Argonne National Laboratory

Experimental Physics and
Industrial Control System

2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  <20162017  2018  2019  2020  Index 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  <20162017  2018  2019  2020 
<== Date ==> <== Thread ==>

Subject: CII Best Practices Badge Status
From: Andrew Johnson <anj@aps.anl.gov>
To: EPICS core-talk <core-talk@aps.anl.gov>
Date: Mon, 5 Dec 2016 16:31:12 -0600
We're very close to getting this badge, now 97% there:
    https://bestpractices.coreinfrastructure.org/projects/227
I added the badge link to the
http://www.aps.anl.gov/epics/base/index.php page.

The following mandatory items remain unmet:

> Basics : Other
> 
> Requirement:
> The project sites (website, repository, and download URLs) MUST
> support HTTPS using TLS.
> Detail:
> 
> Project's Comments:
> The Launchpad pages and Bazaar repository and the main website's
> wiki and downloads areas are available using HTTPS; other purely
> informational parts of the main website are currently HTTP-only.

> Analysis : Static code analysis
> 
> Requirement:
> At least one static code analysis tool MUST be applied to any
> proposed major production release of the software before its release,
> if there is at least one FLOSS tool that implements this criterion in
> the selected language.
> 
> Project's Comments:
> Some of the static analysis tools that we have tried in the past were
> not able to work properly with the EPICS Build system, and some of
> our code constructs can also confuse static analysis tools. When we
> have time we will try some newer tools.


I am working on #1. I should be able to switch the whole website to our
https: server with comprehensive redirects from the http: server
relatively easily, but have to ensure that the mailing list archive
configuration gets switched at the same time so I have to coordinate
that with a couple of guys in our IT group.

Does anyone have recent experience with static code analysis tools?
There are examples and links under the "show details" area for this
section of the Best Practices page. I could use some help here.

- Andrew

-- 
Arguing for surveillance because you have nothing to hide is no
different than making the claim, "I don't care about freedom of
speech because I have nothing to say." -- Edward Snowdon

Replies:
Re: CII Best Practices Badge Status Michael Davidsaver

Navigate by Date:
Prev: Re: strnlen? Andrew Johnson
Next: Re: CII Best Practices Badge Status Michael Davidsaver
Index: 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  <20162017  2018  2019  2020 
Navigate by Thread:
Prev: Re: strnlen? Andrew Johnson
Next: Re: CII Best Practices Badge Status Michael Davidsaver
Index: 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  <20162017  2018  2019  2020 
ANJ, 05 Dec 2016 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·