Evaluation of codebase & development

The framework wnframework is used and seemingly developed in parallel.

The python code does not follow the guidelines in PEP8.


wnframework contains a database model abstraction which is used in some places, though there are > 2000 places where raw SQL is composed using python's 'foo %s' % ('bar') string formatting. I have managed to cause some minor SQL injections, I have not yet found any places where I can cause significant damage / data loss.

Not using a database abstraction model such as SQLAlchemy reduces storage portability and adds security overhead to ensure that no malicious queries can be executed.

Update: SQLAlchemy has a severe performance penalty based on our testing. Plus, SQL reduces the code complexity in many instances and has much better performance too. - Rushabh

In those places I have seen, no input sanitation was performed, although they were only SELECT queries. I suspect that you could alter database contents by modifiying a SELECT query, but I have not managed to do so myself.

Update: The library does not allow multiple SQL Queries to be executed, hence altering is not possible. There is possibility of overriding certain conditions. We will fix these on priority. - Rushabh

Evaluation of Reporting UseCases

Evaluation of Reporting UseCases for Fund Accounting

Can each of these reports be generated, confined to a specific temporarily restricted asset type?

It does not seem like it. There are 'Cost Centers', but they do not seem to be usable in fund accounting.

Update: Yes. Cost Centers can be easily extended to manage funds. Each Income / Expense is tagged against cost center, so you can accurately track per Fund. Some of the terminology can be fixed if required - Rushabh

Evaluation of Fund Accounting UseCases

No. It does not seem like 'Cost Centers' can be used this way.

Update: Yes. Please see earlier comment, each fund can be a cost center and invoices, expenses can be booked against it. Even budgeting can be done against a cost center. - Rushabh

Collaborating evaluation

Evaluation of Double-entry Accounting UseCases

Evaluation of TrackingDocumentation UseCases

Evaluation of Handling multiple currencies UseCases

Evaluation of draft transaction UseCases

Evaluation of WorkFlow UseCases

Evaluation of the Reading and Reporting API

See below.

Evaluation of the Storage API

It is a web application using JavaScript to communicate with the backend, so there is an API endpoint for everything you'll ever see in the application.

Evaluation of the Community Health

Final(-ish) Evaluation

Unfortunately, we discovered this policy early in our evaluation, and decided that until this policy can be corrected to something more fitting with actual copyright law and that will allow us to contribute under the stated license of the project, it's not worth further evaluation of the codebase, since this policy is just not acceptable. bkuhn has raised the issue on the ERPNext Developers' Forum.

Udpate: FIxed - Rushabh