[Owasp-board] OWASP Funding for ESAPI Project Manager

Eoin eoin.keary at owasp.org
Wed Apr 7 14:52:32 UTC 2010


I'm for this, so its a yes from me.
Can we revisit on a annual or bi-annual basis to mark progress etc?
Eoin



On 6 April 2010 18:57, Dave Wichers <dave.wichers at owasp.org> wrote:

>  Here are my thoughts on this proposed effort:
>
>
>
> The ESAPI for Java project currently has over a dozen active contributors
> and the five plus other ESAPI language specific projects have other
> contributors as well.
>
>
>
> Jim Manico has been an active contributor for the ESAPI for Java project
> for several years and in the last six months or so has transitioned
> primarily into the extremely important but less interesting and glorious
> roll as the ESAPI for Java project manager/build wrangler. He is looking to
> transition this role to another volunteer but finding such a volunteer who
> has the time and expertise is very difficult. No one has stepped up in the
> past 3-4 months, for example.
>
>
>
> I asked him if he would be willing to continue in this role at a more
> active level if OWASP could provide a small amount of funding for this and
> he has graciously offered to work 25 hours / month on this at $40 / hour,
> which is an extremely discounted rate.
>
>
>
> This role would not be to provide core technical contributions to ESAPI,
> but rather to manage the project, support all the contributors, manage and
> streamline the build/release process, etc. A small amount of funding here
> can significantly enhance and ease the contributions of numerous volunteers.
>
>
>
> Jim should be able to provide some level of support to the other ESAPI
> language specific versions and help them all stay in sync with each other,
> which would be extremely helpful as well.
>
>
>
> This position could eventually serve as a model for providing similar more
> specific project management support to other large OWASP projects.
>
>
>
> If you are all OK with this, I can draft a statement to be sent to the
> leaders list to this affect. I don’t want to put this particular position up
> for bid, but I think the concept is something we should consider funding for
> other large projects if this seems to be successful.
>
>
>
> -Dave
>
>
>
> *From:* Dave Wichers
> *Sent:* Tuesday, April 06, 2010 12:31 AM
> *To:* 'Jeff Williams'
> *Subject:* OWASP Funding for Jim for ESAPI?
>
>
>
> What would you think about asking the board for funding for Jim to continue
> with his role as ESAPI wrangler. He’s offered to work 20+ hours per month at
> $40/hr. We’d probably pay him a flat $40 and he’d work that or more.
>
>
>
> I think this would be a great investment for OWASP to get someone of Jim’s
> caliber for that rate.
>
>
>
> -Dave
>
>
>
> *From:* Jim Manico
> *Sent:* Tuesday, April 06, 2010 12:28 AM
> *To:* Dave Wichers
> *Subject:* RE: ESAPI JavaDoc
>
>
>
> Cool. I’d be happy to stay with my current OWASP rate if necessary (0$) and
> keep things limping along until the right person shows up to take over.  I
> grumble a little bit at times, but I know that what we are doing around
> ESAPI is very important to the community.
>
>
>
> If OWASP does spring for a few bucks, I’ll like to use that extra time to:
>
>
>
> 1)      Automate the build process
>
> 2)      Re-design the ESAPI homepage and make it a more professional of a
> front end, like http://www.opensamm.org/ or http://www.hibernate.org/>
> 3)      Do a general quality control pass of all the Wiki’s and clean
> house…
>
> 4)      Whatever else Dave has in mind ;)
>
>
>
> -        Jim
>
>
>
> *From:* Dave Wichers
> *Sent:* Tuesday, April 06, 2010 12:15 AM
> *To:* Jim Manico
> *Subject:* RE: ESAPI JavaDoc
>
>
>
> I’ll see what they say.
>
>
>
> *From:* Jim Manico
> *Sent:* Monday, April 05, 2010 8:53 PM
> *To:* Dave Wichers
> *Subject:* RE: ESAPI JavaDoc
>
>
>
> Wow, that's pretty cool Dave. How about something like 40$/hr? Is that low
> enough?
>
>
>
> --
>
> Jim Manico
>
>
>  ------------------------------
>
> *From:* Dave Wichers
> *Sent:* Mon 4/5/2010 1:51 PM
> *To:* Jim Manico
> *Subject:* RE: ESAPI JavaDoc
>
> Thank you. I’m just starting to look into ESAPI again in prep for Aspect
> developing an ESAPI course, and while I’m in their learning more about
> ESAPI, I’m sure I will have more feedback for you.
>
>
>
> I have a question for you. If we could get OWASP to fund some of your
> support to OWASP would you be interested? It wouldn’t be anything close to
> your $100 / hr rate to Aspect, but it would be paid. I’m thinking about
> asking for like 20 hours / month for you to continue as the ESAPI wrangler,
> or whatever your role is J
>
>
>
> Would that be of interest to you? I know you want to hand this off to
> someone else, but if it was paid, I would hope that would make it more
> palatable for you to continue.
>
>
>
> -Dave
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100407/682a835c/attachment-0002.html>


More information about the Owasp-board mailing list