[Esapi-dev] Updates from me

Chris Schmidt chris.schmidt at owasp.org
Fri Dec 9 01:24:19 EST 2011 

All -

Apologies for being MIA for the last several months - I got back from
AppSec and found myself buried beneath a mountain made up of several
months worth of work. On the upside it has been a crazy busy Q4 which is
good, on the downside I have had little if any chance to give time to
the project. That being said  I just wanted to shoot out a quick note
and follow up on a few items that we had left with back in Sept/Oct

1) ESAPI Componentization Effort:

I will be charging ahead again on this effort full-steam and getting
some ground rules laid for our componentization tiger team to start
tearing through it. I will be working closely with John Steven and Jeff
Williams on some of the points that we laid out at the ESAPI summit back
in Minneapolis to get this ball rolling so expect some good meaty
updates on this effort before the end of the year.

2) Project Homepage and Hosting @ SF

I have all the pieces in place to start migrating ESAPI projects over to
our new home at SourceForge. I have created a new GIT repository to
replace our subversion repository. This should allow for simpler
branching and the ability for people to fork and do all kinds of
interesting stuff with the source. Our existing subversion repository
will be retained in a read-only state once we cut over for the
individual projects.

Additionally, I have started a shell of a website (at least our cool new
logo is on this one) at http://www.esapi.org - Right now this is running
a pretty vanilla wordpress installation. In the relatively near future I
will be putting some resources to work on designing a new template and
implementing some new stuff on the site as well as moving it over to the
new OWASP data center.

This brings me squarely to the 3rd item on the agenda.

3) ESAPI Funding

I will be working with Jim Manico and Jeff Williams on taking the DARPA
funding proposal through completion over the next couple weeks which
will hopefully land some much needed funds in the ESAPI coffers to start
really pushing forward on some good development and documentation
sprints as well as covering costs for some of the additional features
discussed at the summit such as video tutorials. You can expect some
updates in this area early next year.

Anyhow, thanks to Kevin for keeping up on the dev-list and being
available to answer questions as they arise. I hope to see a new 2.1
sprint starting in the very near future with componentization work
taking off in anticipation of the ESAPI 3.0 Reimagining.

I hope you all have a great holiday and am looking forward to 2012 being
the year that takes ESAPI to the next level!

~Chris

More information about the Esapi-dev mailing list