[Owasp-leaders] Google summer of code applications and chances to be selected

johanna curiel curiel johanna.curiel at owasp.org
Tue Feb 9 15:55:52 UTC 2016


Hi Nikola

What needs to be decided is:

OPTION 1: If OWASP applies with multiple projects as 1 org, then I'm not
sure which projects will be selected and which ones will get a slot* if *Google
accepts OWASP

OPTION 2: if OWASP applies as an umbrella, then project leaders can submit
independently a submission.  Google will provide or deny that specific
project slots. It means each project will act as a mentoring organisation

I prefer OPTION 2 because it avoids discussions about slots allocation if
OWASP gets selected and Google will look individually each project and
determine if it is accepted.

Imagine OWASP gets accepted and 5 projects are submitted but we get 3
slots. Well, its going to be a nice discussion . Has happened before.

Hope I have clarified your questions

Cheers

Johanna


On Tue, Feb 9, 2016 at 11:47 AM, Nikola Milosevic <
nikola.milosevic at owasp.org> wrote:

> Hello,
>
> I am now a bit confused, so can you practically help me. I participated in
> 2014 on GSoC. With what was said, should flagship projects apply separately
> and the rest under OWASP? Or what should I do (with still incubator project
> waiting for review)... If I apply separately? If I do, is it ok to put
> ideas on Wiki page Konstantinos just posted? Would it not be a bit cheating
> and putting one project at two places? I wouldn't like to see OWASP
> disqualified because of some issue like this.
>
> Pozdrav/Best regards,
>
> Nikola Milošević
> OWASP Seraphimdroid project leader
> nikola.milosevic at owasp.org
> OWASP - Open Web Application Security Project
> <https://www.owasp.org/index.php/Main_Page>
> OWASP Seraphimdroid Project
> <https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project>
>
> On Tue, Feb 9, 2016 at 1:20 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>> I>>'d rather have OWASP deciding slot policy and project participation
>> rather than leaving that to Google.
>>
>>
>> Agree on this one, but as you know, defining an active project needs to
>> be properly defined.
>> Openhub is an excellent measure system being used by the entire FOSS
>> community to measure project activity. This is what the project reviews and
>> monitoring team have been doing.
>>
>> Google will anyway look at these metrics and if OWASP submits an idea
>> page with many projects with low activity, this will reduce the chances of
>> other projects such as ZAP to participate because OWASP wont be selected as
>> an ORG based on a complete submission.
>>
>> This is what happened last year as more projects got involved with not
>> the same caliber as ZAP or even similar.
>>
>>
>>
>> On Tue, Feb 9, 2016 at 9:13 AM, Konstantinos Papapanagiotou <
>> Konstantinos at owasp.org> wrote:
>>
>>> Thank you Johanna for your input. Personally, I'd rather have OWASP
>>> deciding slot policy and project participation rather than leaving that to
>>> Google.
>>>
>>> Kostas
>>>
>>> On Tue, Feb 9, 2016 at 3:10 PM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>
>>>> >>In the way that we run GSoC until today we have the capability to
>>>> assign more slots to an active project if everyone agrees.
>>>>
>>>> Exactly, 'if' leaders agree.
>>>>
>>>> This is where the definition of 'active project' comes into place ;-)
>>>>
>>>> The rules under Gsoc define active project as:
>>>> To be eligible to participate as a mentoring organization, you must be
>>>> a group running an *active free/open source software project, e.g. *
>>>> *BRL-CAD* <http://brlcad.org/>*. *
>>>> https://developers.google.com/open-source/gsoc/faq
>>>>
>>>> BRL-CAD is a quite well developed and very active project :
>>>> https://www.openhub.net/p/brlcad
>>>> See Project activity icon is very high
>>>>
>>>> Similar project in OWASP is ZAP.: https://www.openhub.net/p/zaproxy
>>>>
>>>>
>>>> Many LAB projects do not have the caliber of these ones. And a 'group'
>>>> should be running the project, meaning developers dedicate to that project.
>>>> OWASP could support the project as an Admin , since you can register up to
>>>> 5 admins per submission per project.
>>>>
>>>> IMHO OWASP should apply as umbrella organisation and allow project
>>>> leaders to apply individually.
>>>> I don't think that a project with very low activity (see project
>>>> activity under Openhub:
>>>> http://blog.openhub.net/about-project-activity-icons/) would get a
>>>> chance
>>>> https://www.openhub.net/orgs/OWASP
>>>>
>>>> Gsoc has made this more explicit this year, so it becomes clear what
>>>> kind of projects they expect to submit.
>>>>
>>>> Also, why not allow project leaders to decide what they want? Create a
>>>> survey and submit a vote.
>>>>
>>>> Seen the past submissions and multiple discussions regarding slots, I
>>>> think the best is to allow leaders decide if they submit individually and
>>>> OWASP submits as an umbrella organisation.
>>>>
>>>> On Tue, Feb 9, 2016 at 8:34 AM, Konstantinos Papapanagiotou <
>>>> Konstantinos at owasp.org> wrote:
>>>>
>>>>> I agree that all projects should have an Ideas page that should
>>>>> reflect their roadmap and vision regardless if we participate in GSoC or
>>>>> not.
>>>>> I don't believe that being an umbrella organization will result in
>>>>> getting more slots overall. Each organization that falls under an umbrella
>>>>> org usually gets 1-2 slots.
>>>>> In the way that we run GSoC until today we have the capability to
>>>>> assign more slots to an active project if everyone agrees.
>>>>>
>>>>> Kostas
>>>>>
>>>>> On Tue, Feb 9, 2016 at 2:06 PM, johanna curiel curiel <
>>>>> johanna.curiel at owasp.org> wrote:
>>>>>
>>>>>> >>We could always apply as an umbrella org but we haven't done so
>>>>>> since it would create an administrative overhead for project leaders.
>>>>>>
>>>>>> It depends how you see it.
>>>>>>
>>>>>> IMHO, A well organised project as ZAP can do it individually and will
>>>>>> have less hassle to share and go through the 'slot' discussion.
>>>>>> As you know, Google provides limited slots and this has always has
>>>>>> been a source of discussions among project leaders of which projects and
>>>>>> how many slots should each project get
>>>>>>
>>>>>> I think that if projects self-organise making their own submissions,
>>>>>> then there will be no discussions how many slots will be divided between
>>>>>> the projects if OWASP gets selected as organisation. If that project gets
>>>>>> selected, then he will manage the program itself, as much of the works is
>>>>>> set on mentors.
>>>>>>
>>>>>> Also, having a good project idea page per project will allow that
>>>>>> project has better chances to be selected by Google.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Feb 9, 2016 at 8:00 AM, Konstantinos Papapanagiotou <
>>>>>> Konstantinos at owasp.org> wrote:
>>>>>>
>>>>>>> We could always apply as an umbrella org but we haven't done so
>>>>>>> since it would create an administrative overhead for project leaders. I
>>>>>>> agree that there are advantages but I don't think we are that big of an
>>>>>>> organization.
>>>>>>>
>>>>>>> By the way we are already working with Claudia on the application.
>>>>>>>
>>>>>>> Kostas
>>>>>>>
>>>>>>>
>>>>>>> On Tuesday, 9 February 2016, johanna curiel curiel <
>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>
>>>>>>>> It seems that in order to apply a submission to Gsoc, you dont need
>>>>>>>> to do It under owasp, but project based . You can define that you fall
>>>>>>>> under owasp as organization umbrella.
>>>>>>>>
>>>>>>>> An organisation under gsoc does not have to be an existing org
>>>>>>>> registered but an open source project acting as a mentoring organisation
>>>>>>>>
>>>>>>>> https://developers.google.com/open-source/gsoc/faq
>>>>>>>> What are the eligibility requirements for a mentoring organisation?
>>>>>>>>  To be eligible to participate as a mentoring organization, you
>>>>>>>> must be a group running an active free/open source software project, e.g.
>>>>>>>> BRL-CAD <http://brlcad.org/>*. The project does not need to be a
>>>>>>>> legally incorporated entity. Mentoring organizations *must have
>>>>>>>> *already* produced and released software under an Open Source
>>>>>>>> Initiative approved license <http://www.opensource.org/licenses> and
>>>>>>>> have at least two contributors to serve as organization administrators
>>>>>>>> and/or mentors for the entire program in order to participate in the
>>>>>>>> program.
>>>>>>>>
>>>>>>>> In addition, if owasp wants to have more chances to be selected, it
>>>>>>>> needs to work with enough anticipation on the project ideas page and at
>>>>>>>> recruiting students all year long before even the deadline is announced
>>>>>>>>
>>>>>>>> As an individual project, you as project leader can do so.
>>>>>>>>
>>>>>>>> http://en.flossmanuals.net/GSoCMentoring/defining-a-project/
>>>>>>>>
>>>>>>>> Your goal for GSoC is to generate a list of project ideas that
>>>>>>>> capture the development needs of your organization, attract the interest of
>>>>>>>> students, and help you get things done. This is often done as a community
>>>>>>>> effort that involves as many potential mentors as possible, helps create
>>>>>>>> buy-in from these mentors, and gives a broad range of perspectives on
>>>>>>>> organizational needs.* Creating your list of project ideas should
>>>>>>>> also be part of an ongoing long-term strategy, rather than a rushed act to
>>>>>>>> meet the application deadline. Many organizations maintain such project
>>>>>>>> lists year-round*.
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160209/926954cb/attachment-0001.html>


More information about the OWASP-Leaders mailing list