[Owasp-leaders] OWASP Projects Self Update Nearing Completion

Jason Li jason.li at owasp.org
Mon Mar 30 23:52:25 EDT 2009


Leaders,

The deadline for the OWASP Projects Spring 2009 Self Update survey is
nearing, and out of over 100 OWASP Projects, only 25 responses have
been received thus far:

Access Control Rules Tester
Application Security Requirements
AppSensor
ASDR
ASVS
Backend Security
CAL9000
DirBuster
EnDe
Enigform
Google Hacking
Java Project
ModSecurity Core Rules
Open Review Project
Orizon Project
OWASP Code Crawler
OWASP Developer Guide
OWASP Learn About Encoding Project
OWASP Live CD
OWASP-Proxy
Ruby on Rails Security Guide
Securing WebGoat using ModSecurity
Sprajax
WebGoat
WebScarab

Thanks to all who have submitted your responses already and if you
don't see your project on the list, please make sure to fill out the
survey located here:
https://spreadsheets.google.com/viewform?hl=en&formkey=cEp6TlUxeU5KZDdWQkgxYlM2clkwRVE6MA..

As we start to wrap up the surveys, the question now facing the
committee is what do we do about projects that are determined to be
inactive? In order to raise the level of quality and consistency
across OWASP Projects, we need to address how we're going to handle
projects that have been orphaned by their owners.

Ideally, we would like to identify orphaned projects that are valuable
and put them up for adoption as a project during a Season of Code.
However, logistically, there are lots of hurdles to clear including
reliably identifying the project status, identifying copyright owners
(particularly if there have been multiple contributors), etc.

The Global Projects Committee will be working on this issue over the
next few months, but we welcome any suggestions on these thorny issues
as we move forward to improve OWASP Projects.

--
Jason Li
OWASP Global Projects Committee
jason.li at owasp.org


More information about the OWASP-Leaders mailing list