The Rest of our Mentor: He has been so good to us, the meetings we usually had on one to one with my college @kdaud the knowledge and different ideas of handling issues, it was amazing experience , but there is hope for us, Want to thank the entire community for the love you showed to us ,the family as well, Nevertherless work should still continue because we have hope to see the man again . Thanks to @ibacher @dkayiwa who are helping in reviews and guidance as well.
In the last couple of weeks, i have been able to finish most of the pending tasks which some were still failing on bamboo, i must say am still looking at the few which are breaking on bamboo after merge, but hopefully this should be resolved soon , Have been able to resolve a couple of tests and many got merged some are in code reviews.
Have also been able to update both E2E automated tasks that have been pending and both are in code review presumable they might get merged in master lately this week, Still looking forward to get more E2E tasks which can be created to add more Coverage .
Security Issue automated updates: For automated xss vulnerabilities, Am still working towards to have more xss issues written beginiging with RATEST-168 which is under review still and am hoping it might get merged soon this week, thanks to @ibacher @dkayiwa @isears who are reviewing this.
Some Pain Points to rectify while handling Each automated xss vulnerability
1. Handling xss vulnerabiity automated test require a new xss vulnerablity sheet: This means For an xss vulnerability to be automated , the vulnerability should be with in the system, Inotherowords it should not have been fixed.
- Handling these tests should require a clear description of an xss patch to have its pre written automated tests with in the system.If an xss is already patched it is tricky for us to be to patch that vulnerability, so the better way is to pick a new un patched vulnerability .
**Good News and Promising progress: We have already picked some xss patches we will be handling in the next couple of coming weeks, These patches are now clear to be handled since we can as well patch the already fixed xss vulnerability while following the procedures being given on specific patches.Thanks Again for Gsoc security Team who are working on some patches cc @gracebish who is working on xssPhoneNumber patch and some are looking forward to joining qa team , thanks to @dkayiwa @ibacher @isears for the reviews. cc @dkayiwa @jennifer @isears @ibacher @grace @christine , i still believe we need to have more conversations on this probably on our qa calls or Pm calls
More volunteers on board: We still need more volunteers who are interested in handling security vulnerability automated issues to get on qa board because our goal is to leverage automated xss patches to a require coverage.
In the next coming weeks:
Continue to check the unfinished work with in reference applicationdistribution-uitests to increase our testing coveragewhile handling them , Handle and fix all the un written feature files with the help of our qa support technical team with in qaframework ,Pull request to handle this is already on our qa board RATEST-171
Start on handling MFE automated tests using cypress language thanks to @jayasanka @jwnasambu @hadijah315 @suruchi for great work and great improvements on these written tests.
Have attended weekly calls for quality assurance support Team , Participated in the last mini showcase thanks to @kdaud whom we gathered our presentations together, Helped others on talk ,slack, and irc ,Helping the release manager to finish his work and am confident he is pushing on well cc @herbert24 .
Thanks to the quality assurance support Team for the mile stone and support cc @kdaud @insookwa @gracebish @jayasanka @hadijah315 @suruchi @irenyak1 @jwnasambu @parth59 @jnsereko for the awesome contributions Looking forward to continue work together .Thanks
cc @jennifer @grace