Odyssey - Updates and Fixes

Key Information

The challenge is finished.

Challenge Overview

The Odyssey Audit Tool helps our client to create code audit reports for projects hosted on GitHub. Topcoder community is engaged into the on-going development and maintenance of the tool. In this challenge you will implement various improvements and fixes requested by the client.

Technology Stack

The tool is written in Ruby.

Code Access

The latest codebase version is provided in the challenge forum, as a zipped archive of the clonned Git repository. Please, remember that the code is proprietary, and must not be used or shared outside of this challenge’s context, as per the Standard Topcoder Terms of Use. You will work out of the commit a3c8fb0b39c6dcb518846e6362d0b95147ed0833.

Individual Requirements

For the scoring purposes, all requirements are considered as major. Small bugs in their implementation can be scored under minor requirements section.

  1. Move templates and static content to a separate repo.

    Ensure that audit templates and static content are served from a separate repository (https://github.com/ConsenSys/Audit-Templates, the latest version is provided in the codebase archive). Odyssey should include Audit-Templates project as Git-submodule, and it should be hidden from the end user; i.e. the Audit-Templates submodule should be automatically installed during Odyssey installation, and it should be updated to the latest master version when Odyssey is started with -i flag. There should be no need for the end user to call Git commands explicitly to install / update Audit-Templates sub-module.

  2. Odyssey update mechanism.

    It should be possible to update Odyssey to the most recent stable version by executing odyssey -u command. The latest version should be pulled from the Odyssey Git repository and installed. Users should be notified if they are using an outdated version.

  3. Generation of stand-alone Markdown reports.

    Implement odyssey --export FILENAME.MD command which will save chapters 2 and 3 of the audit report into the FILENAME.MD Markdown document, with two changes in the exported report:

    - It will replace images like <img height="30px" src="static-content/medium.png"/> and <img height="30px" src="static-content/open.png"/> by bold text Medium and Open.

    - It will remove issue hyperlinks to the audit repo, i.e. it will exclude the Link column from the issue status table.

  4. Improvements of audit initialization flow.

    Ensure that audit initialization with odyssey -i command follows this script:

    $ odyssey -i

    Enter the client name:

    Creating client audit report repository at https://github.com/ConsenSys/0x-audit-report-2018-09 are you ok with that? (y/n)
    y # create it
    n # echo: ok, you will need to specify the repo in the config.json file afterwards

    Creating internal audit repository at https://github.com/ConsenSys/0x-audit-internal-2018-09 are you ok with that? (y/n)
    y # create it, and go to next step.
    n # echo "ok, you will need to specify the repo in the config.json file afterwards."
      # echo "skipping TODO issues creation. This can be done afterwards using the -t flag.

    Enter the GitHub repo containing TODO issues. Enter blank for default https://github.com/ConsenSys/todo-audits:  |https://github.com/ConsenSys/todo-audits|

    It should add the following properties into config.json file:

    { "client_name": "0x", "client_audit_report_repo": "https://github.com/ConsenSys/0x-audit-report-2018-09", "internal_audit_repo": "https://github.com/ConsenSys/0x-audit-internal-2018-09", "github_todo_audit_repo": "https://github.com/ConsenSys/todo-audits" }

    Important here:

    - The two created repositories should be inside ConsenSys org, private, and all members of diligence team should be invited with admin access.

    - Labels and Todos are created in the internal_audit_github_repo repository.

    - The project config is created in the client_audit_report_repo.

    - The tool should be able to parse repository URLs in this format: git@github.com:maurelian/labels.git

  5. Issue numbers in the reports.

    Add GitHub issue numbers to the issues listed in Chapter 3, like this:

  6. Fix problems with URIs added to the reports:

    - Support for missing hyphern in line highlight URIs. This is a valid URL for a code block: https://github.com/ConsenSys/0x_audit_2018-07-23/blob/a05b14e4d9659be1cc495ee33fd8962ce773f87f/packages/contracts/src/2.0.0/tokens/EtherToken/WETH9.sol#L47L49 However, in the Odyssey reports it turns into (no L49 in the end of URL). [packages/contracts/src/2.0.0/tokens/EtherToken/WETH9.sol:L46](https://github.com/ConsenSys/0x_audit_2018-07-23/blob/a05b14e4d9659be1cc495ee33fd8962ce773f87f/packages/contracts/src/2.0.0/tokens/EtherToken/WETH9.sol#L47)

    - URLs that contain commas and dots are not formatted properly in the reports.

  7. Add “finding” label to the set of labels created by Odyssey in audit repos.

  8. Fix / update broken tests. Add new tests, if necessary to maintain test coverage at the same level.

In case of any doubts, do not hesitate to ask questions in the challenge forum.


Final Submission Guidelines

Submit a Git patch against the commit mentioned in the Code Access section, along with a brief verification video for convenience of reviewers, and step-by-step notes on how to verify implemented features.


Topcoder Open 2019


Final Review:

Community Review Board


User Sign-Off


ID: 30073002