Software Quality Audit on Web-Based Inventory Information System: A Case Study of Open Source Repository Using ISO/IEC 29119 Standard
Keywords:
Software Audit, ISO/IEC 29119, GitHub Repository, Black Box Testing, SQL Injection, Data IntegrityAbstract
The reuse of open-source code from public repositories like GitHub to accelerate business information system development often neglects quality assurance aspects. This practice poses high risks as raw code may contain hidden defects that jeopardize data integrity. This study aims to conduct an independent quality audit on the "Shoe Store Inventory System" based on Native PHP and MySQL acquired from the depthgilang GitHub repository. The testing framework adopts the international standard ISO/IEC 29119 to ensure a systematic, standardized, and objective verification and validation process. The research methodology employs Dynamic Testing with a Black Box approach and Equivalence Partitioning technique. Testing focused on validating CRUD (Create, Read, Update, Delete) functionalities, system stability, and basic data input security. Based on the execution of 28 test cases, this research revealed empirical facts regarding low code quality. Although the user interface functions correctly, the system experienced a fatal Critical Failure in the form of database connection loss ("MySQL server has gone away") during data storage operations. Furthermore, Major category security loopholes were discovered, specifically SQL Injection and Stored Cross-Site Scripting (XSS) vulnerabilities due to the absence of input sanitation, as well as business logic errors allowing negative stock values. In conclusion, this software is declared as not meeting industrial eligibility standards for production release. The code requires deep structural refactoring on database connection management and security protocols before being safe for operational utilization.
References
Anwar, C., & Riyanto, J. (2019). Perancangan Sistem Informasi Human Resources Development Pada PT. Semacom Integrated. International Journal of Education, Science, Technology, and Engineering (IJESTE), 2(1), 19-38. https://doi.org/10.36079/lamintang.ijeste-0201.16
Anwar, C. ., Sumerli A, C. H. ., Hady, S. ., Rahayu, N. ., & Kraugusteeliana, K. . (2023). The Application of Mobile Security Framework (MOBSF) and Mobile Application Security Testing Guide to Ensure the Security in Mobile Commerce Applications. Jurnal Sistim Informasi Dan Teknologi, 5(2), 97–102. https://doi.org/10.37034/jsisfotek.v5i2.231
Anwar, C. (2024). Rekomendasi Teknis Untuk Pengolahan Data Berbasis Web. Jurnal Informatika Utama, 2(1), 50–54. https://doi.org/10.55903/jitu.v2i1.166
Anwar, C., Jagat, L. S., Yanti, I., Anjarsari, E., & Sholihah, N. A. (2023). Pengembangan media pembelajaran berbasis teknologi untuk meningkatkan kemampuan anak. Caruban: Jurnal Ilmiah Ilmu Pendidikan Dasar, 6(2), 154-163.
Anwar, C. (2022). Application of Academic Information System With Extreme Programming Method (Case Study: Jakarta International Polytechnic).
Anwar, C., Kom, S., Kom, M., Santiari, C. N. P. L., & Sitorus, Z. (2023). Buku Referensi Sistem Informasi Berbasis Kearifan Lokal.
Samsumar, L. D., Nasiroh, S., Farizy, S., Anwar, C., Mursyidin, I. H., Rosdiyanto, R., ... & Prastyo, D. (2025). Keamanan Sistem Informasi: Perlindungan Data dan Privasi di Era Digital
Indra, S., Anwar, C., Kom, S., Asparizal, S., Kom, M., Nur, R. A., ... & Hafrida, L. Komputer dan Masyarakat. CV Rey Media Grafika.
Wijayanti, R. R., S ST, M. M. S. I., Anwar, C., Kom, S., Indra, S., Kom, M., ... & Kom, M. (2023). Arsitektur dan Organisasi Komputer. CV Rey Media Grafika.
Handayani, T., Silalahi, L. M., Nugroho, S. S. P., Anwar, C., Mursyidin, I. H., Sumantri, A., ... & Yulianti, B. (2025). Pengantar Sistem Informasi: Konsep, Teknologi, dan Implementasi.
Anwar, C., & Harits, A. (2025). Perancangan Sistem Kuisioner Penilaian Kapabilitas Framework COBIT 2019. Jurnal Informatika Utama, 3(1), 42-51.
Anwar, C., & Sunardi, D. (2024). Pelatihan Pengembangan Ide Bisnis Inovatif Berbasis Teknologi Informasi Dan Komunikasi (TIK) Untuk Siswa/Siswi Dan Masyarakat Umum Di SMK Nusantara Bojonggede. JIPM: Jurnal Inovasi Pengabdian Masyarakat, 2(2), 53-57.
Samsumar, L. D., Firdaus, M., Windyasari, V. S., Rachendu, S., Anwar, C., Haq, F. A. S. N., ... & Kusumaningrum, A. (2025). Sistem Informasi Manajemen: Strategi, Desain, dan Penerapan.
Handijono, A., Anwar, C., & Harits, A. (2025). Pemanfaatan Penggunaan Sosial Media Dengan Bijak Dalam Teknologi Informasi Di Era Digital Di SMK Media Informatika. Attamkiim: Jurnal Pengabdian Masyarakat, 2(1), 58-64.
Anwar, C., Handijono, A., & Harits, A. (2025). Pemanfaatan Penggunaan Sosial Media Dengan Bijak Dalam Teknologi Informasi Di Era Digital Di SMK Media Informatika. Journal of Community Service Synergy, 1(1), 71-77
Aisyah, S., Anwar, C., Satmoko, N. D., & Nuryanto, U. W. (2023). Role of Product Quality and Store Atmosphere on Purchase Decision of Clothing Product Vintage Vibes. JEMSI (Jurnal Ekonomi, Manajemen, Dan Akuntansi), 9(1), 172-178.
Farizy, S., Trisnawan, A. B., Silalahi, L. M., Yuliadi, B., Anwar, C., Alamsyah, D., ... & Sitorus, B. B. (2025). Buku Ajar Jaringan Komputer: Dari Teori Dasar Hingga Jaringan Nirkabel
TRISNAWAN, A. B., HASANUDIN, M., HANDAYANI, T., ANWAR, C., ZAENUDDIN, I., WAYAHDI, M. R., ... & MARTADINATA, A. T. (2025). Buku Ajar Rekayasa Perangkat Lunak: Prinsip, Praktik, dan Teknologi Modern.
Anwar, C., Ramadhani, G., Aditiya, M. Z., & Sari, P. A. (2025). Pemanfaatan Cloud Computing untuk Solusi Disaster Recovery dan Kontinuitas Bisnis Sistem Informasi Utama (Studi Kasus: Universitas Pamulang). Journal of Information Systems and Business Technology, 1(1), 161-166.
Anwar, C. Prediction Of Academic Achievement Of Pamulang University Students Using Artificial Neural Networks.
Repositori GitHub "depthgilang". (2025). Source Code inventori sepatu. Diakses dari https://github.com/depthgilang.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Resnawati Kusnandar, Muhamad Yusup, Chairul Anwar (Penulis)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Creative Commons Attribution 4.0 International (CC BY 4.0).
This work is licensed under a 