[Owasp-leaders] [GPC] Fw: Remote Repositories on SourceForge

Christian Heinrich christian.heinrich at owasp.org
Thu Jan 5 23:54:51 UTC 2012


Dennis,

I believe that OWASP Project Leaders are being mislead considering the
metadata can be generated for "free" using http://www.ohloh.net/tools
and http://www.ohloh.net/api/getting_started who support multiple
popular open source repositories.

I would like to draw your attention to the following quote that Jason
Li made within
https://lists.owasp.org/pipermail/global-projects-committee/2010-July/001369.html:

"My point was merely that any project for which we don't have the
source always has the danger of dying with the actions of the project
leader. By having an official repository for OWASP projects, we can
ensure that the source is always accessible for anyone and everyone in
OWASP and elsewhere to use, contribute and reference regardless of the
state of the project or its leader."

So while the GPC state that the above isn't their agenda now (as it
was in the past) then there is no guarantee that it won't be a
requirement in the future.

The GPC could have resolved their issue by selecting GitHub, which was
not a candidate approached in their closed uncompetitive tender and
also offers free Organizational Accounts for Open Source Projects, and
then issuing pull requests on the respective SVN or GIT OWASP Project
repositories.

I believe that there is significant concern as to how the closed
uncompetitive tender was executed and the candidates that were
directly approached without any regard to the greater open source
community and I am recommending that the OWASP Board proceed with a
formal inquiry?

On Thu, Jan 5, 2012 at 11:23 PM, Dennis Groves <dennis.groves at owasp.org> wrote:
>> On Thursday, 5 January 2012 at 08:22, psiinon wrote:
>> > previously I got the impression that all of the OWASP projects would be required to migrate to SourceForge, which I think would have been a problem for some projects.
>>
>>
>> I have the same impression, which I think this is a very daft idea, its like requiring people to use a dead horse in whatever they do!?!
>>
>> This is a great way to loose people, projects and years of momentum (I have personally met several projects OWASP has lost because of this). If people are willing to contribute - OWASP needs to get out of the way and let them contribute! OWASP should be greasing the wheels, not putting the breaks on!
>>
>> Further, all the 'cool kids' use github and the like these days - In fact, even the *bitter old men* like myself use git these days… ;-)
>>
>> OWASP really needs to undo this damage, personally, I advise people to do whatever they are comfortable with - just as long as the contribute and grow OWASP. We need to foster and encourage adoption not put up barriers.


-- 
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the OWASP-Leaders mailing list