[Owasp-leaders] Google summer of code applications and chances to be selected

Nikola Milosevic nikola.milosevic at owasp.org
Tue Feb 9 16:05:21 UTC 2016


Alright, this discussion is about deciding which option we go for! From the
first email, I got impression that we already decided for option 2. From my
point of view both options have advantages and disadvantages. Last time
(2014), I believe everything was good in terms of slots, but maybe that's
because we were lucky. On the other hand last year, whole OWASP got
rejected, which was not very nice experience. As I think of it, it is quite
though issue. You may aim at being strong and apply together, but Google
may want to give chance and develop small orgs or you may got for multiple
small mentoring orgs in order to gain chances, but it may also reduce you
chance of getting some substantial number of students.

Pozdrav/Best regards,

Nikola Milošević
OWASP Seraphimdroid project leader
nikola.milosevic at owasp.org
OWASP - Open Web Application Security Project
<https://www.owasp.org/index.php/Main_Page>
OWASP Seraphimdroid Project
<https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project>

On Tue, Feb 9, 2016 at 3:55 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Hi Nikola
>
> What needs to be decided is:
>
> OPTION 1: If OWASP applies with multiple projects as 1 org, then I'm not
> sure which projects will be selected and which ones will get a slot* if *Google
> accepts OWASP
>
> OPTION 2: if OWASP applies as an umbrella, then project leaders can submit
> independently a submission.  Google will provide or deny that specific
> project slots. It means each project will act as a mentoring organisation
>
> I prefer OPTION 2 because it avoids discussions about slots allocation if
> OWASP gets selected and Google will look individually each project and
> determine if it is accepted.
>
> Imagine OWASP gets accepted and 5 projects are submitted but we get 3
> slots. Well, its going to be a nice discussion . Has happened before.
>
> Hope I have clarified your questions
>
> Cheers
>
> Johanna
>
>
> On Tue, Feb 9, 2016 at 11:47 AM, Nikola Milosevic <
> nikola.milosevic at owasp.org> wrote:
>
>> Hello,
>>
>> I am now a bit confused, so can you practically help me. I participated
>> in 2014 on GSoC. With what was said, should flagship projects apply
>> separately and the rest under OWASP? Or what should I do (with still
>> incubator project waiting for review)... If I apply separately? If I do, is
>> it ok to put ideas on Wiki page Konstantinos just posted? Would it not be a
>> bit cheating and putting one project at two places? I wouldn't like to see
>> OWASP disqualified because of some issue like this.
>>
>> Pozdrav/Best regards,
>>
>> Nikola Milošević
>> OWASP Seraphimdroid project leader
>> nikola.milosevic at owasp.org
>> OWASP - Open Web Application Security Project
>> <https://www.owasp.org/index.php/Main_Page>
>> OWASP Seraphimdroid Project
>> <https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project>
>>
>> On Tue, Feb 9, 2016 at 1:20 PM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> I>>'d rather have OWASP deciding slot policy and project participation
>>> rather than leaving that to Google.
>>>
>>>
>>> Agree on this one, but as you know, defining an active project needs to
>>> be properly defined.
>>> Openhub is an excellent measure system being used by the entire FOSS
>>> community to measure project activity. This is what the project reviews and
>>> monitoring team have been doing.
>>>
>>> Google will anyway look at these metrics and if OWASP submits an idea
>>> page with many projects with low activity, this will reduce the chances of
>>> other projects such as ZAP to participate because OWASP wont be selected as
>>> an ORG based on a complete submission.
>>>
>>> This is what happened last year as more projects got involved with not
>>> the same caliber as ZAP or even similar.
>>>
>>>
>>>
>>> On Tue, Feb 9, 2016 at 9:13 AM, Konstantinos Papapanagiotou <
>>> Konstantinos at owasp.org> wrote:
>>>
>>>> Thank you Johanna for your input. Personally, I'd rather have OWASP
>>>> deciding slot policy and project participation rather than leaving that to
>>>> Google.
>>>>
>>>> Kostas
>>>>
>>>> On Tue, Feb 9, 2016 at 3:10 PM, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>>> >>In the way that we run GSoC until today we have the capability to
>>>>> assign more slots to an active project if everyone agrees.
>>>>>
>>>>> Exactly, 'if' leaders agree.
>>>>>
>>>>> This is where the definition of 'active project' comes into place ;-)
>>>>>
>>>>> The rules under Gsoc define active project as:
>>>>> To be eligible to participate as a mentoring organization, you must be
>>>>> a group running an *active free/open source software project, e.g. *
>>>>> *BRL-CAD* <http://brlcad.org/>*. *
>>>>> https://developers.google.com/open-source/gsoc/faq
>>>>>
>>>>> BRL-CAD is a quite well developed and very active project :
>>>>> https://www.openhub.net/p/brlcad
>>>>> See Project activity icon is very high
>>>>>
>>>>> Similar project in OWASP is ZAP.: https://www.openhub.net/p/zaproxy
>>>>>
>>>>>
>>>>> Many LAB projects do not have the caliber of these ones. And a 'group'
>>>>> should be running the project, meaning developers dedicate to that project.
>>>>> OWASP could support the project as an Admin , since you can register up to
>>>>> 5 admins per submission per project.
>>>>>
>>>>> IMHO OWASP should apply as umbrella organisation and allow project
>>>>> leaders to apply individually.
>>>>> I don't think that a project with very low activity (see project
>>>>> activity under Openhub:
>>>>> http://blog.openhub.net/about-project-activity-icons/) would get a
>>>>> chance
>>>>> https://www.openhub.net/orgs/OWASP
>>>>>
>>>>> Gsoc has made this more explicit this year, so it becomes clear what
>>>>> kind of projects they expect to submit.
>>>>>
>>>>> Also, why not allow project leaders to decide what they want? Create a
>>>>> survey and submit a vote.
>>>>>
>>>>> Seen the past submissions and multiple discussions regarding slots, I
>>>>> think the best is to allow leaders decide if they submit individually and
>>>>> OWASP submits as an umbrella organisation.
>>>>>
>>>>> On Tue, Feb 9, 2016 at 8:34 AM, Konstantinos Papapanagiotou <
>>>>> Konstantinos at owasp.org> wrote:
>>>>>
>>>>>> I agree that all projects should have an Ideas page that should
>>>>>> reflect their roadmap and vision regardless if we participate in GSoC or
>>>>>> not.
>>>>>> I don't believe that being an umbrella organization will result in
>>>>>> getting more slots overall. Each organization that falls under an umbrella
>>>>>> org usually gets 1-2 slots.
>>>>>> In the way that we run GSoC until today we have the capability to
>>>>>> assign more slots to an active project if everyone agrees.
>>>>>>
>>>>>> Kostas
>>>>>>
>>>>>> On Tue, Feb 9, 2016 at 2:06 PM, johanna curiel curiel <
>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>>> >>We could always apply as an umbrella org but we haven't done so
>>>>>>> since it would create an administrative overhead for project leaders.
>>>>>>>
>>>>>>> It depends how you see it.
>>>>>>>
>>>>>>> IMHO, A well organised project as ZAP can do it individually and
>>>>>>> will have less hassle to share and go through the 'slot' discussion.
>>>>>>> As you know, Google provides limited slots and this has always has
>>>>>>> been a source of discussions among project leaders of which projects and
>>>>>>> how many slots should each project get
>>>>>>>
>>>>>>> I think that if projects self-organise making their own submissions,
>>>>>>> then there will be no discussions how many slots will be divided between
>>>>>>> the projects if OWASP gets selected as organisation. If that project gets
>>>>>>> selected, then he will manage the program itself, as much of the works is
>>>>>>> set on mentors.
>>>>>>>
>>>>>>> Also, having a good project idea page per project will allow that
>>>>>>> project has better chances to be selected by Google.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Feb 9, 2016 at 8:00 AM, Konstantinos Papapanagiotou <
>>>>>>> Konstantinos at owasp.org> wrote:
>>>>>>>
>>>>>>>> We could always apply as an umbrella org but we haven't done so
>>>>>>>> since it would create an administrative overhead for project leaders. I
>>>>>>>> agree that there are advantages but I don't think we are that big of an
>>>>>>>> organization.
>>>>>>>>
>>>>>>>> By the way we are already working with Claudia on the application.
>>>>>>>>
>>>>>>>> Kostas
>>>>>>>>
>>>>>>>>
>>>>>>>> On Tuesday, 9 February 2016, johanna curiel curiel <
>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>
>>>>>>>>> It seems that in order to apply a submission to Gsoc, you dont
>>>>>>>>> need to do It under owasp, but project based . You can define that you fall
>>>>>>>>> under owasp as organization umbrella.
>>>>>>>>>
>>>>>>>>> An organisation under gsoc does not have to be an existing org
>>>>>>>>> registered but an open source project acting as a mentoring organisation
>>>>>>>>>
>>>>>>>>> https://developers.google.com/open-source/gsoc/faq
>>>>>>>>> What are the eligibility requirements for a mentoring organisation?
>>>>>>>>>  To be eligible to participate as a mentoring organization, you
>>>>>>>>> must be a group running an active free/open source software project, e.g.
>>>>>>>>> BRL-CAD <http://brlcad.org/>*. The project does not need to be a
>>>>>>>>> legally incorporated entity. Mentoring organizations *must have
>>>>>>>>> *already* produced and released software under an Open Source
>>>>>>>>> Initiative approved license <http://www.opensource.org/licenses> and
>>>>>>>>> have at least two contributors to serve as organization administrators
>>>>>>>>> and/or mentors for the entire program in order to participate in the
>>>>>>>>> program.
>>>>>>>>>
>>>>>>>>> In addition, if owasp wants to have more chances to be selected,
>>>>>>>>> it needs to work with enough anticipation on the project ideas page and at
>>>>>>>>> recruiting students all year long before even the deadline is announced
>>>>>>>>>
>>>>>>>>> As an individual project, you as project leader can do so.
>>>>>>>>>
>>>>>>>>> http://en.flossmanuals.net/GSoCMentoring/defining-a-project/
>>>>>>>>>
>>>>>>>>> Your goal for GSoC is to generate a list of project ideas that
>>>>>>>>> capture the development needs of your organization, attract the interest of
>>>>>>>>> students, and help you get things done. This is often done as a community
>>>>>>>>> effort that involves as many potential mentors as possible, helps create
>>>>>>>>> buy-in from these mentors, and gives a broad range of perspectives on
>>>>>>>>> organizational needs.* Creating your list of project ideas should
>>>>>>>>> also be part of an ongoing long-term strategy, rather than a rushed act to
>>>>>>>>> meet the application deadline. Many organizations maintain such project
>>>>>>>>> lists year-round*.
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160209/91a8d582/attachment-0001.html>


More information about the OWASP-Leaders mailing list