[Owasp-leaders] Remote Repositories on SourceForge

Michael Coates michael.coates at owasp.org
Thu Jan 5 18:04:02 UTC 2012


Ah. I understand now. Perhaps we have an FAQ somewhere we can simply point people at?

If not, maybe thats a good way to help spread the right info and clear up any confusions.



Michael Coates
OWASP
michael.coates at owasp.org



On Jan 5, 2012, at 9:47 AM, Dennis Groves wrote:

> Michael,
> 
> I agree it makes perfect sense. However, I am personally involved in OWASP and it is/was unclear to me (and others); therefore my concern is how it is percieved by those who people who are not already involved with OWASP. Thus, I am suggesting that perhaps a clearer message is in order?
> 
> Cheers,
> 
> --  
> Dennis Groves, MSc
> dennis.groves at owasp.org
> 
> 
> 
> On Thursday, 5 January 2012 at 14:30, Michael Coates wrote:
> 
>> Dennis,
>> 
>> I hoping that Jason's email cleared up any confusion for you (copied below). This approach is a store for meta data with no impact on code repository. Basically, everything moves forward nicely and we now have a place where people can see a concise listing of all the information about projects. No impact to where a project stores there code, really not much of an inconvenience at all.  
>> 
>> I'm excited to see where this goes and happy that they went through a process to evaluate many different options.
>> 
>> 
>> 
>> Michael Coates
>> OWASP
>> michael.coates at owasp.org (mailto:michael.coates at owasp.org)
>> 
>> 
>> 
>> 
>> Begin forwarded message:
>> 
>>> Christian,
>>> 
>>> We are using SourceForge as a mechanism to organize our project metadata and display our library of projects in a consumable fashion. The code repository functions and other features of SourceForge are *available* to project leaders, but they are not required to use SourceForge as their code repository. It is an *option* for project leaders and a choice to be made by the project leader. My understanding is that the ESAPI project decided to transition to SourceForge, as is their choice.
>>> 
>>> Regarding mailing lists, a combination of automated processes and OWASP staff largely maintain the mailing lists. Management of mailing lists is not a GPC responsibility. Nonetheless, Kate explains in the very thread you cite explains the mechanism that creates the leader's list, which explains your prior predicament.
>>> 
>>> Regarding selection of SourceForge, as has been previously mentioned, we had an open RFP for project infrastructure. We evaluated the proposals we received and chose the best candidate proposal (http://sl.owasp.org/gpcws-jun11-proceedings#h.4z9gh8ff79fg). There will always be concerns about decisions and choices made, but organizations cannot stand perpetually waiting for the fictional perfect solution that simultaneously solves everything and is amenable to 100% of the audience. Organizations do the best that they can with what the responses they receive.
>>> 
>>> -Jason
>> 
>> On Jan 5, 2012, at 4:23 AM, Dennis Groves wrote:
>> 
>>>> On Thursday, 5 January 2012 at 08:22, psiinon wrote:
>>>>> previously I got the impression that all of the OWASP projects would be required to migrate to SourceForge, which I think would have been a problem for some projects.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> I have the same impression, which I think this is a very daft idea, its like requiring people to use a dead horse in whatever they do!?!  
>>>> 
>>>> This is a great way to loose people, projects and years of momentum (I have personally met several projects OWASP has lost because of this). If people are willing to contribute - OWASP needs to get out of the way and let them contribute! OWASP should be greasing the wheels, not putting the breaks on!
>>>> 
>>>> Further, all the 'cool kids' use github and the like these days - In fact, even the *bitter old men* like myself use git these days… ;-)
>>>> 
>>>> OWASP really needs to undo this damage, personally, I advise people to do whatever they are comfortable with - just as long as the contribute and grow OWASP. We need to foster and encourage adoption not put up barriers.
>>>> 
>>>> 
>>>> Cheers,
>>>> 
>>>> Dennis Groves  
>>> 
>>> 
>>> _______________________________________________
>>> Global-projects-committee mailing list
>>> Global-projects-committee at lists.owasp.org (mailto:Global-projects-committee at lists.owasp.org)
>>> https://lists.owasp.org/mailman/listinfo/global-projects-committee
>> 
> 
> 
> 



More information about the OWASP-Leaders mailing list