Forums : Technical Issue Help

"Project Vulnerability Report" (PVR) score: Some initial feedback

Dear Black Duck Team,

As a follow-up to: http://blog.openhub.net/2016/10/project-security/

Congrats on the initiative! This is quite a challenge and will be great to improve security in the Free / Libre / Open Source ecosystem. It's a fantastic complement to the existing data.

How do we report incomplete or incorrect data? Perhaps this could be added to the excellent description at: http://blog.openhub.net/about-pvr/

Please see an example of incorrect source data: https://tiki.org/Open+Hub+Project+Vulnerability+Report

Best regards,

M ;-)
Marc Laporte
http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Marc Laporte 9 months ago
 

Hi Marc;

Thank you so very much! This is very helpful. I'll open a ticket so we can look into this and double check the data we are receiving, how we are processing it, and how we are reporting / displaying it.

 

Hi Marc,

Thank you for your post. Yes, it has been fixed and its LIVE now.

https://www.openhub.net/p/tikiwiki/security

Happy to help!

6de3daa3f91b7169c85df7702b4fb1d4?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
rapbhan 9 months ago
 

Thanks Rapbhan and Peter. That indeed added a whole bunch of missing data points.

I added some more feedback here:
https://tiki.org/Open+Hub+Project+Vulnerability+Report#Feedback_Round_2

Best regards,

Marc Laporte
http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Marc Laporte 9 months ago
 

Hi guys!

I hope you are well.

The data is still incorrect which leads to the assertion of "Many reported vulnerabilities" here:
https://www.openhub.net/p/tikiwiki

Please see release dates here: https://tiki.org/All+Releases

I added some more feedback here: https://tiki.org/Open+Hub+Project+Vulnerability+Report#FeedbackRound2

Best regards,

Marc Laporte - http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
Marc Laporte 5 months ago
 

Thanks for the feedback, Marc. I'll be bringing up with our Knowledge Base team from whom we obtain the raw data that we process into these reports.

 

Hi Marc;

We really dug into this and put the results in a blog post Researching Project Security Data.

 

Post a Response