[Tiki-devel] "Project Vulnerability Report" (PVR) score for Tiki (and other projects) on OpenHub

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[Tiki-devel] "Project Vulnerability Report" (PVR) score for Tiki (and other projects) on OpenHub

Marc Laporte-3
Hi!

I am an active contributor to the Black Duck Open Hub community.
http://blog.openhub.net/about/

Black Duck Open Hub is a fantastic tool to evaluate Free / Libre /
Open Souce software and to reward/promote the projects that are doing
the right things. By helping people find software, it helps increase
collaboration and reduce the fragmentation in the Free / Libre / Open
Souce software world.

I used this extensively when evaluating projects for WikiSuite. Here
are chosen projects: http://wikisuite.org/Black-Duck-Open-Hub

Activity level is one of many criteria:
http://wikisuite.org/Component-criteria#Activity_level

More recently, Open Hub created a "Project Vulnerability Report" (PVR) score
http://blog.openhub.net/about-pvr/
http://blog.openhub.net/2016/10/project-security/
http://blog.openhub.net/2016/04/open-hub-in-2016/


I reported some issues, which led to some fixes:
https://tiki.org/Open+Hub+Project+Vulnerability+Report
https://www.openhub.net/topics/13907

And now, Peter explained why it's so tricky:
http://blog.openhub.net/2017/05/researching-project-security-data/

I recommend checking out their blog:
http://blog.openhub.net/

Best regards,


--
Marc Laporte

http://WikiSuite.org
http://PluginProblems.com
http://Avan.Tech

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
TikiWiki-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
Reply | Threaded
Open this post in threaded view
|

Re: [Tiki-devel] "Project Vulnerability Report" (PVR) score for Tiki (and other projects) on OpenHub

Jonny Bradley-4
Thanks Marc

I hadn't been there for a while so had to re-log in and found on my profile

    https://www.openhub.net/accounts/jonnybradley

that apparently i haven't committed anything for 7 months, so it looks like something is borken there (or here). Does anyone know how that's supposed to work?

Meanwhile, checking on our PVR on https://www.openhub.net/p/tikiwiki it looks like we have a 91% confidence level - which is good - many thanks to those beavering away behind the scenes on these things! (i know i need to pull my weight there a bit more, will do soon, promise! ;)

Anyway, it's a good place to keep an eye on, thanks for the reminder Marc,

jonny




> On 17 Jun 2017, at 02:49, Marc Laporte <[hidden email]> wrote:
>
> Hi!
>
> I am an active contributor to the Black Duck Open Hub community.
> http://blog.openhub.net/about/
>
> Black Duck Open Hub is a fantastic tool to evaluate Free / Libre /
> Open Souce software and to reward/promote the projects that are doing
> the right things. By helping people find software, it helps increase
> collaboration and reduce the fragmentation in the Free / Libre / Open
> Souce software world.
>
> I used this extensively when evaluating projects for WikiSuite. Here
> are chosen projects: http://wikisuite.org/Black-Duck-Open-Hub
>
> Activity level is one of many criteria:
> http://wikisuite.org/Component-criteria#Activity_level
>
> More recently, Open Hub created a "Project Vulnerability Report" (PVR) score
> http://blog.openhub.net/about-pvr/
> http://blog.openhub.net/2016/10/project-security/
> http://blog.openhub.net/2016/04/open-hub-in-2016/
>
>
> I reported some issues, which led to some fixes:
> https://tiki.org/Open+Hub+Project+Vulnerability+Report
> https://www.openhub.net/topics/13907
>
> And now, Peter explained why it's so tricky:
> http://blog.openhub.net/2017/05/researching-project-security-data/
>
> I recommend checking out their blog:
> http://blog.openhub.net/
>
> Best regards,
>
>
> --
> Marc Laporte
>
> http://WikiSuite.org
> http://PluginProblems.com
> http://Avan.Tech
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> TikiWiki-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
>


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
TikiWiki-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
Reply | Threaded
Open this post in threaded view
|

Re: [Tiki-devel] "Project Vulnerability Report" (PVR) score for Tiki (and other projects) on OpenHub

Jean-Marc Libs
Same here: https://www.openhub.net/accounts/Jyhem
«Most recent commit 7 months ago»

It's not just you.



On Sat, Jun 17, 2017 at 2:35 PM, Jonny Bradley <[hidden email]> wrote:
Thanks Marc

I hadn't been there for a while so had to re-log in and found on my profile

    https://www.openhub.net/accounts/jonnybradley

that apparently i haven't committed anything for 7 months, so it looks like something is borken there (or here). Does anyone know how that's supposed to work?

Meanwhile, checking on our PVR on https://www.openhub.net/p/tikiwiki it looks like we have a 91% confidence level - which is good - many thanks to those beavering away behind the scenes on these things! (i know i need to pull my weight there a bit more, will do soon, promise! ;)

Anyway, it's a good place to keep an eye on, thanks for the reminder Marc,

jonny




> On 17 Jun 2017, at 02:49, Marc Laporte <[hidden email]> wrote:
>
> Hi!
>
> I am an active contributor to the Black Duck Open Hub community.
> http://blog.openhub.net/about/
>
> Black Duck Open Hub is a fantastic tool to evaluate Free / Libre /
> Open Souce software and to reward/promote the projects that are doing
> the right things. By helping people find software, it helps increase
> collaboration and reduce the fragmentation in the Free / Libre / Open
> Souce software world.
>
> I used this extensively when evaluating projects for WikiSuite. Here
> are chosen projects: http://wikisuite.org/Black-Duck-Open-Hub
>
> Activity level is one of many criteria:
> http://wikisuite.org/Component-criteria#Activity_level
>
> More recently, Open Hub created a "Project Vulnerability Report" (PVR) score
> http://blog.openhub.net/about-pvr/
> http://blog.openhub.net/2016/10/project-security/
> http://blog.openhub.net/2016/04/open-hub-in-2016/
>
>
> I reported some issues, which led to some fixes:
> https://tiki.org/Open+Hub+Project+Vulnerability+Report
> https://www.openhub.net/topics/13907
>
> And now, Peter explained why it's so tricky:
> http://blog.openhub.net/2017/05/researching-project-security-data/
>
> I recommend checking out their blog:
> http://blog.openhub.net/
>
> Best regards,
>
>
> --
> Marc Laporte
>
> http://WikiSuite.org
> http://PluginProblems.com
> http://Avan.Tech
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> TikiWiki-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
>


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
TikiWiki-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
TikiWiki-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
Reply | Threaded
Open this post in threaded view
|

Re: [Tiki-devel] "Project Vulnerability Report" (PVR) score for Tiki (and other projects) on OpenHub

Marc Laporte-3
There is a specific issue with Tiki, which is being looked into:
https://www.openhub.net/topics/13626

General work to improve performance:
http://blog.openhub.net/2017/05/about-the-fods-architecture/



On Sat, Jun 17, 2017 at 7:18 PM, Jean-Marc Libs <[hidden email]> wrote:

> Same here: https://www.openhub.net/accounts/Jyhem
> «Most recent commit 7 months ago»
>
> It's not just you.
>
>
>
> On Sat, Jun 17, 2017 at 2:35 PM, Jonny Bradley <[hidden email]> wrote:
>>
>> Thanks Marc
>>
>> I hadn't been there for a while so had to re-log in and found on my
>> profile
>>
>>     https://www.openhub.net/accounts/jonnybradley
>>
>> that apparently i haven't committed anything for 7 months, so it looks
>> like something is borken there (or here). Does anyone know how that's
>> supposed to work?
>>
>> Meanwhile, checking on our PVR on https://www.openhub.net/p/tikiwiki it
>> looks like we have a 91% confidence level - which is good - many thanks to
>> those beavering away behind the scenes on these things! (i know i need to
>> pull my weight there a bit more, will do soon, promise! ;)
>>
>> Anyway, it's a good place to keep an eye on, thanks for the reminder Marc,
>>
>> jonny
>>
>>
>>
>>
>> > On 17 Jun 2017, at 02:49, Marc Laporte <[hidden email]> wrote:
>> >
>> > Hi!
>> >
>> > I am an active contributor to the Black Duck Open Hub community.
>> > http://blog.openhub.net/about/
>> >
>> > Black Duck Open Hub is a fantastic tool to evaluate Free / Libre /
>> > Open Souce software and to reward/promote the projects that are doing
>> > the right things. By helping people find software, it helps increase
>> > collaboration and reduce the fragmentation in the Free / Libre / Open
>> > Souce software world.
>> >
>> > I used this extensively when evaluating projects for WikiSuite. Here
>> > are chosen projects: http://wikisuite.org/Black-Duck-Open-Hub
>> >
>> > Activity level is one of many criteria:
>> > http://wikisuite.org/Component-criteria#Activity_level
>> >
>> > More recently, Open Hub created a "Project Vulnerability Report" (PVR)
>> > score
>> > http://blog.openhub.net/about-pvr/
>> > http://blog.openhub.net/2016/10/project-security/
>> > http://blog.openhub.net/2016/04/open-hub-in-2016/
>> >
>> >
>> > I reported some issues, which led to some fixes:
>> > https://tiki.org/Open+Hub+Project+Vulnerability+Report
>> > https://www.openhub.net/topics/13907
>> >
>> > And now, Peter explained why it's so tricky:
>> > http://blog.openhub.net/2017/05/researching-project-security-data/
>> >
>> > I recommend checking out their blog:
>> > http://blog.openhub.net/
>> >
>> > Best regards,
>> >
>> >
>> > --
>> > Marc Laporte
>> >
>> > http://WikiSuite.org
>> > http://PluginProblems.com
>> > http://Avan.Tech
>> >
>> >
>> > ------------------------------------------------------------------------------
>> > Check out the vibrant tech community on one of the world's most
>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> > _______________________________________________
>> > TikiWiki-devel mailing list
>> > [hidden email]
>> > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
>> >
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> TikiWiki-devel mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> TikiWiki-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel
>



--
Marc Laporte

http://WikiSuite.org
http://PluginProblems.com
http://Avan.Tech

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
TikiWiki-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel