-
Notifications
You must be signed in to change notification settings - Fork 5
Exploring RISCOSS platform
The RISCOSS project provides a public deployment with limited functionalites to explore the kind of results provided by the platform.
The risk analysis results can be explored using the public deployment with no registration. This public deployment provides a limited risk results based on the data that the platform can gather from projects in github repository.
The public version is feeded with projects hosted in GitHub repository. For submitting new projects to the public deployment, the RISCOSSS user needs to register.
http://riscossplatform.ow2.org/riscoss/wiki/githubanalyser/
Any user (no registration required) can see the list of current OSS Components
Choosing one of the OSS projects, the platform shows the basic risk analysis results. Going down in the page, you can also show the data gathered from the OSS project needed to calculate these risks.
Basic risk analysis assess about:
- Obsolescence: This type of risk mainly refers to the lack of activeness of the development community, which causes the risk of the software component being out-of-date.
- Analysability: This type of risk refers to the (lack of) quality of the software to be easily understood from the adopter.
- Bugs: this risk mainly refers to the presence of bugs that are not fixed in a given amount of time
- Maintenance: refers to the existence of one or more of the above risks .
For analyzing these risks, the platform is gathering information only from GitHub, for example the number of contributors, the size of the project, the number of watchers or the number of open issues.
In this risk analysis results, you can see that there are positive and negative evidence for having the first 2 risks and only positive of having the last 2.
If some user wants to include one project from the GitHub, s/he needs to register in the public domain and log-in (buttons at the bottom of the home page).
Once, the user logs in, new entities can be created. Registered users also can give us some feedback and provides some expert knowledge assessing risks (options on the top of the home page).
In order to create a new OSS project in the public domain of the platform, there is only one requirement. The project must be released in the GitHub site. The GITHUB REPOSITORY field should be filled using the git file that you would use if you close the repository, for example: https://github.com/RISCOSS/riscoss-platform-core.git
You can get this URL from the github.com site (HTTPS clone URL).
After clicking the CREATE button, you can add some details about the OSS Component, e.g. a description, you can also can change the frequency for the data collector collecting data, the default value is monthly.
It the time to explain that the data collectors are run automatically by the platform according to this configuration. In order to have the data updated in case the user wants to rerun the analysis in the future.
The OSS project is stored in the platform using the SAVE & VIEW button at the bottom of the form.
Once the new OSS project is created, the platform automatically runs the data collector in order to get the data from the GitHub. In the field Time Last collected appears the label Running… meanwhile the data collector is collecting data.
Note: This operation can take some minutes.
When the data collection is finished, the Time Last Collected is filled with the current date/time.
The user can run the risk analysis using the RUN SIMPLE ANALYSIS button at the Basic Risk Analysis section.
Getting the results for this component using the data from GitHub.
This entity is now part of the public domain, so any non-register user can see the results for this OSS project.
RISCOSS Governance
Get Involved
How to read analysis results
How to manage domains
How to manage assets
How to manage risk configurations
How to manage risk sessions
How to configure entities import file
How to contribute
How to setup RISCOSS workspace
How to build RISCOSS platform
How to deploy RISCOSS platform