Hi Mark, As I have mentioned, I have done the integration with apache-fineract. I have faced with the following problems. Please see the updated PR at https://github.com/ThisuraThejith/incubator-fineract/pull/2
1) The task takes more than half an hour at times to complete. 2) The result is a set of xml format files. We need to find out a way to show the results graphically. That will help the developers to identify the security vulnerabilities easily. Currently, I have integrated it as a gradle task. Since it takes a lot of time to complete, didn't include in the build task. It would be nice if we can discuss on the above improvements and start working on that. Thanks & Regards On Wed, May 17, 2017 at 10:54 PM, Mark Reynolds <[email protected]> wrote: > Thisura, > > Yes, we can move ahead with the plan. > > > On Mon, May 15, 2017 at 8:11 AM, Ed Cable <[email protected]> wrote: > > > Mark, > > > > Can you please review the previous email of Thisura's so he can proceed > > ahead. > > > > Ed > > > > On Sun, May 14, 2017 at 9:47 PM, Thisura Philips <[email protected]> > > wrote: > > > >> Hi all, > >> > >> Shall we move on with the above plan? Any suggestions from the community > >> are highly appreciated. > >> > >> > >> > >> > >> On Wed, Apr 19, 2017 at 7:00 AM, Thisura Philips <[email protected]> > >> wrote: > >> > >> > > >> > Hi all, > >> > > >> > I have done a POC for the $ubject at github > >> > <https://github.com/ThisuraThejith/incubator- > fineract/tree/develop-TOIF > >> > > >> > [1]. The change set it shown at here > >> > <https://github.com/ThisuraThejith/incubator-fineract/pull/1> [2]. > >> Please > >> > review this and let me know your ideas to improve the integration. As > of > >> > now I have done the following things. > >> > > >> > > >> > - > >> > > >> > Added toif directory into fineract-provider which includes > >> > - report (folder which includes the TOIF reports) > >> > - housekeeping > >> > - toifscan.py > >> > - > >> > > >> > Added two TOIF adapters for Findbugs and JLint > >> > - > >> > > >> > Added gradle task to manually run after gradle build. Later we can > >> add > >> > it as a task which will run automatically run after build. > >> > > >> > (Only 6 reports files for scanning two classes attached since there > are > >> > lot of files after scanning) > >> > > >> > > >> > Going forward, we can do the following improvements. > >> > > >> > > >> > * Move the reports in the report folder(mentioned above) into > >> > build/reports/toif. > >> > > >> > * Run the gradle task "toif", at the end of the build. > >> > > >> > > >> > Please let me know your ideas to improve the integration. > >> > > >> > > >> > > >> > [1] https://github.com/ThisuraThejith/incubator-fineract/tree/ > >> develop-TOIF > >> > [2] https://github.com/ThisuraThejith/incubator-fineract/pull/1 > >> > > >> > Thanks & Regards > >> > -- > >> > T.T.C Philips (BSc.Eng (Undergrad)) > >> > Computer Science and Engineering, > >> > Sri Lanka Institute of Information Technology(SLIIT) > >> > > >> > > >> > > >> > > >> > >> > >> -- > >> T.T.C Philips (BSc.Eng (Undergrad)) > >> Computer Science and Engineering, > >> Sri Lanka Institute of Information Technology(SLIIT) > >> > > > > > > > > -- > > *Ed Cable* > > President/CEO, Mifos Initiative > > [email protected] | Skype: edcable | Mobile: +1.484.477.8649 > > <(484)%20477-8649> > > > > *Collectively Creating a World of 3 Billion Maries | *http://mifos.org > > <http://facebook.com/mifos> <http://www.twitter.com/mifos> > > > > > -- T.T.C Philips (BSc.Eng (Undergrad)) Computer Science and Engineering, Sri Lanka Institute of Information Technology(SLIIT)
