Reviews and Mentoring for gulab.bisht

Events happening in the community are now at Drupal community events on www.drupal.org.
You are viewing a wiki page. You are welcome to join the group and then edit it. Be bold!

Comments

Here are some suggestions If

Posted by heddn on August 8, 2014 at 1:58pm
heddn's picture

Here are some suggestions

  • If the git link is wrong for a project (which is very often), just fix it. You can edit the application just as easy as anyone else. And the git clone link that the sandbox defaults to for the author is the read/write link. They have to tick a checkbox to get the general use link. So it's actually easier for you to update.
  • While I don't always use it, the review template is a good guide for what to look for in a project application: https://groups.drupal.org/node/427683.
  • Finding licensing and security issues are the true "blockers" for git vetted access. When you find one, please call it out in the list above. I use a very simple approach to find isues, I just paste XSS text into every text box on the page. Or if the module can accept data from an external service or via the query string, paste that as the parameter. I've found that putting a descriptive text in the alert is very helpful in later finding what part of the module is vulnerable. After you get a lot of that XSS all over the site, if you don't have it descriptive, then its really hard to find where or what threw the alert.

    Example:<script>alert('location where the text is pasted');</script>

Review

Posted by manojbisht_drupal on August 18, 2014 at 7:04am
manojbisht_drupal's picture

Hello,

Please review my project video_embed_ustream, so that I can promote it to production.

URL:- https://www.drupal.org/node/2311531

Thanks,
Manoj Bisht