pear:gsoc:2009

This is an old revision of the document!


Ideas for the Google Summer of Code 2009

Here you'll find a couple of ideas for Google Summer of Code 2009 projects.

Before you submit your proposal, you are encouraged to contact the possible mentors for the project you are applying. If the project hasn't any mentor assigned or if you are submitting an off-list project, please contact one of our mailing lists to discuss the proposal before submitting it -- PEAR-DEV.

Please make sure you read the PEAR Coding Standards when applying.

Your proposal should match our Ideas Template, if you are a student and submitting an idea of your own then you should also include:

  • Name and e-mail
  • Availability: How many hours per week can you spend working on this? What other obligations do you have this summer?
  • Bio: Who are you? What makes you the best person to work on this project? What is your experience with PHP and technologies required for this project ?

PHP_CodeSniffer XSS and SQL security analyzer

Possible mentor: David Coallier

Implement a Cross Side Scripting and SQL Injection security analyzer to find security threats in your “sniffed” code. This being a driver (extension) of PEAR::PHP_CodeSniffer. This tool will generate reports about the threat level, list all the files/lines and variables that are affected and propose solutions to the variable. It will be very helpful to any PHP Developer and will be thoroughly used in the Q&A of PEAR and PEAR2 in general (Commercial tools and outdated tools already exist that serve the same purpose and what this tool would do is bring a new and more advanced aspect to security -- Chorizo, securityscanner, etc)

Deliverables

Midterm

At midterm we are expecting the security scanner to be able to identify cross site scripting and sql injection vulnerabilities. The results should be as accurate as existing solutions if not better.

Final

For the final review we'd expect the reporting functions to be fully reporting all security vulnerabilities by type and a trace of the problem ($x = $_GET['x']; function getName($a) { echo $a; } getName($x);) should trace that the vulnerability has happened because the output was not escaped properly or the input hasn't been filtered).

Replace PEAR's Spreadsheet_Writer_Excel

Possible mentors: Daniel O'Connor

http://pear.php.net/package/Spreadsheet_Excel_Writer is a popular, widely used PEAR package. It is a port of the Perl version. It has 0 test coverage, and is out of sync with the Perl version. It attracts the highest number of bugs.

Either:

  • Investigate re-writing this package from the ground up, with wide test coverage.
  • Investigate alternative spreadsheet authoring classes for suitability of being in PEAR (and reach out to the authors to bring it into the fold)
  • Investigate and document a plan to port over bug fixes and patches.

Base Package for Amazon Web Services and package for Amazon EC2

Possible mentor: Michael Gauthier

Implement a common base class for the Amazon Web Services API. Update the Services_Amazon_S3 and Services_Amazon_SQS packages to depend on the base class. Implement a new package Services_Amazon_EC2 that covers the Amazon EC2 API. These packages will make development of cloud-computing applications easier for PHP.

Deliverables

Midterm

At midterm, the base package should be implemented and ready as a PEAR proposal. Patches to update the existing Amazon SQS and S3 packages should be ready.

Final

For the final review, the base package should be accepted in PEAR. The EC2 package should be fully implemented and should cover all the functionality of the EC2 API. A PEAR proposal Services_Amazon_EC2 should be ready to propose.

The applicant should:

  • be able to program PHP
  • understand object-oriented programming
  • understand the concept of a web-service
  • know what XML is

Google APIs package

Possible mentor: David Coallier

With the new APIs being developed by Google, we need to have updated packages to make use of the performant API from the ability to draw maps to the ability to do ajax searches, get feeds, draw graphs using the visualization API, etc.

See http://code.google.com/apis/ajax/

Deliverables

Midterm

At midterm the student is expected to have tests for each component of the APIs and be advanced in the end user documentation using the PHD documentation tool

Final

The student should be done with the base class and the API child classes for Maps, Ajax Search, Ajax Feed, Visualization API, Language API and Libraries APIs. Each classes should be fully tested and documented and working.

Official PEAR Channel Server

Possible mentor: Brett Bieber

An official channel server within the PEAR repository would be a welcomed addition and would advance PEAR's installation and distribution methods. The current PEAR channel servers are hosted on external servers, and need to be re-worked to a polished PEAR package that is up to PEAR's standards.

Deliverables

Midterm

At midterm the student is expected to have the existing PEAR channel server code up to PEAR coding standards, and ideas on improving the package so it will meet PEAR's standards.

Final

The student should have the Channel Server api complete, fully unit tested, and proposed to PEAR's proposal process.

Extensible source code highlighter

Possible mentor: None, yet

The basic scope of this component is highlighting source code of various programming languages. It is limited to common text based one dimensional programming languages, not designed to also work for esoteric languages. Several existing syntax highlighters already can directly generate HTML syntax highlights, but this is not feasible for all applications.

The approach basically works by using common EBNFs for the definition of the syntax of the scanned programming language, simplification of the resulting AST using sorts and then visiting the simplified AST into different output formats, like HTML or a line based token stream. A more detailed requirements document can be found here: http://k023.de/accent_requirements.txt - the requirements might be required to be adapted to PEAR rules.

Deliverables

Midterm

The scanning of at least one simple EBNF and the parsing of source code files should already be done. The parsing might be implemented using a parser generator or a generic parser.

Final

The Syntaxhighlighting should work for at least some common languages, like PHP, HTML and ECMAScript. HTML and Tokenstreams should be implemented as output formats. Since parsing can be error prone, the component should already have a high code and path coverage.

Optional

Optionally rules for language switches inside of single files, and switches of the parser can be implemented.

Pyrus - The next generation PEAR installer

Possible mentors: Helgi, Brett

This will involve working on Pyrus which is the next generation PEAR installer. PHP 5.3+, namespaces and all the goodies that come with PHP 5.3

pear/gsoc/2009.1236717270.txt.gz · Last modified: 2017/09/22 13:28 (external edit)