Reviews and Mentoring for heykarthikwithu

Events happening in the community are now at Drupal community events on www.drupal.org.
Posted by heykarthikwithu on March 11, 2016 at 6:35am
Last updated by heykarthikwithu on Mon, 2016-10-03 11:20

This wiki page is created to keep track of heykarthikwithu's Project application reviews for him to get advice and mentored by Git administrators and anyone else who might have suggestions, advices, etc.

I would like to thank team and everyone else for their effort in reviewing applications. Drupal always had clean, secure and fast code compared to other projects; Core and contrib alike. I realized project applications play a major role in vetting and reviewing new projects, so I wanted do what I can.

A list of security issues I could find in the candidate modules:

  1. [D7] Partner Links
    Review

  2. [D7]Video Schema
    Review

Reviews

Following are the reviews I've made, manually entered, and are in the order of the issue's age (oldest first). I excluded some reviews that I didn't add helpful/constructive reviews.

  1. [D7] S3 Zip Image Upload
    Review

  2. [D8] user_redirect
    Review

  3. [D7] Reading Progress Bar
    Review

  4. [D7] Node Type count
    Review

Comments

Thanks Karthik for

Posted by naveenvalecha on March 19, 2016 at 7:32pm
naveenvalecha's picture

Thanks Karthik for starting.Nice reviews, I believe you would also encourage & help others guys to review the project applications and help to reduce the backlog project applications that are under review https://www.drupal.org/project/issues/projectapplications?text=&status=8...

Thanks for following review template https://groups.drupal.org/node/427683 There are couple of also good templates available that are helpful in reviews , https://groups.drupal.org/node/184389

By @mpdonadio from my mentoring:

The main application blockers are security problems, licensing issues, and third-party code. The fourth are "major API problems". To quote @klausi from my mentoring:

Project application reviews are basically sanity checks, so while providing all details what can be improved is very valuable we have to consider what issues are really blocking approval. If we are confident that the people basically know what they are doing then we should not hold them back. With the exception of security issues and licensing issues.

I personally set applications to needs work if the API usage is so painfully wrong or the spaghetti code issues just keep piling up. Fortunately people fix all the things from pareview.sh, so at least we don't have to complain about coding standards anymore.

Naveen Valecha
https://www.valechatech.net

Thanks for the nice feedback!

Posted by heykarthikwithu on March 20, 2016 at 12:14pm
heykarthikwithu's picture

Thanks @naveenvalecha for nice feedback!

I'll keep take care of all your points mentioned by you and I'll use @mpdonadio and @klausi feedback & suggestions in my next reviews.

I will continue my learning, and hope day by day you will see improvements in the reviews :)

Thanks,
heykarthikwithu,
Dream it, Drupal it.

Hey Karthik, thanks for

Posted by klausi on June 15, 2016 at 9:54pm
klausi's picture

Hey Karthik, thanks for starting this!

Would you like to participate in hunting security issues? I just found one and assigned the issue to you: https://www.drupal.org/node/2686277

Let me know if you have any questions! if you don't want to participate that is of course also fine and I'll assign it to someone else :)

Yes, i would like to participate

Posted by heykarthikwithu on June 16, 2016 at 2:03am
heykarthikwithu's picture

Hi Klausi,
Yes, i would like to participate in hunting security issues, And i will work on the issue assigned to me and update :)

Thanks,
heykarthikwithu,
Dream it, Drupal it.

Found an XSS

Posted by heykarthikwithu on June 16, 2016 at 2:30am
heykarthikwithu's picture

I have checked the module, i found an XSS in the video schema field.

Thanks,
heykarthikwithu,
Dream it, Drupal it.

Thanks, nice find! Can you

Posted by klausi on July 1, 2016 at 12:55pm
klausi's picture

Thanks, nice find!

Can you also continue to list your review comments here on the wiki page? That helps us track your progress and the issues that you find.

Thanks again for helping!

Thank you :)

Posted by heykarthikwithu on July 1, 2016 at 4:11pm
heykarthikwithu's picture

Sure, will add the reviews comments in wiki page.

Thanks,
heykarthikwithu,
Dream it, Drupal it.

Code review for security advisory coverage applications

Group organizers

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: