OWASP Joomla Vulnerability Scanner Project Assessment Criteria

Alpha Release Tool Criteria
Blank Alpha Release Tool Example

Pre-Assessment Checklist: Yes. http://www.owasp.org/index.php/Key_Project_Information:OWASP_Joomla_Vulnerability_Scanner_Project Yes. GPL version 3. Yes. https://joomscan.svn.sourceforge.net/svnroot/joomscan/trunk Yes. Yes. http://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project_-_Roadmap
 * Is this release associated with a project containing at least the Project Wiki Page Minimum Content information?
 * Is your tool licensed under an open source license? (see Project Licensing section of the Guidelines for OWASP Projects)
 * Is the source code and any documentation available in an online project repository? (e.g. Google Code or Sourceforge site)
 * Is there working code?
 * Is there a roadmap for this project release which will take it from Alpha to Stable release?

Beta Release Tool Criteria
Blank Beta Release Tool Example

Pre-Assessment Checklist: Yes. Yes. Yes. - Project Release Name - Short Description - Project Release Lead and contact information (e.g. email address) - Project Release Contributors (if any) - Project Release License - Project Release Sponsors (if any) - Release status and date assessed as Month-Year e.g. March 2009 - Link to OWASP Project Page Yes There is no need for it because the tool is written in interpreted language. Yes.
 * Are the Alpha pre-assessment items complete?
 * Is there an installer or stand-alone executable?
 * Is there user documentation on the OWASP project wiki page?
 * Is there an "About box" or similar help item which lists:
 * Is there documentation on how to build the tool from source including obtaining the source from the code repository?
 * 1) Is the tool documentation stored in the same repository as the source code?

Stable Release Tool Criteria
Blank Stable Release Tool Example

Pre-Assessment Checklist: Yes Yes There is no need for it because the tool is written in interpreted language. Yes. https://lists.owasp.org/mailman/listinfo/owasp-joomla-vulnerability-scanner Yes. http://www.owasp.org/index.php/OWASP_Joomla_Vulnerability_Scanner_Limitations#Limitations_on_Current_Release
 * Are the Alpha and Beta pre-assessment items complete?
 * Does the tool include documentation built into the tool?
 * Does the tool include build scripts to automate builds?
 * Is there a publicly accessible bug tracking system?
 * Have any existing limitations of the tool been documented?