Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Would like to see the security_review module integrated with the site_audit module.Clos
Comment | File | Size | Author |
---|---|---|---|
#4 | site_audit-add_security_review_support-2129415-1.patch | 34.38 KB | codi |
Comments
Comment #1
codi CreditAttribution: codi commentedPatch attached.
Comment #2
FluxSauce CreditAttribution: FluxSauce commentedNeat! 0 bytes :-(
Does this require security_review to be installed as a module, or can it be installed like a drush command?
Comment #3
coltraneSecurity Review module does not have to be installed to run the drush checks. See http://drupalcode.org/project/security_review.git/blob/refs/heads/7.x-1.... for how to use.
Comment #4
codi CreditAttribution: codi commentedSorry about the 0 bytes. Here's the real one.
Comment #5
FluxSauce CreditAttribution: FluxSauce commentedcoltrane - rad, thank you!
codi - Thanks for the patch, good start! However, crashed out-of-the-box.
require_once(Report/Security.php): failed to open stream: No such file or directory site_audit.drush.inc:10 [warning]
Fixed that by using the correct class name:
Then I ran the report...
That doesn't seem right, same goes for the detail view:
A couple things beyond the obvious;
$result['object'][0]['result']
is super redundant. Why not just set the registry value to$result['object'][0]['result'] ?
if ($result === FALSE) return SiteAuditCheckAbstract::AUDIT_CHECK_SCORE_INFO;
- this should be broken up over multiple lines (see Drupal coding standards), and the only time you should use that logic is in an enabled check (pass if it's enabled, info if it's not).Tested using PHP 5.3, Drush 5.9 on a Drupal 7.23 site and security_review 7.x-1.1 and site_audit 1.5.
Comment #6
FluxSauce CreditAttribution: FluxSauce commentedComment #7
FluxSauce CreditAttribution: FluxSauce commentedHi Codi, have you gotten a chance to take a look at this? I'd love to see this in Site Audit.
Comment #9
FluxSauce CreditAttribution: FluxSauce commentedFYI, I'm going to treat this as a meta issue now; I've added the support for custom checks and reports into the dev branch and provided a patch in #2279283: Integrate with site_audit - progress is being made!
Comment #10
codi CreditAttribution: codi commentedAwesome, thanks for all the hard work Flux.
Comment #12
FluxSauce CreditAttribution: FluxSauce commentedClosing this one, work is completely in the security_review queue now. Almost ready to merge!