Changes between Version 2 and Version 3 of OpenVPN_QA


Ignore:
Timestamp:
06/29/11 11:56:50 (11 years ago)
Author:
Samuli Seppänen
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • OpenVPN_QA

    v2 v3  
    33This page outlines the efforts taken to maintain OpenVPN's quality without excessive compromises on development speed.
    44
    5 = Static whitebox testing =
     5= Static testing =
    66
    7 Static whitebox testing usually refers to [http://en.wikipedia.org/wiki/Static_code_analysis Static code analysis], which is baked in into our [DeveloperDocumentation development process] in the form of mandatory ACK process every patch has to go through. In addition, OpenVPN codebase is scanned using [http://scan.coverity.com/ Coverity Scan] which can detect many potential security vulnerabilities.
     7Static testing usually refers to [http://en.wikipedia.org/wiki/Static_code_analysis Static code analysis], which is baked in into our [DeveloperDocumentation development process] in the form of mandatory ACK process every patch has to go through. In addition, OpenVPN codebase is scanned using [http://scan.coverity.com/ Coverity Scan] which can detect many potential security vulnerabilities.
    88
    9 = Dynamic black-box testing =
     9= Dynamic testing =
    1010
    11 Dynamic black box testing means trying out an application and verifying if it works as intended. In closed-source software development which is organized around the [http://en.wikipedia.org/wiki/Waterfall_model waterfall model] there are usually dedicated testers who do various scripted or intuitive tests to verify an application works as intended, usually just before launch. In complex applications such as OpenVPN testing even a small fraction of functionality would be impractical and very costly. However, in [http://en.wikipedia.org/wiki/Lean_software_development Lean software development] methodologies such as [http://en.wikipedia.org/wiki/Scrum_%28development%29 Scrum] and community-driven OSS development this kind of dedicated testing effort is unnecessary.
     11Dynamic (black-box) testing means trying out an application and verifying if it works as intended. In closed-source software development which is organized around the [http://en.wikipedia.org/wiki/Waterfall_model waterfall model] there are usually dedicated testers who do various scripted or intuitive tests to verify an application works as intended, usually just before launch. In complex applications such as OpenVPN testing even a small fraction of functionality would be impractical and very costly. However, in [http://en.wikipedia.org/wiki/Lean_software_development Lean software development] methodologies such as [http://en.wikipedia.org/wiki/Scrum_%28development%29 Scrum] and community-driven OSS development extensive, dedicated testing effort is in general just a waste of time. That said, a minimal amount of dedicated testing (a.k.a. [http://en.wikipedia.org/wiki/Smoke_testing smoke testing]) goes into each release,
    1212
    1313In OpenVPN (and most other open source projects), the stability of stable releases (e.g. 2.1, 2.2) is ensured with ''real-life testing'' by it's users during development, alpha, beta and rc phases. Even though only a small subset of users will be running the development code or "unstable" releases, they will be able to catch the most obvious issues. As compiling OpenVPN from development code (in Git) is somewhat difficult - especially for Windows users - "unstable" releases are pushed out as fast as possible; this allows more people to test the releases, report bugs and fix issues, so that new releases can be made quickly.