I am really happy. I passed the Google Summer of Code 2008 mid-term evaluation! This means that I get to finish my project patch management portal. I want to thank Dave, my mentor for give me the opportunity to continue working on the project.
This is a quick report of all the work made until this point.
May 26 – June 1: Tables used on the project were created and integrated into the OSVDB schema. Use cases were defined.
I created an MVC to manage patches. So the base_patches_controller.rb allow us to manage all the actions related to patch submission. I was testing the code and submitting my first patches and all their relevant information and things are going quite well.
So, principal functions were created. You can submit general information about a patch, also associate it with a vendor/product/version, associate it with an author, vulnerability and add a patch rating.
These are the principal actions (methods). However, more actions will be created this week, specially for ratings and vulnerabilities.
General: create edit update destroy
Ratings: addpatchrating updatepatchrating
Products: addvendor showversions
Credits: adduthor update_author deleteauth
Vulnerabilities addvuln deletevuln
I also created and MVC for base_patch_rating_levels. So, it is possible to CRUD patch_rating_levels.
I just worked in models creating maping objects (Has many, belongs_to, has_and_belongs_to), but didn’t work on validations yet. I expect to work in views at the end of this week. (This is HTML and CSS work).
June 18-30: We have the core of Patch Management Portal written. Patches are linked to vulnerabilities and shown in the home page.
-Main views for patches were created.
-Optimization in the database tables.(indexes)
-Active and fragmet caching in some pages and methods.And a patch sweeper created.
-Moderator nav modified to submit a patch and to C,R,U,D rating levels with Active scaffold.
-Home page modified to show “Latest OSVDB Patches” (similar functionality to vulns) with Printer,normal and popup views.
-Validations added to models.
July 01-07: Working on file submission.
This is really important because users can submit a file for everybody to download. So, it is more easy for mostly users to apply the patch just by reading the short-technical description and downloading the file(code).
July 13: File Submission finished. Users can add/delete files related to patches.
You can see my work in progress here in the project wiki and also take a look at my mid-term evaluation. Later on I will be publishing the source code.
I expect to finish the project successfully and be part of the development team.