[Owasp-leaders] Rethinking project stages and graduation process
Azeddine Islam Mennouchi
azeddine.mennouchi at owasp.org
Wed Dec 2 17:10:00 UTC 2015
For the few past months I was just observing the discussions and I m really
sad to see and read what has been said
To be honest some people in the org. Expect Thanks and compliments on
I wanted to say that in the beginning just to hilight some attitudes and
the conplaining of some people.
As an inactive member of the project task force let me say despite the
efforts that have been done the process from a technical point of view is
For example submitting requests for new projects or for a review is through
an owasp form which go to a staff member and he/she will forward it to the
task force this process takes time and even after getting the details in
many situations additional details need to be asked from the submitter or
just feedback and this is a slow process I think that creating a platform
for this will make it easier for the task force to respond a standardized
platform where the task force is going to receive requests and respond to
them easily is a great addition and I m volunteering to develop it with a
little help so we can precise the needs and do the right architecture for
On Dec 2, 2015 5:16 PM, "Nikola Milosevic" <nikola.milosevic at owasp.org>
> Hello everyone,
> I will rise one issue, since we are in a period when we need to rethink a
> bit internal organization of OWASP because of various reasons and get
> realistic and pragmatic with some. One issue that is troubling me for some
> time are project stages and graduation process.
> What is the problem?
> On the first sight nothing. The process is nice and stages are ok defined.
> Unless you are leading a project and want your project graduated, because
> you think it is a time for your project, after some development from your
> side and various contributors on Google Summer of Code and OWASP Code
> Summer Sprint to be in the next stage (in my case Lab). Then you realize
> that reviewing process lacks volunteers. Even Johanna who led project
> review task force said that there was no real review committee or in other
> word it was not big enough for the workload. After submitting review
> request, when you don't get any real response for 4-5 months it gets a bit
> frustrating. Especially, if you think that project is mature enough and
> label incubator, could be a bit damaging.
> I fully understand that we should have stages of project in order to
> distinguish mature and well accepted project in the community from the new
> ones. And review process worked for some time, but it seems to me that it
> does not anymore. So I think we should get a bit more realistic and rethink
> what we can do with current resources, so we can allow well performing
> projects to grow, graduate and change to more mature stages. I would
> welcome all ideas. However, I think for now it might be good idea to have
> only flagship and non-flagship project (find better name). Since there are
> only few flagship project, I think we will be able to review them and
> potentially project wanting to graduate into flagships, while other will
> not be labeled and stuck in some stage. Also, currently there is no big
> difference in terms of resources between lab and incubator, apart from that
> lab could have some sort of priority, which could be make equal.
> Please let me know what you think and whether you think that current
> review process is sustainable (since my experience showed different)?
> Best regards,
> Nikola Milošević
> OWASP Seraphimdroid project leader
> nikola.milosevic at owasp.org
> OWASP - Open Web Application Security Project
> OWASP Seraphimdroid Project
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders