[Owasp-board] A draft proposal document for Project Re-boot

Eoin eoin.keary at owasp.org
Tue Apr 3 19:23:14 UTC 2012


Hi Jason,
Yes you can call it a season of code but it is also about marketing and creating energy around existing projects.
We need adoption and use and relevancy.
I have no idea why things have come to a stop since the last releases but we can waste time pondering or simply do something about it and spend the funds we have on positive activities.

I have no objection to teams getting paid if projects are energised, leaders included, if that's what's it takes so be it. GPC and board can make sure the financial aspects of the arrangement are fair and justified.
There is bigger picture here.... Our projects are free and open source we are open and we have funding I think we need to invest in what we do best: work as a collective, make stuff, be a catalyst for change. 
Right now all we do is events. Our core library has eroded and will continue to do so. 



Eoin Keary
BCC Risk Advisory
Owasp Global Board
+353 87 977 2988


On 3 Apr 2012, at 19:59, Jason Li <jason.li at owasp.org> wrote:

> Eoin, 
> 
> It sounds an awful lot like restarting the OWASP "Season of Code" initiative.
> 
> If the Board is set on paying contributors to work on projects, then I'd suggest just restarting the "Season of Code" program as there's already a lot of history and process established for it.
> 
> However, as I mentioned on a previous Board thread regarding project interns, the whole "Season of Code" initiative came to a screeching halt when the Board made a decision back in September 2009 that OWASP should NOT pay contributors to work on projects. In fact,  Dinis noted this exact point about not paying contributors in his recent response to your thread in support of rebooting projects.
> 
> That was a heavily debated decision and I'm only privy to some of those details as that decision was made at a time when Board members fed information down to committees after Board meetings rather than vice versa (incidentally, many in the GPC including myself opposed the decision initially - but Dinis was able to convince me why it was important). I would suggest that any conversation about paying contributors should first address those concerns.
> 
> Some things to consider... many of the projects that you cited that require major rewrite/augmentation (Testing Guide, Code Review Guide, WebGoat) were previous Season of Code projects.
> 
> Is it a coincidence that little to no progress has been made on those projects since the last time contributors got paid to work on those projects?
> 
> By no means am I making a value judgement on the contributions - in fact, I'm sure most people put in way more time than the money would justify.
> 
> But the point is, one of the many reasons that decision was made back in 2009 was because OWASP didn't want to set this pattern of expectation where contributors would only work on projects if they got paid.
> 
> There are several projects at OWASP that are progressing at a reasonable pace DESPITE the lack of direct funding (ZAP, ESAPI, AppSensor, Cheat Sheets).
> 
> Isn't a better goal to figure out why those projects are floating when these other projects aren't?
> 
> Otherwise, we're just going to be in a perpetual cycle of paying people to update OWASP projects...
> 
> -Jason
> 
> On Tue, Apr 3, 2012 at 10:34 AM, eoin keary <eoin.keary at owasp.org> wrote:
> Lets talk on Thursday.
> Please give it a quick read before then.
>  
> 
> 
> -- 
> Global Board Member (Vice Chair)
> 
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120403/e8f809dd/attachment.html>


More information about the Owasp-board mailing list