The purpose of this track is to get familiar with how the OSS works by contributing patches to two (assigned to each of you) OSS projects. Each of these projects has been identified as having a vulnerability which is identified in your assignment.
The tasks will be assigned as issues assigned to you personally: please go to https://github.com/CS340-21/oss/issues?q=is%3Aopen+assignee%3Ayourghid to see issues assigned to you. Pay attention to the due date for the corresponding sprint/milestone. That's the date when the assignment is due.
Add yournetid.md in this (oss) folder that contains the following.
Please describe criteria you have used to determine if your OSS projects are still active. Please consider lecture or any other sources.
Please set issue label to Ready to review once done.
Append to yournetid.md in this (oss) folder the following content.
Determine if the projects still accept contributions, note the criteria you have used.
Please set issue label to Ready to review once done.
Append to yournetid.md in this (oss) folder the following content.
Determine if the vulnerability still exists (the file in question has not been changed or, if changed, can it still be exploited). Please note the method you have used and the findings.
Please set issue label to Ready to review once done.
Append to yournetid.md in this (oss) folder the following content.
Produce patches for both projects. Note any issues.
Please set issue label to Ready to review once done.
Append to yournetid.md in this (oss) folder the following content.
Create PRs from these patches; note the links to these PRs.
Please set issue label to Ready to review once done.
Append to yournetid.md in this (oss) folder the following content.
Respond to any questions needed to get patch accepted, like run tests, give evidence that exploit is still possible without a patch, etc. Please note if the responses were needed.
Please set issue label to Ready to review once done.