SpoC 007 - Orizon Project - Progress Page

News
11st October 2007 - Dawn engine is now operative. It creates helper applications from Java methods, it compiles them, it runs them and collecting their output it scans it for XSS attack pattern to appear. Further improvement will follow asap :) 22nd August 2007 - Orizon release 0.40 is available at sourceforge site. This is an important milestone in the development process. Safe coding recipes APIs are working and the class handling source code being reviewed is now capable of applying a check over the source code xml representation. In fact, static code review is possible by now.

13th July 2007 - The project status as Spoc 2007 start is summarized in the following:  java sources are translated into XML using JDK6 APIs; Orizon classes are in a refactoring stage in order to reflect a better approach in design phase; library containing checks is now a Zip file instead of a plain XML file. The library file will contain "receipts", XML files containing security checks grouped by category.  What is missing by now is some checks. I'm looking the web in order to collect "coding best practices" and trying to formalize them in XML.