[Owasp-leaders] Publishing project

Nikola Milosevic nikola.milosevic at owasp.org
Sat Oct 4 16:37:15 UTC 2014


Ok thank you. I just thought that there may be some review, but apparently
that is not related to publishing a version and has to be applied
separately. Which it may make quite a lot of sense if it was the review,
while I believe it is too much resource consuming to perform that for every
project and every version.

Pozdrav/Best regards,

Nikola Milošević
OWASP Seraphimdroid project leader
nikola.milosevic at owasp.org
OWASP - Open Web Application Security Project
<https://www.owasp.org/index.php/Main_Page>
OWASP Seraphimdroid Project
<https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project>

On Sat, Oct 4, 2014 at 1:07 PM, Fabio Cerullo <fcerullo at owasp.org> wrote:

> Nikola
>
> Does the project follow the rules set in the OWASP Project Handbook?
>
> https://www.owasp.org/index.php/OWASP_2014_Project_Handbook
>
> If so, please go ahead and publish the app.
>
> Thanks for your contributions and delighted to know Google Summer of Code
> helped crafting the first version of Seraphimdroid.
>
> Fabio
>
>
> On Saturday, October 4, 2014, psiinon <psiinon at gmail.com> wrote:
>
>> Hi Nikola,
>>
>> OWASP is an extremely decentralized organization: as a project leader you
>> can and should do whatever you think is necessary for your project
>> (including releasing it) without asking for permission.
>> So go for it :)
>>
>> My take on it is that OWASP projects are open source projects that have
>> aligned themselves with OWASP.
>> OWASP has accepted your project as one that is appropriate and suitable
>> for the organization.
>>
>> You can do anything you like with your project, including removing it
>> from OWASP.
>> OWASP can likewise decide that your project is no longer suitable and
>> also remove it from OWASP. Its not a common occurrence, but it can happen.
>> OWASP cannot remove you as project leader from your project - it does not
>> have that 'right'.
>>
>> If you are about to do something that you think is potentially
>> controversial then I'd recommend asking for advice and feedback from fellow
>> leaders, either on this list or specific individuals you trust.
>> Or you can decide that its easier to ask for forgiveness rather than
>> permission ;)
>>
>> If you are seen to be leading your project badly then 'normal' open
>> source conventions apply: you with find it increasingly hard to attract and
>> retain both contributors and users.
>> And your project could be forked by anyone else, OWASP member or not.
>> In theory this fork could in time be accepted as an OWASP project.
>>
>> OK, that was all off topic ;)
>>
>> A slightly more relevant topic is how to publicize your releases.
>> I would definitely recommend posting again to this list.
>> However I'm not sure on how suitable this list is for publicizing _every_
>> release.
>> I tend to post about 'major' ZAP releases here, but not bugfix releases.I
>> do the same on BugTraq <http://www.securityfocus.com/archive/1>.
>> I always tweet about every release, and its always worth posting to
>> ToolsWatch.org.
>> I always used to post to http://freecode.com/ but thats no longer being
>> maintained :(
>> Can anyone else recommend any other good options?
>>
>> Cheers,
>>
>> Simon
>>
>>
>> On Sat, Oct 4, 2014 at 10:07 AM, Nikola Milosevic <
>> nikola.milosevic at owasp.org> wrote:
>>
>>> Hello Leaders,
>>>
>>> I would like to ask a simple question. Is there any procedure about
>>> publishing OWASP projects for the first time?
>>>
>>> During the Google Summer of Code, we kinda crafted the first version on
>>> OWASP  (https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project),
>>> which is android project focused on user privacy mainly, but also has some
>>> security and educational aspects. I would like to publish current version
>>> on Google play. May I just do it or should someone approve it?
>>>
>>>
>>> Pozdrav/Best regards,
>>>
>>> Nikola Milošević
>>> OWASP Seraphimdroid project leader
>>> nikola.milosevic at owasp.org
>>> OWASP - Open Web Application Security Project
>>> <https://www.owasp.org/index.php/Main_Page>
>>> OWASP Seraphimdroid Project
>>> <https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141004/a0249e40/attachment.html>


More information about the OWASP-Leaders mailing list