[Owasp-board] Fwd: [Owasp_project_leader_list] Do you consider your project a Flagship status candidate?

Jim Manico jim.manico at owasp.org
Sat Jun 7 03:29:33 UTC 2014


Agreed. Josh, would you mind starting that conversation on the leaders list?



Aloha,

Jim



*From:* owasp-board-bounces at lists.owasp.org [mailto:
owasp-board-bounces at lists.owasp.org] *On Behalf Of *Sarah Baso
*Sent:* Wednesday, June 04, 2014 9:31 AM
*To:* Josh Sokol
*Cc:* OWASP Board List; johanna curiel curiel
*Subject:* Re: [Owasp-board] Fwd: [Owasp_project_leader_list] Do you
consider your project a Flagship status candidate?



All - I would suggest we have an open discussion with the leaders regarding
how we would evaluate quality of documentation projects including use of
proprietary information and data validation and much more...



Johanna has let me know that while she feels qualified to help with setting
criteria and a framework for evaluating quality of code libraries and
tools, she would like someone else to take on putting together the process
for documentation projects.



I think this is a great discussion for us to be having!



Sarah



On Wed, Jun 4, 2014 at 12:25 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

I tend to agree, Eoin.  Two primary concerns:

1) Are the materials going into these open source guides not proprietary?
We need validation before making a documentation project Flagship that it
is truly open source.

2) Do we have enough insight and documentation on how the guide was created
that someone else could replicate it in the future?  Leaders will come and
go, but labeling something as Flagship, at least to me, indicates some
level of long-term support.

~josh



On Wed, Jun 4, 2014 at 1:14 PM, Eoin Keary <eoin.keary at owasp.org> wrote:

I believe new releases of guides need to be reviewed before they are
published as final edition and flagship.

I am happy to review either the code review or testing guide as I was
involved in both as lead at points in time.

I am keen about quality of such guides given they provide direction to
1000's of Dev/test/QA For many years to come.



I am happy to volunteer as a reviewer for any of the guides once a complete
editable document is available.







Eoin Keary

Owasp Global Board

+353 87 977 2988




On 4 Jun 2014, at 18:48, Jim Manico <jim.manico at owasp.org> wrote:

Board,



Someone from the testing guide and OWASP Top Ten wanted to know how
•documentation projects• could reapply for flagship status. The current
project eval reboot is for tools and libraries, documentation projects are
out of scope right now.



Any thoughts here?



Aloha,

--

Jim Manico

@Manicode

(808) 652-3805


Begin forwarded message:

*From:* johanna curiel curiel <johanna.curiel at owasp.org>
*Date:* June 4, 2014 at 6:25:48 AM HST
*To:* "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>, "
owasp_project_leader_list at lists.owasp.org" <
owasp_project_leader_list at lists.owasp.org>, "
owasp-projects-task-force at googlegroups.com" <
owasp-projects-task-force at googlegroups.com>, Enrico Branca <
enrico.branca at owasp.org>
*Subject:* *[Owasp_project_leader_list] Do you consider your project a
Flagship status candidate?*

Hi Leaders



In the process of reviewing projects at Quality assurance level for Tools
and Code projects, I want to make sure we do not exclude those projects
that right now are officially LABS and consider themselves ready for a
review process to become Flagship.



Keep reading if you want your project to be a flagship candidate.



The process will have these important components:



   - Code Analysis (SWAMP) (if written in Java, C++ or C): I would need
   your permission to load the project into SWAMP
   - Functional testing:Deploy the tool/Code in Virtual servers with a full
   configured test environment. Project leaders will have access to these
   - Access to JIRA to review test cases
   - Analysis and use of Unit tests - Code coverage



Make sure you understand what are the minimum qualifications to become
flagship

See attached document Project Health Criteria. We are using Ohloh as a
measuring mechanism on activity and hopefully Enrico's tool will help us
with that part too.



Please contact the OWASP Project task force to add you to this list



A preliminary analysis will be done to verify the actual Project Health
Criteria and continue with the process of evaluation for flagship



Regards



Johanna



<Master File- Projects Assessment Criteria V7.xlsx>

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board


_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board




_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board





-- 

Executive Director

OWASP Foundation



sarah.baso at owasp.org
+1.312.869.2779
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140606/03b0755c/attachment-0001.html>


More information about the Owasp-board mailing list