[Owasp-leaders] R e: Proposing new guidelines to start code/tool projects

Dinis Cruz dinis.cruz at owasp.org
Wed Aug 27 11:31:13 UTC 2014


Or new projects could a fork(s) of multiple inactive project(s)
On 27 Aug 2014 10:27, "johanna curiel curiel" <johanna.curiel at owasp.org>
wrote:

> Personally, I would not want to limit any project team in its choice.
>
> Definetly not, but it is advisable to first take a look before starting
> one.
>
> Right now we have around 150 inactive projects, so is a huge list, and
> around 140 more or less active projects
>
>
> On Wednesday, August 27, 2014, psiinon <psiinon at gmail.com> wrote:
>
>> As someone who created a new OWASP project rather than contribute to the
>> established one, I completely agree with that :)
>> I also like the idea of announcing new project ideas to solicit feedback
>> from the community.
>>
>> Cheers,
>>
>> Simon
>>
>>
>> On Tue, Aug 26, 2014 at 10:48 PM, Tobias <tobias.gondrom at owasp.org>
>> wrote:
>>
>>>  Hm,
>>>
>>> it is always good to check whether there is already a project that does
>>> the same thing.
>>> And coordination has a lot of benefits.
>>>
>>> However, having said that, there is also a strength in competition and
>>> freedom through forking in open source as well. E.g. if another project
>>> lead is letting his project go inactive or following a different flavour
>>> that you think is not the best solution, it is a viable approach to "fork"
>>> and start a new project with a new crew instead of e.g. trying to twist an
>>> existing project team or revive a zombie under an inactive project lead.
>>> Sometimes a little competition can do wonders. Allowing the "may the best
>>> idea win" strategy.
>>>
>>> Personally, I would not want to limit any project team in its choice.
>>> However, it would make sense to make sure that people are aware of what is
>>> out there and whether it is still truly active. Otherwise you may face that
>>> problem by accident. Our 160 projects is a huge number to go through just
>>> to find out whether what you want to do already has a team working on it
>>> and whether it is really active. We could try to make this easier with an
>>> uptodate project inventory with some kind of current status data.
>>>
>>> Btw. one approach for that, would be to post new project ideas to the
>>> community list and invite project contributors from the wider community to
>>> join the team. And hopefully people could join the cause, shape the project
>>> plan together and also share information about what is already out there.
>>>
>>> Just my 2cents.
>>>
>>> Tobias
>>>
>>>
>>>
>>>
>>> On 26/08/14 17:42, johanna curiel curiel wrote:
>>>
>>>
>>> Helping to extend an existing project is often much easier and more
>>> useful than starting a completely new one...
>>>
>>>  Yes, we need to unify forces serving the same purpose, it makes it
>>> easier for everyone.
>>> We need to review carefully the submission of new projects so we can
>>> guide new potential project leaders into exisiting projects and they should
>>> take the time to verify if they revive an inactive one, join forces with
>>> existing one or starting a new one, especially document projects seem to
>>> suffer more of this issue(many treating the same subject almost
>>> identically) than tools or code projects
>>>
>>>
>>>  Regards
>>>
>>>  Johanna
>>>
>>> On Tuesday, August 26, 2014, psiinon <psiinon at gmail.com> wrote:
>>>
>>>>   I'm in favor of this as well.
>>>>
>>>>  A slightly related point - in this industry we do seem to suffer a lot
>>>> from NIH (Not Invented Here, for non native English speakers).
>>>>  When someone proposes a new project can we ask them to check that
>>>> there isnt already a related OWASP project?
>>>>  Helping to extend an existing project is often much easier and more
>>>> useful than starting a completely new one...
>>>>
>>>>  Cheers,
>>>>
>>>> Simon
>>>>
>>>>
>>>> On Mon, Aug 25, 2014 at 8:07 AM, Munir Njiru <munir.njiru at owasp.org>
>>>> wrote:
>>>>
>>>>> I totally agree with that idea
>>>>>
>>>>>
>>>>>   On Thu, Aug 21, 2014 at 8:30 PM, johanna curiel curiel <
>>>>> johanna.curiel at owasp.org> wrote:
>>>>>
>>>>>>  Leaders
>>>>>>
>>>>>>  After reviewing the entire list of code and tool projects , from
>>>>>> incubator to labs and flagship I have observed a main issue: Many projects
>>>>>> start without a single line of code, a binary or executable version of a
>>>>>> program.
>>>>>>
>>>>>>  This really creates an 'empty' list of projects(more than 50
>>>>>> projects were empty) that never launched or released a single line of code.
>>>>>>
>>>>>>  At OWASP we don't have an army of volunteers or paid staff to keep
>>>>>> up monitoring and maintain this, therefore I'm proposing a new guideline to
>>>>>> solve this issue. Anyone who wishes to start a project(tool/code) must have
>>>>>> at least:
>>>>>> -An open source repository
>>>>>> -At least some code written
>>>>>>
>>>>>>  The bar is low to allow development, but I think that any code/tool
>>>>>> project must have at least this in order to be consider incubator.
>>>>>>
>>>>>>  Let me know your thoughts and we can add this to the guidelines
>>>>>>
>>>>>>  Regards
>>>>>>
>>>>>>  Johanna
>>>>>>
>>>>>>  _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>  Munir Njenga,
>>>>> OWASP Chapter Leader (Kenya) || Information Security Consultant ||
>>>>> Developer
>>>>> Mob   (KE) +254 (0) 734960670 <%2B254%20%280%29%20734960670>
>>>>>
>>>>> =============================
>>>>>  Chapter Page: www.owasp.org/index.php/Kenya
>>>>>  Email: munir.njiru at owasp.org
>>>>>  Facebook: https://www.facebook.com/OWASP.Kenya
>>>>>  Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>
>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140827/c0915a88/attachment.html>


More information about the OWASP-Leaders mailing list