Closed (fixed)
Project:
Drupal.org security advisory coverage applications
Component:
module
Priority:
Normal
Category:
Task
Assigned:
Reporter:
Created:
1 Apr 2022 at 11:53 UTC
Updated:
9 Apr 2025 at 18:09 UTC
Jump to comment: Most recent
Comments
Comment #2
gxleano commentedComment #3
gxleano commentedComment #4
avpadernoThank you for applying! Reviewers will review the project files, describing what needs to be changed.
Please read Review process for security advisory coverage: What to expect for more details and Security advisory coverage application checklist to understand what reviewers look for. Tips for ensuring a smooth review gives some hints for a smother review.
To reviewers: Please read How to review security advisory coverage applications, What to cover in an application review, and Drupal.org security advisory coverage application workflow.
Comment #5
avpadernoThe code in the
create()method just calls the class constructor passing the injected services.The test isn't testing the module. It's checking the front page is loaded, which is already done by Drupal core tests.
Comment #6
avpadernoComment #7
gxleano commentedThanks for reviewing.
I have done the suggested changes and also added Functional Javascript Tests.
Regarding the Functional Javascript Tests, the idea is to add more tests over time.
Comment #8
avpadernoComment #9
avpadernoThe LoadTest.php file needs to be removed, together the directory containing it.
The test isn't testing the module, since it doesn't alter the front page. Furthermore, Drupal core already tests the front page load; there is no need for every module to repeat that test, since the Drupal core tests are executed when a module's test are executed.
Comment #10
gxleano commentedThanks again for reviewing!
I have already removed LoadTest.php and entire directory.
Comment #11
avpadernoThank you for your contribution! I am going to update your account.
These are some recommended readings to help with excellent maintainership:
You can find more contributors chatting on the IRC #drupal-contribute channel. So, come hang out and stay involved.
Thank you, also, for your patience with the review process.
Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
Comment #13
cmlaraApologies for the noise.
Adding a tracking flag for auditing when modules have been reviewed by the queue only for it to be announced after approval that reviewed code contained a security vulnerability.
SA-CONTRIB-2022-051