[Owasp-leaders] Publishing project

Eoin Keary eoin.keary at owasp.org
Sat Oct 4 18:08:29 UTC 2014


+1
If its open source, solves a security issue and active: welcome to OWASP!
Vendor branding association is worth obeying / observing also...



Eoin Keary
Owasp Global Board
+353 87 977 2988


On 4 Oct 2014, at 11:47, psiinon <psiinon at gmail.com> wrote:

> Hi Nikola,
> 
> OWASP is an extremely decentralized organization: as a project leader you can and should do whatever you think is necessary for your project (including releasing it) without asking for permission.
> So go for it :)
> 
> My take on it is that OWASP projects are open source projects that have aligned themselves with OWASP.
> OWASP has accepted your project as one that is appropriate and suitable for the organization.
> 
> You can do anything you like with your project, including removing it from OWASP.
> OWASP can likewise decide that your project is no longer suitable and also remove it from OWASP. Its not a common occurrence, but it can happen.
> OWASP cannot remove you as project leader from your project - it does not have that 'right'.
> 
> If you are about to do something that you think is potentially controversial then I'd recommend asking for advice and feedback from fellow leaders, either on this list or specific individuals you trust.
> Or you can decide that its easier to ask for forgiveness rather than permission ;)
> 
> If you are seen to be leading your project badly then 'normal' open source conventions apply: you with find it increasingly hard to attract and retain both contributors and users.
> And your project could be forked by anyone else, OWASP member or not.
> In theory this fork could in time be accepted as an OWASP project.
> 
> OK, that was all off topic ;)
> 
> A slightly more relevant topic is how to publicize your releases.
> I would definitely recommend posting again to this list.
> However I'm not sure on how suitable this list is for publicizing _every_ release.
> I tend to post about 'major' ZAP releases here, but not bugfix releases.I do the same on BugTraq.
> I always tweet about every release, and its always worth posting to ToolsWatch.org.
> I always used to post to http://freecode.com/ but thats no longer being maintained :(
> Can anyone else recommend any other good options?
> 
> Cheers,
> 
> Simon
> 
> 
> On Sat, Oct 4, 2014 at 10:07 AM, Nikola Milosevic <nikola.milosevic at owasp.org> wrote:
>> Hello Leaders,
>> 
>> I would like to ask a simple question. Is there any procedure about publishing OWASP projects for the first time?
>> 
>> During the Google Summer of Code, we kinda crafted the first version on OWASP Seraphimdroid (https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project), which is android project focused on user privacy mainly, but also has some security and educational aspects. I would like to publish current version on Google play. May I just do it or should someone approve it?
>> 
>> 
>> Pozdrav/Best regards,
>>  
>> Nikola Milošević
>> OWASP Seraphimdroid project leader
>> nikola.milosevic at owasp.org
>> OWASP - Open Web Application Security Project
>> OWASP Seraphimdroid Project
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> -- 
> OWASP ZAP Project leader
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141004/07f11a30/attachment.html>


More information about the OWASP-Leaders mailing list