fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thisura Philips <ttcphil...@gmail.com>
Subject Re: [Mifos-developer][Gsoc2017]Integrating TOIF static analysis with Apache Fineract
Date Tue, 01 Aug 2017 23:52:46 GMT
Hi Mark,

I have sent the PR of integration of TOIF in to apache-fineract at
https://github.com/apache/fineract/pull/397/.
Please review it and let me know what to be updated.
Currently the task doesn't run after the build, due to time concerns. It
takes a bit of time to complete.

Any one interested can run the task by the command  "./gradlew toif". This
will generate the reports in apache-fineract/build/reports/toif folder.

Please review the housekeeping.txt, which has the information about the
organization and let me know if any updates are needed.

Hope to integrate a mechanism to visualize these findings.

Thanks and regards

On Mon, Jul 24, 2017 at 9:07 AM, Thisura Philips <ttcphilips@gmail.com>
wrote:

> Hi Mark,
>
> As I have mentioned, I have done the integration with apache-fineract. I
> have faced with the following problems.
> Please see the updated PR at https://github.com/ThisuraThejith/incubator-
> fineract/pull/2
>
> 1) The task takes more than half an hour at times to complete.
> 2) The result is a set of xml format files. We need to find out a way to
> show the results graphically. That will help the developers to identify the
> security vulnerabilities easily.
>
>  Currently, I have integrated it as a gradle task. Since it takes a lot of
> time to complete, didn't include in the build task.
>
> It would be nice if we can discuss on the above improvements and start
> working on that.
>
> Thanks & Regards
>
> On Wed, May 17, 2017 at 10:54 PM, Mark Reynolds <markreyn@bu.edu> wrote:
>
>> Thisura,
>>
>> Yes, we can move ahead with the plan.
>>
>>
>> On Mon, May 15, 2017 at 8:11 AM, Ed Cable <edcable@mifos.org> wrote:
>>
>> > Mark,
>> >
>> > Can you please review the previous email of Thisura's so he can proceed
>> > ahead.
>> >
>> > Ed
>> >
>> > On Sun, May 14, 2017 at 9:47 PM, Thisura Philips <ttcphilips@gmail.com>
>> > wrote:
>> >
>> >> Hi all,
>> >>
>> >> Shall we move on with the above plan? Any suggestions from the
>> community
>> >> are highly appreciated.
>> >>
>> >>
>> >>
>> >>
>> >> On Wed, Apr 19, 2017 at 7:00 AM, Thisura Philips <ttcphilips@gmail.com
>> >
>> >> wrote:
>> >>
>> >> >
>> >> > Hi all,
>> >> >
>> >> > I have done a POC for the $ubject at github
>> >> > <https://github.com/ThisuraThejith/incubator-fineract/tree/
>> develop-TOIF
>> >> >
>> >> > [1]. The change set it shown at here
>> >> > <https://github.com/ThisuraThejith/incubator-fineract/pull/1>
[2].
>> >> Please
>> >> > review this and let me know your ideas to improve the integration.
>> As of
>> >> > now I have done the following things.
>> >> >
>> >> >
>> >> >    -
>> >> >
>> >> >    Added toif directory into fineract-provider which includes
>> >> >    - report (folder which includes the TOIF reports)
>> >> >       - housekeeping
>> >> >       - toifscan.py
>> >> >    -
>> >> >
>> >> >    Added two TOIF adapters for Findbugs and JLint
>> >> >    -
>> >> >
>> >> >    Added gradle task to manually run after gradle build. Later we can
>> >> add
>> >> >    it as a task which will run automatically run after build.
>> >> >
>> >> > (Only 6 reports files for scanning two classes attached since there
>> are
>> >> > lot of files after scanning)
>> >> >
>> >> >
>> >> > Going forward, we can do the following improvements.
>> >> >
>> >> >
>> >> > * Move the reports in the report folder(mentioned above) into
>> >> > build/reports/toif.
>> >> >
>> >> > * Run the gradle task "toif", at the end of the build.
>> >> >
>> >> >
>> >> > Please let me know your ideas to improve the integration.
>> >> >
>> >> >
>> >> >
>> >> > [1] https://github.com/ThisuraThejith/incubator-fineract/tree/
>> >> develop-TOIF
>> >> > [2] https://github.com/ThisuraThejith/incubator-fineract/pull/1
>> >> >
>> >> > Thanks & Regards
>> >> > --
>> >> > T.T.C Philips (BSc.Eng (Undergrad))
>> >> > Computer Science and Engineering,
>> >> > Sri Lanka Institute of Information Technology(SLIIT)
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >>
>> >> --
>> >> T.T.C Philips (BSc.Eng (Undergrad))
>> >> Computer Science and Engineering,
>> >> Sri Lanka Institute of Information Technology(SLIIT)
>> >>
>> >
>> >
>> >
>> > --
>> > *Ed Cable*
>> > President/CEO, Mifos Initiative
>> > edcable@mifos.org | Skype: edcable | Mobile: +1.484.477.8649
>> > <(484)%20477-8649>
>> >
>> > *Collectively Creating a World of 3 Billion Maries | *http://mifos.org
>> > <http://facebook.com/mifos>  <http://www.twitter.com/mifos>
>> >
>> >
>>
>
>
>
> --
> T.T.C Philips (BSc.Eng (Undergrad))
> Computer Science and Engineering,
> Sri Lanka Institute of Information Technology(SLIIT)
>
>
>
>


-- 
T.T.C Philips (BSc.Eng (Undergrad))
Computer Science and Engineering,
Sri Lanka Institute of Information Technology(SLIIT)

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message