[Esapi-user] [Esapi-dev] 2 ESAPI Bounties created on Bountysource

Jim Manico jim.manico at owasp.org
Mon Jan 26 15:29:21 UTC 2015


Limiting who can work on this makes no sense, a bug is a bug is a bounty.
I say anyone can chase these. And since we have no staff who are computer
programmers, I don't see an issue there. Let's not put up unnecessary
roadblocks to completion.

Anyone can chase these bounties...

--
Jim Manico
@Manicode
(808) 652-3805

On Jan 26, 2015, at 7:12 AM, Kevin W. Wall <kevin.w.wall at gmail.com> wrote:

Works for me.

-kevin
Sent from my Droid; please excuse typos.
On Jan 26, 2015 6:03 AM, "Fabio Cerullo" <fcerullo at owasp.org> wrote:

> Great stuff guys... I would say for the time being, lets keep it simple
> regarding participating rules.
>
> - ESAPI project leaders (You & Chris) cannot claim the bounty.
> - OWASP Global Board members and staff cannot claim the bounty.
> - Everyone else is invited to participate and submit solutions.
>
> Makes sense?
>
> Fabio
>
> On Mon, Jan 26, 2015 at 5:33 AM, Jeff Williams <
> jeff.williams at aspectsecurity.com> wrote:
>
>>  Very cool.  Thanks Kevin and Chris!
>>
>>  --Jeff
>>
>>
>>   From: Kevin Wall
>> Date: Sunday, January 25, 2015 at 11:51 PM
>> To: 'ESAPI-Developers', "Esapi-user at lists.owasp.org", Fabio Cerullo
>> Subject: [Esapi-dev] 2 ESAPI Bounties created on Bountysource
>>
>>     All,
>>
>> ​I just created a $200 bounty on Reference Implementation Extensibility
>> <https://www.bountysource.com/issues/5975294-reference-implementation-extensibility>
>>>> <https://www.bountysource.com/issues/5975294-reference-implementation-extensibility>
>> and
>> a second one for $275 for​
>> ​ Need Major Changes to Configuration Mechanism​
>> <https://www.bountysource.com/issues/5975509-need-major-changes-to-configuration-mechanism>
>> ​.
>> The first one expires in 6 months and the second one expires in 3 months
>> (although if significant progress can be shown on either of these, I'd be
>> willing to extend the times).
>>
>> ​If you have questions, on how to handle the bounties themselves,
>> check out the Bountysource​
>>  FAQ <https://www.bountysource.com/faq>
>>>> or contact the Bountysource team via
>>
>>  *​     ​*
>>
>> *support at bountysource.com <support at bountysource.com> (Email) *
>> *​     ​*
>>
>> *#Bountysource (IRC) *
>> *​     ​*
>>
>> *@Bountysource (Twitter) *
>> *​     ​*
>> *Bountysource (Facebook)*
>>
>>  ​If you have questions about the issues themselves either post
>> your questions to the ESAPI Dev list or send them directly
>> to me. (If they are questions about clarification, I'd prefer
>>  an open dialog on the ESAPI Dev mailing list.)
>>
>>  Fabio, do you have anything to add, such as are there any
>> restrictions as to who may participate, etc. (I suggest that
>> at least you, Chris Schmidt, and myself should not be eligible
>> to about any appearance of conflict of interest, but I'm not
>> sure if we should have additional people excluded.)
>>
>>  -kevin​
>>  P.S.- Please help spread the word about this. Thanks.
>>  --
>>  Blog: http://off-the-wall-security.blogspot.com/
>> NSA: All your crypto bit are belong to us.
>>
>
>  _______________________________________________
Esapi-dev mailing list
Esapi-dev at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/esapi-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20150126/00a61c26/attachment.html>


More information about the Esapi-user mailing list