Closed (fixed)
Project:
Drupal.org security advisory coverage applications
Component:
module
Priority:
Normal
Category:
Task
Assigned:
Reporter:
Created:
15 Jul 2018 at 08:56 UTC
Updated:
21 Oct 2018 at 10:59 UTC
Jump to comment: Most recent
Comments
Comment #2
manish34jain commentedHello Amin,
Please run automated review and check the errors.
Here is the report. https://pareview.sh/pareview/https-git.drupal.org-project-time_field.git
Thanks
Comment #3
avpadernoThank you for your contribution!
You need to provide the instructions to clone the project repository, and create a branch for Drupal 8. The Master branch should not be used to commit code.
Comment #4
lostkoder commentedAlmost all issues fixed.
https://pareview.sh/pareview/https-git.drupal.org-project-time_field.git
Comment #5
lostkoder commentedComment #6
lostkoder commentedComment #7
lostkoder commentedComment #8
lostkoder commentedComment #9
avpadernoPlease don't set the issue to Fixed, or you will never get the permission to opt-in to security coverage.
Comment #10
lostkoder commentedComment #11
lostkoder commentedComment #12
avpadernoComment #13
girishpanchal07 commented@amin,
Your README.md does not follow best practices (headings need to be uppercase). See https://www.drupal.org/node/2181737 .
- The REQUIREMENTS section is missing.
- The CONFIGURATION section is missing.
Please use t() function wherever you add static string/message.
Please fix it.
Thanks.
Comment #14
lostkoder commentedAll issues fixed.
https://pareview.sh/pareview/https-git.drupal.org-project-time_field.git
Comment #15
lostkoder commentedWhat else need to be done?
Comment #16
avpadernoWe just need to wait for other users to review the code. It's their task, to set the issue as Reviewed & tested by the community.
As a reminder to the reviewers: This application is done to see what the OP understands about writing secure Drupal code. It should not become a find all the bugs in the project session, even though we are also interested in the OP's ability to understand bug reports and correct the code basing on the report.
Comment #17
lostkoder commentedHow long it takes to handle this?
Comment #18
kybermanReview of the 8.x-1.x branch (commit 58d429b):
Comment #19
lostkoder commentedAll mentioned issues fixed.
https://pareview.sh/pareview/https-git.drupal.org-project-time_field.git
Thanks for the detailed attention to the project.
Comment #20
lostkoder commentedComment #21
olegel commentedReview of branch 8.x-1.x
Automated review didn't show any errors.
Manual review:
Code looks clean and working.
1. I just noticed very minor issue: could you add 2 lines before headings in readme.md
(Two lines prior to headings (except the first one)).
2. I'm not sure about coding standard of 'native' PHP classes, like Exception or DateTime. What is preferred, inline classes (with backslash before class name: \DateTime) or use statement on top (use DateTime; )? Anyway it works both ways, so this is not an issue.
Please fix 1st issue and I update issue as reviewed and tested.
Comment #22
olegel commentedComment #23
lostkoder commentedfixed.
Comment #24
lostkoder commentedComment #25
afi13 commentedHello,
Review of branch 8.x-1.x
Automated review looks ok, don't see any errors.
Manual review:
Code looks clean and working (tested on real project).
I see just few very minor issues:
1. 'templates' folder should be moved from 'src' to project root. It should be like that 'time_field/templates'.
2. @file notation with list of available variables should be added for `input--time.html.twig` template. Example:
That's all, other points looks completely ok for me.
Comment #26
lostkoder commentedIssues fixed.
Comment #27
avpadernoPAReview doesn't report any issue and I didn't find any security issue.
As side note, I guess that by Seconds passed through midnight you mean Seconds passed since midnight.
I will approve this application this evening.
Comment #28
avpadernoThank you for your contribution!
I am going to update your account so you can opt into security advisory coverage now.
These are some recommended readings to help with excellent maintainership:
You can find more contributors chatting on the IRC #drupal-contribute channel. So, come hang out and stay involved.
Thank you, also, for your patience with the review process.
Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
I thank all the dedicated reviewers as well.
Comment #29
lostkoder commentedThank you.
When it will be applied?
The following text is still on the project page.
Comment #30
avpadernoThe project needs to be edited; this application just gives you the permission to edit the Security advisory coverage field in https://www.drupal.org/node/2977064/edit (and in other projects you created, or you will create).