[D7] Stumblr theme

Hi, Projects with review bonus gets more preference compare to the once that don't have a review bonus. To know more about review bonus please visit http://drupal.org/node/1975228. Please help reviewing and put yourself on the high priority list then folks will start looking at this application. You can also request you colleagues (or) local community members to review this application.

Please look @ the PAReview link below there are issues you need to fix them

PAReview : http://pareview.sh/pareview/httpgitdrupalorgsandboxrhabbachi2203911git

changing status as there issue which needs to be fixed

There are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxrhabbachi2203911git

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

You should only have the install profile stuff in your repository, not a full copy of drupal. See https://drupal.org/node/159730

1. Fix https://drupal.org/node/1015226 - your branch should be named 7.x-2.x not 7.x-2.x-dev
2. pareview has many errrors but they are all in features exports, SASS -> CSS compiled files and external libraries downloaded by the make file

• Dependencies are not detailed-out in Readme (or) Project Description page.
• README.txt : Your project is missing this. Its advisable to have a readme file. This file should contain a basic overview of what the module does and how someone may use it. Guidelines for in-project documentation.
• PAReview : There are issues reported related to coding standard related. These are not application blockers but its nice to clean them up, if you have time. Ref : Drupal Coding Standards

Please manually review 3-4 Projects & have a review bonus tag added to your application. Project applications with review bonus always get priority
Also please go thru the application submission checklist which would be of great help.
Additionally you can also check Apply for permission to create full projects page for clear instruction on how to have your project description updated.

Once you are done with necessary changes please change the status to Needs Review so that other contributors would start looking at this project. Also when you are done with

@rhabbachi, while going through your code, came across these below minor issues:

1) Consider removing the extra single space at the end of L78 respectively in page.tpl.php & page--comment--reply.tpl.php files. As per https://drupal.org/coding-standards "Lines should have no trailing whitespace at the end."

2) Besides, the line "engine = phptemplate" in .info file is no longer necessary because PHPTemplate is assumed by default in D7. - https://drupal.org/node/171205#regions

@rhabbachi that is correct.

Bump. Could we get this approved? It's reviewed and tested by three people and ready to go.

Bump. It's been 3 months since this application was made. The code is reviewed by 3 people and this project is ready to be approved.

Bump. Any chance on getting this approved? It's almost 4 months since this application was made and this has been RTBC for 3 months now

3rd party code/content

No:

The theme/module comes bundled with a lot of third party material (e.g. stumblr.normalize.css and most of the JavaScript under libraries).

Third party code/content/assets is not generally allowed on Drupal.org and should be deleted.

However, it may be that the licenses in question are so-called GPL-compatible licenses. If so, the assets and their licenses should be listed README.txt along with a statement that these are GPL-compatible licenses. Assets with GPL-compatible licenses are usually allowed, but explicit permission to use such assets is still required per policy.

This policy is described in the 3rd party libraries and content on Drupal.org. It also appears in the Drupal Git Repository Usage policy you agreed to when you signed up for Git access, which you may want to re-read, to be sure you're not violating other terms.
The Libraries API module is a recommended method for adding 3rd party dependencies without directly including the code on Drupal.org.

Please note that stumblr.normalize.css located in http://cgit.drupalcode.org/sandbox-rhabbachi-2203911/tree/themes/stumblr... is made available under the MIT license. This license may be compatible with GPL V2+, but the current Drupal.org git policy require all third party content must be explicitly approved by Drupal.org webmasters to be hosted on Drupal.org. There is no record of approval being in place for this particular project.

Moving it out to a .make file does not resolve the issue, as long as the file it stays in the repo it is hosted on Drupal.org, and that is currently not allowed.

Please also note that only a webmaster can grant approval, not a reviewer.

This policy is described in the 3rd party libraries and content on Drupal.org. It also appears in the Drupal Git Repository Usage policy you agreed to when you signed up for Git access, which you may want to re-read, to be sure you're not violating other terms.

Yes, I know there are plenty of other projects hosted on Drupal.org that violates this policy, but I am not reviewing any of those projects. I am reviewing yours, and as a reviewer I must follow this template: https://groups.drupal.org/node/427683 .

To pass review, I must be able to put "Yes" next to the item: Follows the guidelines for 3rd party code. Here are link to the guidelines again: https://www.drupal.org/node/422996 .

This theme is now in compliance with the official Drupal.org policy, can someone please approve it?

Dump - This is now 6 months old and ready to be approved.

Bump. Any chance of an approval?

Bump. It has been almost 8 months since this application. Is there any chance of getting this approved?

As @PA robot said:

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

manual review:

1. After installation: Fatal error: Can't use function return value in write context in profiles/stumblr/themes/stumblr/templates/node/node--stumblr-post.tpl.php on line 113
2. node--stumblr-post.tpl.php: do not create link markup yourself, use uel() or l() instead.
3. node--stumblr-post.tpl.php: this looks vulnerable to XSS exploits. I could not test it because the installation would give me the PHP fatal error, but it looks like your are printing the tag names unsanitized to HTML. If I enter <script>alert('XSS');</script> as term name I'm sure this would result in a nasty javascript popup. You need to sanitize all user provided content before printing, make sure to read https://www.drupal.org/node/28984 again. In your case that would mean preparing and sanitizing the term names and links in a preprocess hook and then only printing the prepared variables in the template. And please don't remove the security tag, we keep that for statistics and to show examples of security problems.
4. node--stumblr-post.tpl.php: $formatted_date is never used?

Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.

Looks RTBC to me now.

Assigning to er.pushpinderrana as he might have time to take a final look at this.

I read through `git diff bd7abfc ..` and did a manual scan, and didn't see anything major.

I tested functionality of this with different - 2 scenario including XSS but only in one case, I found following notices are coming other than this it worked as expected.

• Notice: Undefined variable: user_picture in include() (line 82 of C:\xampp\htdocs\drupal\profiles\stumblr\themes\stumblr\templates\comment\comment.tpl.php).
• Notice: Undefined variable: form_title_attributes in include() (line 51 of C:\xampp\htdocs\drupal\profiles\stumblr\themes\stumblr\templates\comment\comment-wrapper.tpl.php).

That are not application blockers, so...

Thanks for your contribution, rhabbachi!

I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.

Here are some recommended readings to help with excellent maintainership:

• Dries' post on Responsible maintainers
• Best practices for creating and maintaining projects
• Maintaining a drupal.org project with Git
• Commit messages - providing history and credit
• Release naming conventions.
• Helping maintainers in the issue queues

You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!

Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

Thanks to the dedicated reviewer(s) as well.