This project will read the composer.lock file in the Drupal root, and create a report containing installed Composer packages that have known security vulnerabilities. It uses the SensioLabs Security Checker package and service to complete this task, but is also capable of having that service swapped out should something else be more suitable.

Project page

Git clone command:

git clone --branch 8.x-1.x http://git.drupal.org/sandbox/chapabu/2693291.git

Manual reviews:

https://www.drupal.org/node/2687067#comment-11046315

Comments

chapabu created an issue. See original summary.

PA robot’s picture

PA robot CreditAttribution: PA robot commented
Issue summary: View changes
Status: Needs review » Needs work

There are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxchapabu2693291git

Fixed the git clone URL in the issue summary for non-maintainer users.

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

th_tushar’s picture

th_tushar CreditAttribution: th_tushar commented

Hi @chapabu,

Please update the issue description about the project in detail.
Also fix the issues reported by the Pareview tool, and mark the project status to "Need Review". So that the reviewers can review your project. To speed up the project application review process, please review other 3 projects in issue queue and tag your issue with "Pareview: review bonus" tag.

Thanks for your contribution!!

chapabu’s picture

chapabu CreditAttribution: chapabu as a volunteer commented
Issue summary: View changes
chapabu’s picture

chapabu CreditAttribution: chapabu as a volunteer commented
Status: Needs work » Needs review

I updated Coder to the latest dev release and managed to replicate and fix the PAReview failures. The only remaining failure is in one of the PHPSpec tests, where I'm using the ::class keyword. I'm guessing PAReview is running PHP 5.4. Minimum requirements for D8 are 5.5, so I don't think this is really an issue.

I'll try to review some other projects over the weekend, as I didn't get a chance today.

chapabu’s picture

chapabu CreditAttribution: chapabu as a volunteer commented
Issue summary: View changes
panshulk’s picture

panshulk CreditAttribution: panshulk commented

Automated Review

There is an error reported by http://pareview.sh/pareview/httpgitdrupalorgsandboxchapabu2693291git. Please look into it

Manual Review

Individual user account
[Yes: Follows ] the guidelines for individual user accounts.
No duplication
[Yes: Does not cause ] module duplication and/or fragmentation.
Master Branch
[Yes: Follows ] the guidelines for master branch.
Licensing
[Yes: Follows ] the licensing requirements.
3rd party assets/code
[Yes: Follows ] the guidelines for 3rd party assets/code.
README.txt/README.md
[No: Does not follow] the guidelines for in-project documentation and/or the README Template. Please go through the README template and mention the missing "Required" sections .
Code long/complex enough for review
[Yes: Follows] the guidelines for project length and complexity.
Secure code
[Yes: Meets the security requirements]

This review uses the Project Application Review Template.

klausi’s picture

klausi
he/him||they/them
Primary language German
Location 🇦🇹 Vienna
CreditAttribution: klausi commented

@panshulk: looks like you forgot to change the status. Are there any blockers left after your review or should this now be RTBC instead?

panshulk’s picture

panshulk CreditAttribution: panshulk commented
Status: Needs review » Reviewed & tested by the community

yes skipped changing the status by mistake :)

DamienMcKenna’s picture

DamienMcKenna
Location NH, USA
CreditAttribution: DamienMcKenna at Mediacurrent commented
Status: Reviewed & tested by the community » Fixed

Thanks for your contribution, Matt!

I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.

Here are some recommended readings to help with excellent maintainership:

You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!

Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

Thanks to the dedicated reviewer(s) as well.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.