[D7] Cardinity Payment Gateway for Ubercart

There are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxcardinity2662608git

Fixed the git clone URL in the issue summary for non-maintainer users.

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

Your account name is "cardinity" and the company name is Cardinity - that indicates to me that your Drupal account might be a company account, not an individual account. Git access is only granted to individuals.

Also, CardinityOAuth.php seems to be sample code provided by the company. Please confirm that you are releasing this under a GPL license as part of your project.

Also, I encourage you to work on a Drupal 8 release! D8 Ubercart is already available, and the framework for payment gateways is finalized and easy to use. Porting should be pretty easy.

Closing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).

I'm a robot and this is an automated message from Project Applications Scraper.

You still need to address the questions I raised in #3.

@cardinity: Each developer who needs git access must have his/her own account - they can all have access to work on the same project, but they will all need to apply separately. If the "cardinity" account is just you and only you will be using it, see https://www.drupal.org/node/2765201.

Once you clear up this issue, then the application can continue. When approved your module will be published. All modules get approved eventually, all you have to do is keep responding to questions on this thread.

as I see it's released from dev to stable only yesterday Jan-4.

I'm not sure what this means - Ubercart has had a release for D8 for about 2 years. We have an alpha release as well as a -dev release. They are both "stable", just incomplete in terms of features. The -dev release has bug fixes that aren't present in the alpha release. I recommend using the -dev release. A beta release is forthcoming, and will be made when we are feature complete, but the payment part of Ubercart which is what you will be using is already finished.

Pareview shows a lot of errors - this was pointed out in #2. Can you fix those? See https://pareview.sh/node/1236

Thank you for your contribution!

After 2017 March 7 everyone can promote a project to a full project.  A full project has a short project name and a drupal.org/project URL.  It can also have releases (like alpha1 or 1.0).  Edit your sandbox project, and then choose the 'Promote' tab.

https://www.drupal.org/docs/8/understanding-drupal-version-numbers/drupa...
https://www.drupal.org/docs/8/choosing-a-drupal-version/what-do-version-...
https://www.drupal.org/docs/8/understanding-drupal-version-numbers/what-...
https://www.drupal.org/docs/8/choosing-a-drupal-version/release-stable-v...

If you'd like to opt into security coverage, please ensure your module is ready for a full release, and then set this issue back to 'needs review'

Immense apologies for how long it took to get to this review completed.

Automated Review

Review of the 7.x-1.x branch (commit a8424f2):

• The uc_cardinity.module does not implement hook_help(). See https://www.drupal.org/docs/develop/documenting-your-project/module-docu... .
• Coder Sniffer has found some issues with your code (please check the Drupal coding standards).
  

  
  FILE: ...e1101/web/vendor/drupal/pareviewsh/pareview_temp/uc_cardinity.module
  --------------------------------------------------------------------------
  FOUND 0 ERRORS AND 1 WARNING AFFECTING 1 LINE
  --------------------------------------------------------------------------
   224 | WARNING | Do not concatenate strings to translatable strings, they
       |         | should be part of the t() argument and you should use
       |         | placeholders
  --------------------------------------------------------------------------
  
  Time: 966ms; Memory: 6Mb
  

• DrupalPractice has found some issues with your code, but could be false positives.
  

  
  FILE: ...01/web/vendor/drupal/pareviewsh/pareview_temp/lib/CardinityOAuth.php
  --------------------------------------------------------------------------
  FOUND 0 ERRORS AND 1 WARNING AFFECTING 1 LINE
  --------------------------------------------------------------------------
   11 | WARNING | Class name must be prefixed with the project name
      |         | "UcCardinity"
  --------------------------------------------------------------------------
  
  Time: 526ms; Memory: 6Mb
  

• No automated test cases were found, did you consider writing Simpletests or PHPUnit tests? This is not a requirement but encouraged for professional software development.

This automated report was generated with PAReview.sh, your friendly project application review script.

Manual Review

Individual user account

Yes: Follows the guidelines for individual user accounts.

No duplication

Yes: Does not cause module duplication and/or fragmentation.

Master Branch

Yes: Follows the guidelines for master branch.

Licensing

Yes: Follows the licensing requirements.

3rd party assets/code

Yes: Follows the guidelines for 3rd party assets/code.

README.txt/README.md

Yes: Follows the guidelines for in-project documentation and/or the README Template.

Code long/complex enough for review

Yes: Follows the guidelines for project length and complexity.

Secure code

No: List of security issues identified. Sanitize input from $_POST

Coding style & Drupal API usage

1. (*) Sanitize input from $_POST to prevent XSS in line 266 and 275 of uc_cardinity.module
2. (+) The uc_cardinity.module does not implement hook_help()
3. (*) Do not concatenate strings to translatable strings, they should be part of the t() argument and you should use placeholders
4. (*) uc_cardinity.info, uc_cardinity.install, uc_cardinity.module filenames are not following module naming standards https://www.drupal.org/docs/7/creating-custom-modules/getting-started . Filenames, function names should start with the module name to prevent namespace collisions: cardinity_ubercart
5. (*) name = Cardinity should be name = Ubercart Cardinity

The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.

If added, please don't remove the security tag, we keep that for statistics and to show examples of security problems.

This review uses the Project Application Review Template.

I see no issues in branch 7.x-1.x

Thank you for your contribution!

I am going to update your account so you can opt into security advisory coverage now.
These are some recommended readings to help with excellent maintainership:

• Dries' post on Responsible maintainers
• Best practices for creating and maintaining projects
• Maintaining a drupal.org project with Git
• Commit messages - providing history and credit
• Release naming conventions.
• Helping maintainers in the issue queues

You can find more contributors chatting on the IRC #drupal-contribute channel. So, come hang out and stay involved.
Thank you, also, for your patience with the review process.
Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

I thank all the dedicated reviewers as well.