Automated Source Code Quality Measures Avatar
  1. OMG Specification

Automated Source Code Quality Measures — Closed Issues

  • Acronym: ASCQM
  • Issues Count: 18
  • Description: Issues resolved by a task force and approved by Board
Closed All
Issues resolved by a task force and approved by Board

Issues Descriptions

Missing detection pattern

  • Key: ASCQM11-25
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    'Sanitize User Input used in Expression Language Statement' is missing from the list of detection patterns, it must be added.

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 01:50 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Missing detection pattern

    'Sanitize User Input used in Expression Language Statement' is missing from the list of detection patterns, it must be added.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Limit section 9 to base measure

  • Key: ASCQM11-27
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Limit section 9 to calculation of the base measure and move derived measures to the annexes.

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 02:01 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Limit section 9 to base measure and move section 10 to annexes

    Limit section 9 to calculation of the base measure and move derived measures to the annexes and move section 10 to annexes

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Update Annex B on CWE status

  • Key: ASCQM11-29
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Update Annex B to describe all CISQ weaknesses now being CWEs and remove the paragraph on the Top 25 CWEs since this was for the old Security measure.

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 02:13 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Update Annex B on CWE status

    Update Annex B to describe all CISQ weaknesses now being CWEs and remove the paragraph on the Top 25 CWEs since this was for the old Security measure.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Add 'Purpose' subsection to 6

  • Key: ASCQM11-13
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Add 'Purpose' subsection to introduce objective of section 6

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 19:50 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Add 'Purpose' subsection to 6

    Add 'Purpose' subsection to introduce section 6

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Revise discussion of Quality Measure Element

  • Key: ASCQM11-15
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Remove compliance sentence and add clarification of parent-child CWEs treated as QMEs.

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 19:59 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Revise discussion of Quality Measure Element

    Remove compliance sentence and add clarification of parent-child CWEs treated as QMEs.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Revise numbers of QMEs for each measure.

  • Key: ASCQM11-17
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Revise numbers of QMEs for each measure after recount.

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 20:37 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Revise numbers of QMEs for each measure

    Revise numbers of QMEs for each measure after recount.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Change blue to gray

  • Key: ASCQM11-19
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    To be consistent with ISO formatting, change blue to gray and indicate the new color in paragraphs introducing CWE lists;

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 20:47 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Change blue to gray

    To be consistent with ISO formatting, change blue to gray in tables and indicate the new color in paragraphs introducing CWE lists;

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Correct ISO 25023 misstatement

  • Key: ASCQM11-3
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Correct text to indicate that ISO 25023 contains a few code level measures.

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 02:28 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Correct ISO 25023 misstatement

    Text states ISO 25023 has no code level measures, but a few exist in 25023.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Add detection pattern section numbers to section 7.

  • Key: ASCQM11-21
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Add detection pattern section numbers from section 8 to all detection patterns listed in section 7 to make searching for detection patterns easier.

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 21:04 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Add detection pattern section number to section 7.

    Add detection pattern section numbers from section 8 to all detection patterns listed in section 7.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

repetition of section

  • Key: ASCQM11-1
  • Status: closed  
  • Source: ISEP/IPP ( Alberto Sampaio)
  • Summary:

    The weakness "CWE-1060 Excessive Number of Inefficient Server-Side Data Accesses" is duplicated. Appears in 7.2.10 and 7.2.19

  • Reported: ASCQM 1.0 — Tue, 2 Feb 2021 16:09 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Eliminate duplicate CWE

    CWE 1060 appears twice in Section 7.2. Delete second occurance.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Update Annex D to ASCQM from CISQ

  • Key: ASCQM11-31
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Change references about CISQ measures and weaknesses to ASCQM measures and weaknesses.

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 02:21 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Update Annex D to ASCQM from CISQ

    Change references about CISQ measures and weaknesses to ASCQM measures and weaknesses.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Create Annex C

  • Key: ASCQM11-35
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Create Annex C: Related Quality Measures

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 02:50 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Create Annex C Related Quality Measures

    Create Annex C Related Quality Measures

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Add references and change to 'Bibliography'

  • Key: ASCQM11-33
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Add 2 references, change title to 'Bibliography', and move to end

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 02:40 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Add 2 references, change title to 'Bibliography', and move to end

    Add 2 references, change title to 'Bibliography', and move to end

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Wrong detection pattern for CWE-1075

  • Key: ASCQM11-23
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Incorrect detection patterns were assigned to CWE-1075.

  • Reported: ASCQM 1.0 — Sat, 15 May 2021 01:38 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Wrong detection pattern for CWE-1075

    Correct the detection pattern for CWE-1075 and remove old pattern from list of patterns.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Revise definitions in 4

  • Key: ASCQM11-11
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Revise definitions of 'detection pattern' and 'weakness', add definition for 'weakness pattern', and delete definition for 'software quality measure'.

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 19:41 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Revise definitions in 4

    Revise definitions of 'detection pattern' and 'weakness', add definition for 'weakness pattern', and delete definition for 'software quality measure'.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Remove references to SMM

  • Key: ASCQM11-5
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Structured Metrics Metamodel was not used in this spec. Refereces to it should be removed

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 18:41 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Remove references to SMM

    Remove references to SMM in 4 places

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Add normative reference for ISO 19506

  • Key: ASCQM11-9
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Add normative reference for ISO 19506 and make other edits to reference citations as necessary to increase accuracy.

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 19:17 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Add normative reference for ISO 19506

    Add normative reference for ISO 19506 and make other edits to reference citations as necessary to increase accuracy.

  • Updated: Mon, 4 Oct 2021 17:09 GMT

Change 'must' to 'shall' in Conformance section

  • Key: ASCQM11-7
  • Status: closed  
  • Source: CAST Software ( Bill Curtis)
  • Summary:

    Conformance requires the verb 'shall' rather than 'must'

  • Reported: ASCQM 1.0 — Fri, 14 May 2021 19:08 GMT
  • Disposition: Resolved — ASCQM 1.1
  • Disposition Summary:

    Change 'must' to 'shall' in Conformance section

    Change 'must' to 'shall' in Conformance section

  • Updated: Mon, 4 Oct 2021 17:09 GMT