GSoC 2021 discussion thread

[terriko]

CVE Binary Tool intends to participate in GSoC 2021 under the banner of the Python Software Foundation.

Our current idea list is here: https://github.com/intel/cve-bin-tool/wiki/CVE-Binary-Tool-Ideas-Page-for-GSoC-2021 (Ideal requirements for each idea are listed there.)

You can also search for things tagged "gsoc" in github which will give you the relevant issues: gsoc Tasks related to our participation in Google Summer of Code All of our ideas are listed as github issues with the "gsoc" label so that we can have discussions about them easily.

This issue is intended to be a catch all for questions, and I've included the getting started guide below because that answers many questions.

Remember: projects for 2021 are half sized compared to 2020 and earlier (175hr projects instead of 350hr ones), so the project should be scaled down compared to previous years.

Getting Started:

1. Follow the README and make sure you can run the tool. Try running it against random things on your hard drive and see if it finds anything. On a Linux system, your /bin directory usually yields some interesting results.

2. Run the tests. The CVE Binary tool has a number of unit tests. Make sure you know how to run them, and if you've never used pytest before, you might want to read up on it (we also have some tests still using python's unittest, but we're tending towrads pytest for new tests). Figure out how to run a single test!

3. Read the documentation. That should help you figure out what the tool is for and how people use it in more detail.

4. Read the new contributor guide

Some potential first contributions:

1. File issues. You might encounter a bug or something confusing in the documentation. Let us know if you do!
2. Update documentation. We especially appreciate documentation feedback from new users, since your "beginner mind" means you see things differently than experienced users, and will catch places where the documentation could be more detailed or improved.
3. Write a new test. Instructions for writing tests are here. This can be your first contribution!
4. Try fixing a bug. We have a few flagged as "good first issue". A number of those are new checkers, which although they might sound challenging are often pretty easy to write. Instructions on how to add a new checker are here.

We expect prospective GSoC students to have made at least one code contribution if they want their application to be considered, so now's a good time to get that going! You can ask for as much help as you need.

Got stuck?

1. Ask here in this issue! (Or file a new one with your question.)
2. We have a chat server on gitter. That allows for "live" chat but no one's actually sitting there 24/7 so you should expect to post your question and get an answer hours later when someone sees it.

Applying to GSoC:

1. We don't have any recommended project ideas or application templates to recommend yet, but we'll update here when we do!
2. If you think you've got a great idea, this is a great place to discuss it.

[Niraj-Kamdar]

Improving test suits can be a good project for GSoC 2021. We need to do something since package links are changing so frequently and since no of checkers are only going to increase the probability of link failing will increase surely.

[terriko]

@Niraj-Kamdar I'm hoping to have the test suite fixed before gsoc starts (target: 2.2 release in early 2021). @pdxjohnny was going to take a look at it and has a partial solution in 7e0ca18

[terriko]

Which isn't to say that there couldn't be other test-suite related improvements (we still could use some performance tests, for example), just that the package links changing issue should be resolved (or at least well on the way to resolved) before gsoc projects are submitted.

[samonfire-adm]

What are the requirements for developer as if the requisite for the developer

[terriko]

@samonfire-adm General requirements: knowledge of python, github, ability to learn some command line tools, and good communication skills so you can read documentation and ask questions if you get stuck. Additional "ideal student" lists are available in the ideas list: https://github.com/intel/cve-bin-tool/wiki/CVE-Binary-Tool-Ideas-Page-for-GSoC-2021

[terriko]

Closing this thread since GSoC 2021 is already underway. I'll open a new one for 2022 if it's announced!