rwar VS cve-bin-tool

rwar - My static site generator

My static site generator - rwar is evolving and getting better over time, which means I need to ensure that the code is professional and of high quality! Also, being able to work with testing frameworks and learning them well can help you stand out during interviews. 😃

The very first time I encountered linters and style formatters for Python was during this year's Hacktoberfest. My CI/CD runs kept failing for one particular pull request on GitHub due to errors on black, isort, gitlint. Multiple times. The code was working, but why were my CI/CD runs failing so many times? You can read all about the CI/CD nightmare in this blog. I was frustrated and questioned the need for such checks. Now, I have studied all about pylint to integrate it into my static site generator - rwar. I understand how important it is for code to go through such checks to help spot silly errors that programmers often make and keep the code bug free in the long run, especially when many programmers are working on one big project. Imagine it this way, while typing things on a word document we almost always use a spellchecker to catch typos. Similarly, linters help us catch those silly errors that might snowball into a bigger problem if not addressed on time. They put quality control checks in place. Plus, linters are customizable, allowing us to set rules for the checks we want for our code.

There is so much to learn from Docusaurus. It is a powerful static site generator, packed with amazing features. I envision my own static site generator – rwar - to be as powerful as Docusaurus someday. But then again – I am a one-person team, the sole author of my static site generator getting occasional little help from other teammates in the class, and taking small steps to one day become as feature packed as Docusaurus. But for now, I am taking it slow, learning python as I improve rwar.

Until now I had worked on Rwar – my static site generator written in Python, without paying much attention to ways I could make the code cleaner and easier to read. This week was all about cleaning up my code. I refactored my code by reducing code duplication, extracting functions, removing global variables, and giving better names to my variables. Previously, I had already worked on splitting my code up into multiple files. To do the refactoring of my code, I first created a branch called refactoring and made all my changes on this branch.

To add a new feature to palpatine which is an awesome static site generator written in C++ by Batuhan, I started by filing an issue. While I worked on his repo for adding this new feature, he worked on mine to add the same feature. Here are the detailed instructions for this week's lab. Batuhan also worked on my repo for adding the –config feature for my static site generator, rwar, written in Python. These are awesome repos to check out!

I worked on my partner’s static site generator, rwar, to implement this feature and she worked on my static site generator – palpatine. I was easily able to do this in rwar which is written in Python. However, I realized that this feature was much harder to implement on palpatine which is written in C++. Samina reached out multiple times seeking help for the broken Cmake configurations and for helping in integrating the nlohmann/json library.

This week I learned something new about GitHub – using topic branches! And not just that – I also added two new features to my static site generator, rwar. Rwar is a simple static site generator written in Python and I keep improving it every week by implementing one or two new features, along with updating all its documentation and debugging anything that might have broken in the process. If you are interested in Python, I encourage you to check out rwar. Fork it, clone it and test it out! Building this project paved a path for me to learn Python and trust me I have learned so much in such a short time! The best way to learn something is to start building a project with it. Yes, it requires a greater learning curve, and there is a greater chance of breaking stuff in the process, but through getting hands-on, the learning happens so much faster.

It was great working with Batuhan for this lab again! He was prompt at working on my static site generator Rwar and added markdown support to it as well. He asked me questions whenever he had any through Slack and the entire process went smoothly. Batuhan had previous experience with pull requests and I was able to ask him questions regarding creating branches and PRs.

During PR, we talked over Slack(like almost every developer) and I enjoyed the process. Slack is a great tool for communication and I highly recommend it. It was not something I used to use often, but I noticed it feels much more convenient than any other tool, it supports large files, and screen recordings to be shared, unlike the other tools with limitations on certain sizes. With Samina, we have shared our screens and discussed the implementation. I am confident that we learned a lot from each other. I also implemented similar markdown support into her tool rwar that supports markdown headings. You can see her demo here. The PR I raised was to address issue#6.

intel/cve-bin-tool - 2 pull requests

Intel/cve-bin-tool: There are several issues in this repository that are interesting to me, particularly the ones about creating checkers. I would say it is not very coding-heavy, but it needs a lot of research before doing it.

Whether you contribute small or big chunks of code, being consistent about them carries vital importance. Small contributions to a particular project help you to get familiar with it at first and leads to something bigger. Take a look at some pull requests I have raised to the following projects; withfig, cve-bin-tool, my-photohub, pr-approve-generator.

For my release 0.3 for OSD600, I have to create a pull request for an external repo. The repo I contributed to was cve-bin-tool. This post was late because I had was busy with other commitments and projects compounded with problems finding workable issues. In the future, I would definitely follow my own advice and search for issues early and often. I didn't follow this advice and found myself in this position.

The issue was to fix mypy type issues in __init__.py. I was able to fix the type issues and also added type annotations to the codebase. The project was well documented and I faced no issues running it. Big projects like nodejs, vscode or this, cve-bin-tool all have strict guidelines for contributions. Even on the commit messages get checked when you raise a PR. See one of the commit messages from gitlint in their workflow.

My two PRs for Intel’s CVE-Binary-Tool got merged! These (Fix1 , Fix 2) were my first ever Hacktoberfest merges. These were small contributions but big confidence boosters. I am a beginner in programming, and if I can make small contributions, so can you. From one beginner to another – start small, try your best, trust the process, and ask for help.

So, eventually I started looking for issues rather than repos. I added some labels and details to the search so I wouldn't just look through 83 million issues, and finally found an issue in Intel's cve-bin-tool.

I created two pull requests for Intel’s CVE Binary Tool. CVE Binary Tool is a tool that scans a file for known Common Vulnerabilities and Exposures.

My goal for this year's Hacktoberfest was to contribute to at least one big established company or product in IT. Luckily for me, I landed on a an interesting repo called the CVE Binary Tool. It is an open source tool to help you determine if your system includes known vulnerabilities. It is based of the data from the National Vulnerability Database (NVD) list of Common Vulnerabilities and Exposures (CVEs).