[Owasp-leaders] Publishing project
nikola.milosevic at owasp.org
Sat Oct 4 16:37:15 UTC 2014
Ok thank you. I just thought that there may be some review, but apparently
that is not related to publishing a version and has to be applied
separately. Which it may make quite a lot of sense if it was the review,
while I believe it is too much resource consuming to perform that for every
project and every version.
OWASP Seraphimdroid project leader
nikola.milosevic at owasp.org
OWASP - Open Web Application Security Project
OWASP Seraphimdroid Project
On Sat, Oct 4, 2014 at 1:07 PM, Fabio Cerullo <fcerullo at owasp.org> wrote:
> Does the project follow the rules set in the OWASP Project Handbook?
> If so, please go ahead and publish the app.
> Thanks for your contributions and delighted to know Google Summer of Code
> helped crafting the first version of Seraphimdroid.
> On Saturday, October 4, 2014, psiinon <psiinon at gmail.com> wrote:
>> Hi Nikola,
>> OWASP is an extremely decentralized organization: as a project leader you
>> can and should do whatever you think is necessary for your project
>> (including releasing it) without asking for permission.
>> So go for it :)
>> My take on it is that OWASP projects are open source projects that have
>> aligned themselves with OWASP.
>> OWASP has accepted your project as one that is appropriate and suitable
>> for the organization.
>> You can do anything you like with your project, including removing it
>> from OWASP.
>> OWASP can likewise decide that your project is no longer suitable and
>> also remove it from OWASP. Its not a common occurrence, but it can happen.
>> OWASP cannot remove you as project leader from your project - it does not
>> have that 'right'.
>> If you are about to do something that you think is potentially
>> controversial then I'd recommend asking for advice and feedback from fellow
>> leaders, either on this list or specific individuals you trust.
>> Or you can decide that its easier to ask for forgiveness rather than
>> permission ;)
>> If you are seen to be leading your project badly then 'normal' open
>> source conventions apply: you with find it increasingly hard to attract and
>> retain both contributors and users.
>> And your project could be forked by anyone else, OWASP member or not.
>> In theory this fork could in time be accepted as an OWASP project.
>> OK, that was all off topic ;)
>> A slightly more relevant topic is how to publicize your releases.
>> I would definitely recommend posting again to this list.
>> However I'm not sure on how suitable this list is for publicizing _every_
>> I tend to post about 'major' ZAP releases here, but not bugfix releases.I
>> do the same on BugTraq <http://www.securityfocus.com/archive/1>.
>> I always tweet about every release, and its always worth posting to
>> I always used to post to http://freecode.com/ but thats no longer being
>> maintained :(
>> Can anyone else recommend any other good options?
>> On Sat, Oct 4, 2014 at 10:07 AM, Nikola Milosevic <
>> nikola.milosevic at owasp.org> wrote:
>>> Hello Leaders,
>>> I would like to ask a simple question. Is there any procedure about
>>> publishing OWASP projects for the first time?
>>> During the Google Summer of Code, we kinda crafted the first version on
>>> OWASP (https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project),
>>> which is android project focused on user privacy mainly, but also has some
>>> security and educational aspects. I would like to publish current version
>>> on Google play. May I just do it or should someone approve it?
>>> Pozdrav/Best regards,
>>> Nikola Milošević
>>> OWASP Seraphimdroid project leader
>>> nikola.milosevic at owasp.org
>>> OWASP - Open Web Application Security Project
>>> OWASP Seraphimdroid Project
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders