanka Institute of Information Technology(SLIIT)
> >>
> >
> >
> >
> > --
> > *Ed Cable*
> > President/CEO, Mifos Initiative
> > edcable@mifos.org | Skype: edcable | Mobile: +1.484.477.8649
> > <(484)%20477-8649>
> >
> > *Collectively Creating a World of 3 Billion Maries | *http://mifos.org
> > <http://facebook.com/mifos>  <http://www.twitter.com/mifos>
> >
> >
>



-- 
T.T.C Philips (BSc.Eng (Undergrad))
Computer Science and Engineering,
Sri Lanka Institute of Information Technology(SLIIT)

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message