johanna curiel curiel johanna.curiel at owasp.org
Tue Feb 2 21:58:15 UTC 2016

>>On the framework it appears to be more inline with a code project. I like
the idea of the framework but it should be tailored for the type of project
between code and documentation projects. Again just my opinion.

Hi Larry,

Right now this criteria is for code & Tools (see readme description)

We need to do the same for documentation, which this weekend I'll be

We are using Github because it allows leaders to create issues and comment.
Unfortunately with the wiki this is less visible and less handy for

The wiki is also going through a clean-up phase and still needs to be
determine who and when the clean up of the owasp project section will take
place. A lot of information there is outdated and incorrect (like grant
funds for Flagship's) . So far we are trying to focus on one thing at a
time, but there is a lot of work to do

Thank you for the feedback and we will keep you all posted with the

You can count that we will take a couple of months to develop the criteria.
We want as much as possible collaboration and comments to shape this with
as much input as possible.



On Tue, Feb 2, 2016 at 5:25 PM, Larry Conklin <larry.conklin at owasp.org>

> Hi Johanna
> I do have a few comments and questions.
> Why are we using github instead of our wiki? E.e.
> https://github.com/jowasp/review-features.  Don't get me wrong I am not
> super fond of the wiki. I do think we are allowing ourselves to become more
> fragmented by having some information on github, some in google docs and
> some of the wiki. Like it or not the wiki is or should be the point of
> origin for all information with links as needed to github and google docs.
> Just my opinion.
> On the framework it appears to be more inline with a code project. I like
> the idea of the framework but it should be tailored for the type of project
> between code and documentation projects. Again just my opinion.
> Larry
> On Mon, Feb 1, 2016 at 8:55 AM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>> Dear Project leaders,
>> As announced some weeks ago, we starting to work on redefining and
>> improving the graduation process and classification process for OWASP
>> projects, so they can be properly classified .
>> As we want to create a system to help automate this graduation process
>> but also count on your input, we have created the following Review overview
>> table.
>> https://github.com/jowasp/review-features
>> The idea is to have an overview of what makes a project a '*Project idea*
>> ',* Incubator, LAB or Flagship* so leaders know exactly what is expected
>> when they submit their new projects and when they need to be evaluated for
>> classification.
>> *We have introduced the 'project Idea' category to:*
>>    - Help new project leaders promote a concept they have not develop as
>>    a project yet with clear goals
>>    - Set a very low bar allowing leaders have a wiki page, mailing list
>>    and all the same benefits of having an 'incubator' project for promoting
>>    their concept
>>    - No monitoring is done on these category . Only when the leader has
>>    produced a deliverable it will be evaluated and set under OWASP Project
>>    inventory
>>    - Make clear to viewers and consumers of the information that the
>>    project is in development
>>    - Create an '*project idea pool*' that if a project leader has left
>>    it , another can easily take over:
>>       - Example:
>>       https://www.owasp.org/index.php/OWASP_Framework_Security_Project#tab=Main
>>       - was created by Michael Coates but so far has not been further
>>       developed, however recently Tim Morgan had the similar idea and took over
>>       the 'Project concept' to continue developing it
>>       -
>>       https://docs.google.com/spreadsheets/d/1tifBPBz1sqJBZ3QdXA3tQkyfhWavT_eOVzXe0UnSIZE/edit?ts=5696d4c6#gid=0
>> These requirements are based on criteria created since 2008 and 2013 by
>> the Global Committee and the Project advisers in 2013, and relative to each
>> project type.
>> *We want your input, so please help us redefine this by:*
>>    - Creating issues and commenting on each criteria
>>    - Submit new requirements if you find then necessary
>>    - Pull requests to help change and create the text
>> *Remember, you help define this process , the review team helps
>> facilitate it but by participating you define it.*
>> Cheers
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160202/5e079480/attachment-0001.html>

More information about the OWASP-Leaders mailing list