Forums : Technical Issue Help

"Project Vulnerability Report" (PVR) score: Some initial feedback

Dear Black Duck Team,

As a follow-up to: http://blog.openhub.net/2016/10/project-security/

Congrats on the initiative! This is quite a challenge and will be great to improve security in the Free / Libre / Open Source ecosystem. It's a fantastic complement to the existing data.

How do we report incomplete or incorrect data? Perhaps this could be added to the excellent description at: http://blog.openhub.net/about-pvr/

Please see an example of incorrect source data: https://tiki.org/Open+Hub+Project+Vulnerability+Report

Best regards,

M ;-) Marc Laporte http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Marc Laporte 6 months ago
 

Hi Marc;

Thank you so very much! This is very helpful. I'll open a ticket so we can look into this and double check the data we are receiving, how we are processing it, and how we are reporting / displaying it.

 

Hi Marc,

Thank you for your post. Yes, it has been fixed and its LIVE now.

https://www.openhub.net/p/tikiwiki/security

Happy to help!

6de3daa3f91b7169c85df7702b4fb1d4?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
rapbhan 5 months ago
 

Thanks Rapbhan and Peter. That indeed added a whole bunch of missing data points.

I added some more feedback here: https://tiki.org/Open+Hub+Project+Vulnerability+Report#FeedbackRound2

Best regards,

Marc Laporte http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Marc Laporte 5 months ago
 

Hi guys!

I hope you are well.

The data is still incorrect which leads to the assertion of "Many reported vulnerabilities" here: https://www.openhub.net/p/tikiwiki

Please see release dates here: https://tiki.org/All+Releases

I added some more feedback here: https://tiki.org/Open+Hub+Project+Vulnerability+Report#FeedbackRound2

Best regards,

Marc Laporte - http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Marc Laporte about 1 month ago
 

Thanks for the feedback, Marc. I'll be bringing up with our Knowledge Base team from whom we obtain the raw data that we process into these reports.

049bd3661c12b17c38ebc8df6570fd8a?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Peter Degen-Por... about 1 month ago
 

Hi Marc;

We really dug into this and put the results in a blog post Researching Project Security Data.

 

Post a Response