GSoC 2022 Completion Report @OWASP
- Before you start...
- Overview
- Statistics
- Documenting my Experience
- Pull Requests merged
- Issues closed
FireworksSideworks- Improvements
- Challenges faced
- What have I learnt?
- Future Scope
- A Thanks to my Mentors
- Conclusion
All the project's code is at https://github.com/Bugheist/Flutter. I've described my contributions below.
Getting selected into GSoC as a contributor has been one of, if not the best moment of my life, and that too at OWASP, one of the best orgs in open-source security! To start with project details. My aim was to close all the 31 issues present on the repo as of May 20, 2022. To say, the least the issues encompassed re-developing a whole app, with much needed UI changes. Despite facing various challenges, I'm glad to say that I had overcome the no. 31 by this journey's end, proudly standing at 36 and also doin' various additional work!
I don't want to bore you with long texts of my experience, so here are some stats of my work during GSoC!
- A graph showing the no. of changes made against the entire GSoC time period! Don't take the last phase as inactive, that was more dedicated towards, non-coding activites like adding-docs, writing blogs, etc. Btw, made the graph with matplotlib, if you wanna know.
-
A total count of changes done by me accounts to 29,307! This makes me the contributor with most changes added on the repo :). This equals to 2.25x the contributions of all other contributors combined! Well anyways, nothing to boast, everyone's contributions are important!
-
All of the work was done in just 23 commits!
GSoC is in all it's essence a once in a lifetime opportunity. Being fond of writing crazy experiences, naturally; I decided to document this blue moon experience. Writing needs a medium and what best could be than Medium itself! Below are the blog posts describing my journeys in much needed detail!
- My GSoC’22 Voyage: Beginning :- https://medium.com/@justary27/my-gsoc22-voyage-beginning-4296df5af625
- My GSoC'22 Voyage: Conclusion :- https://medium.com/@justary27/my-gsoc22-voyage-conclusion-e0bf34fec239
You may be suprised if I say that all of my pull requests that I made have been merged into the main
branch. But it's True!
Below is a list of merged PRs along with brief description of each:
- Code Cleanup and Fix #63 [GSoC'22]: Added the much requested, company dashboard, screen, added more documentation within the code and did the usual code cleanup.
- Fix File Structure, Add Docstrings [GSoC'22]: Standarized file structure, added some documentation and cleaned some code.
- Fix #48 #121 [GSoC'22]: Updated image_picker version, fixed 4 in-app reported issues.
- Removed authentication for anonymous user [GSoC'22]: Changed auth permissions for issue posting.
- More fixes for launch! [GSoC'22]: Completed all tasks related to MVP milestone, added a new README for the repo.
- fixes for Milestone completion [GSoC'22]: Completed tasks related to the MVP milestone, and added many "Quality of Life Improvements".
- Fixed many issues [GSoC'22]: Added 2 screens and close a lot of minor but important issues.
- Fix Issues #15 #48 #51 #53 [GSoC'22] : Incoming biggest PR! With 7181 changes, this PR. Cleaned the unused provider code, integrated a search bar and referral page and the most important redesigned the profile from scratch.
- Fix #26 #58 #61 (GSoC'22): A tough one! Removed all previous garbage sorts of auth system and replaced with a neat riverpod based state management, redesigned and added 3 pages.
- Fix Issues #16 #42 #44 (GSoC'22): Added and revamped 4 screens, cleared past TODOs.
- Fix Issues #45 #55 #81 & #86 (GSoC'22): Added 2 screens, enabled SVG support, separated constants.
- fix issue #46 #47 #56 (GSoC '22): Added 3 screens, changed app's theme and fonts, bumped flutter version.
36 issues, it's long to say the least! Hold your horses and let's dive right in. (Click the arrow to begin!)
- Company DashBoard
- update image picker to use picImage instead of getImage
- Referral Page
- Fix Company Scoreboard
- getting an error when posting an issue
- Integrate new user signup with captcha in the app
- Integrate add an issue
- Please add back buttons to report issue screen, forgot password screen etc so user does not get stuck
- Can’t click back to username on login
- Change icon to have white background
- Replace the home icon with the feed (remove home and switch it with feed so there are 3 icons)
- Make login screen username and password
- Rewrite ReadMe
- News Letter Page
- About Page
- Remove email from login
- Connect forgot password to api
- Report issue screen font is white
- Company Detail
- Github Actions for code coverage
- Update the Search Bar to work correctly
- User Details
- Login Page
- Add Forgot Password Page in the APP
- Report A Bug Page
- Fix Issue List
- Create app wireframes for all other screens in Figma file
- Integrate search bar
- Refactor out all login fresh code
- Integrate leaderboard
- Fix Error Page
- Update the version for the current Flutter App as SVG files does not works in current version
- Update app icon with white background and fit within rounded square
- Make login with email the only option and remove the others
- Privacy Page
- Terms Page
Writing code is not the only part of GSoC. Being a contributor, in my opinion means also promoting the opensource culture, and adding to the product in ways other than code. To do this, I have contributed in terms of community interaction, added a README to the repo, more recently, I've added a detailed Contribution Guide for the BugHeist's Flutter repo, and most importantly designed the app's UI, you can say all of the UI was revamped.
Figma link: https://www.figma.com/file/NYD5WZzJywnO338lchnece/BugHeist?node-id=7%3A634
While we write lots of code to add new features, we should also know that improving performance is also a important part. Below are some improvements I made along this 90 day journey!
-
Example 1: Removing hard to undertsand and performance code This was painful to say the least, it was hard to understand how the the code was working not for other contributors only, but for me too :( More over, the code didn't worked, best course? Ofcourse, I replaced it with an efficient working one! This was the case for the "Authentication System"
- Earlier The problem? A single widget simply handling way too much, and too many custom model classes which was simply not needed.
class LoginFresh extends StatefulWidget { /// color main login final Color backgroundColor; ///color of card where are the login icons final Color cardColor; /// color of text in login final Color textColor; /// url logo main in login final String pathLogo; ///button when you want to avoid the login and go to the application content final bool isExploreApp; ///function when you want to avoid the login and go to the application content final Function functionExploreApp; ///widget to put a footer in your login final bool isFooter; /// custom widget footer final Widget widgetFooter; /// list type login import in login final List<LoginFreshTypeLoginModel> typeLoginModel; /// is signUp in login final bool isSignUp; ///widget signUp final Widget widgetSignUp; //model of key words used in login final LoginFreshWords keyWord; ... }
- Present Solution? Separated the state management, broke the widget into many components, to make it more understandable.
// Login Widget class LoginForm extends ConsumerStatefulWidget { final Size size; const LoginForm({ Key? key, required this.size, }) : super(key: key); @override ConsumerState<ConsumerStatefulWidget> createState() => _LoginFormState(); } class _LoginFormState extends ConsumerState<LoginForm> { Future<void> login( String username, String password, BuildContext parentContext, ) async { await ref.read(authStateNotifier.notifier).userLogin( { "username": username, "password": password, }, parentContext, ); } ...
// State Management /// The provider which exposes the state management for user authentication. final authStateNotifier = StateNotifierProvider<AuthNotifier, AsyncValue<AuthState>>((ref) { return AuthNotifier(ref.read); }); class AuthNotifier extends StateNotifier<AsyncValue<AuthState>> { Future<void> userLogin(Map<String, String?> userCreds, BuildContext parentContext) async { ... } ... }
-
Example 2: Preventing repeated API calls Ealier implementations of API fetching and displaying it in the UI all had used Future builder, inefficient to say the least! I switched it up to Consumers and Providers from Riverpod, the results are almost 4x better. Also it gives a more fine grain control over UI changes.
- Earlier The problem? Everytime you switch back to the page having a future builder, it re-requests data from the backend. Have this for just 5 to 6 sceens, the requests can shoot up to 50+ easily, on just a single user session. This is obviously not wanted.
// Using to fetch list of issues from backend child: FutureBuilder( future: _getObj, builder: (context, snapshot) { ... }, );
- Present Using a combination of providers and consumers we can reduce the number to ~12. This is much better and preferred too! Also it improves app performance.
/// A Riverpod Consumer Widget child: issueState!.when( data: (List<Issue>? issueList){ if (issueList!.isEmpty) return ...; else return ListView.builder(...); }, error: (Object error, StackTrace? stackTrace) { return Center( child: Text( 'Something went wrong!', ), ); }, loading: () { return Center( child: CircularProgressIndicator(), ); } ),
/// The provider which exposes the state management /// for issues in the issue list. final issueListProvider = StateNotifierProvider<IssueListProvider, AsyncValue<List<Issue>?>?>((ref) { return IssueListProvider(ref.read); }); class IssueListProvider extends StateNotifier<AsyncValue<List<Issue>?>?> { ... Future<void> _retrieveIssueList() async { try { final IssueData? issueData = await IssueApiClient.getAllIssues( IssueEndPoints.issues, ); nxtUrl = issueData!.nextQuery; state = AsyncValue.data(issueData.issueList); } catch (e) { AsyncValue.error(e); } } }
As I have said earlier multiple times, I redesigned the entire thing, to make the app look sleek and modern, this part was new to me as I haven't done much UI design on an industrial scale before, but it worked out well as everyone liked it! I'm sharing comparisons between my screens and previous ones.
Screen Name | Old Design | New Screen |
---|---|---|
Issue | ||
Report Bug | ||
Leaderboard | ||
User profile |
This journey hasn't been a drive on a highway, but one in the hills. A lot of challenges popped up here and there, yet I'm glad I was able to overcome all of them! The biggest challenge I would consider was UI designing as I was completely new to the field, it's funny and sad at the same time when it takes a day just to decide the color scheme and fonts for the app :) Another one of my challenges were to create fully functional app-screens, this arose cause of the fact that there were limited APIs available to work with, so I had to extract the maximum info I can get from them and create a good user experience form it.
There's a learning in every challenge
Tho I know flutter very well imo. There's always something you can learn. Some of my learnings was how to create a working search bar, work with a lazy loading list, and creating and auth system with riverpod. Other that, I surely learnt UI designing very well!
Tho I've solved various issues and made the app launch ready on app and play stores, much can be done from here. First of one the reward system on reporting an issue, or integration of payments into the app for subscriptions and sponsoring the project. This was dropped out from my proposal later, so can be worked upon in future. Also there's a scope of making more APIs whcich provide easy access to the site data. New screens and features are always a possibility!
Of course you need someone who can guide you when you stray off the right path. Not acknowledging their contributions will be blasphemy! So yes, I would like to thanks my mentors @Sparsh1212, @ankit2001, and @fredfalcon for constantly helping me throughout this journey of mine. Without your guidance, every turn could have taken me on a worthless adventure!
This has been a great eventful journey full of ups and downs, it was a great feeling to be a part of something as big as the likes of Google Summer of Code, almost a once in a lifetime opportunity! I look forward to keep contributing to the world of open source! Open source FTW :)