[Owasp-leaders] Project Graduation Results

Larry Conklin larry.conklin at owasp.org
Thu Jan 12 17:22:19 UTC 2017


I sent this out in response to Tom Brenna email on roles and
responsibilities. My reason for doing so was partly based on this email
thread. below if what I wrote.

Tom, et-all

I want to steal your email thread because it does have a common thread that
I want to explore. We in OWASP proudly keep going down a path we don't want
to with total disregard to reality.

OWASP code project health. I have been involved with others trying to help
with getting our code projects into a healthy state. A hard thing to
accomplish and even much harder than it really should be.

Recently Claudia put out an email asking the community to help validate
OWASP code projects for promotion. First as a community, we drop the ball
in a big way. While everyone seems to have opinions about how projects will
be maintain, be in github under what ownership/account, what constitutes a
healthy project. Reading the feedback from Claudia only two people actually
went thru the process of validating the projects. That is not good for an
active community.

Second, I took the time to add comments to my validation. I made the
comment projects needed to use badges. Please, look at Zap and see how it
Zap project uses badges. Yes, they are the gold standard for other projects
in OWASP to strive too. I also made a comment about ownership in GitHub.  Was
any of my feedback sent to the project managers of these projects? Can my
feedback stop a promotion?

Third, I would like to know what the staffs (Claudia and Matt) roles are
and responsibilities for promotion of a project. I think Claudia email sent
out graduating the projects for promotion was ill advised.  While I am in
total agreement these, are great projects and add value to OWASP I would
like to see things like at what project level should the project owner be
OWASP or for it to be clearly stated for all projects not to be under the
OWASP account in github. At this point, I don’t have a preference other
than to say I am tired of reading the same old arguments again and again on
the OWASP leaders list. We need agree on things and go from there.

All, we seem to confuse progress as a circular path. We need true
benchmarks, that are agreed on than we need to have sure we live up to
these agreements. We need active staff and community involvement.

Right now, the OWASP project health is broken. To fix it needs community
and staff. Matt my assumption is when you took the position on technical
leader this was to be a primary focus for that position. Now is your time
to rise and shine. Good luck!

Community, we all need to get behind this. If ever a topic needed to be
feted at an OWASP summit this is it.


On Tue, Jan 10, 2017 at 9:49 PM, Sean Auriti <sean.auriti at owasp.org> wrote:

> I am willing to help out.  I would like to see the approval process fixed
> and improved.
>>
> On Tue, Jan 10, 2017 at 9:15 PM, Bev Corwin <bev.corwin at owasp.org> wrote:
>
>> Congratulations! Anyone willing to mentor, navigate and help map the
>> project approval process and metrics for other projects?
>>
>> Cheers,
>> Bev
>>
>>
>> On Tue, Jan 10, 2017 at 3:59 AM, Mark Denihan <mark.denihan at owasp.org>
>> wrote:
>>
>>> Congrats to all projects on their promotions, and I'd like to thank all
>>> the volunteers who put the ground work in reviewing projects for
>>> graduation. It's some amount of work
>>>
>>> On Tue, Jan 10, 2017 at 3:56 AM, Andrew van der Stock <
>>> vanderaj at owasp.org> wrote:
>>>
>>>> Congrats to the projects who have moved forward! :)
>>>>
>>>> I particularly use Security Shepherd all the time, so this is a well
>>>> deserved promotion. SKF is also well worth your time to investigate if
>>>> you're not seen it before.
>>>>
>>>> thanks
>>>> Andrew
>>>>
>>>>
>>>> On Tue, Jan 10, 2017 at 12:47 PM Claudia Casanovas <
>>>> claudia.aviles-casanovas at owasp.org> wrote:
>>>>
>>>>> OWASP Inventory Updates!
>>>>>
>>>>> Congratulations to Project Leaders below on moving your project
>>>>> forward to the next level!
>>>>>
>>>>> *New Flagship Project:*
>>>>>
>>>>> *Lab to Flagship Status Project Review Report*
>>>>> <https://docs.google.com/a/owasp.org/document/d/1AZZ_GZR0-uF1qBZDQdgdV49IyEZYT_91qQMHRGszDLw/edit?usp=sharing>
>>>>>
>>>>> *Lab to Flagship Status*
>>>>>
>>>>> *Project Name:* OWASP Security Shepherd
>>>>>
>>>>> *Project Leader: * Mark Denihan
>>>>>
>>>>> *Github Link:* https://github.com/OWASP/SecurityShepherd
>>>>>
>>>>> *Project Web Page:*  https://www.owasp.org/index.p
>>>>> hp/OWASP_Security_Shepherd
>>>>>
>>>>>
>>>>> *Positive Feedback Received  - See Results*
>>>>> <https://docs.google.com/spreadsheets/d/1QGAkk0NIjzvKb40McO0AzKVz7VwVBCSLTBprg_zbr2k/edit?usp=sharing>
>>>>>
>>>>>
>>>>> *New Lab Projects:*
>>>>>
>>>>> *Incubator to Lab Status Project Review Report*
>>>>> <https://docs.google.com/a/owasp.org/document/d/1dXW7qpIm5Zn53twFJZqBuI0XvqEolzhE-nyUe_FsrFc/edit?usp=sharing>
>>>>>
>>>>> *Project Name:* OWASP Security Knowledge Framework
>>>>> <https://www.owasp.org/index.php/OWASP_Security_Knowledge_Framework>
>>>>>
>>>>> *Project Leader:*  Glenn ten Cate
>>>>>
>>>>> *Project Web Page:* https://www.owasp.org/index.ph
>>>>> p/OWASP_Security_Knowledge_Framework
>>>>>
>>>>> *Github:* https://github.com/blabla1337/skf-flask
>>>>>
>>>>>
>>>>>
>>>>> <https://docs.google.com/spreadsheets/d/1QGAkk0NIjzvKb40McO0AzKVz7VwVBCSLTBprg_zbr2k/edit?usp=sharing>
>>>>>
>>>>> *Positive Feedback Received  - See Results*
>>>>> <https://docs.google.com/spreadsheets/d/1QGAkk0NIjzvKb40McO0AzKVz7VwVBCSLTBprg_zbr2k/edit?usp=sharing>
>>>>>
>>>>>
>>>>> *Incubator to Lab Status Project Review Report*
>>>>> <https://docs.google.com/a/owasp.org/document/d/1bCSdZ15W-XJlmkxoxhlj5lg9CDWHTfGuHs8gP5deotI/edit?usp=sharing>
>>>>>
>>>>> *Project Name:* OWASP Seraphimdroid
>>>>>
>>>>> *Project Leaders:* Nikola Milosevic, Kartik Kholi
>>>>>
>>>>> *OWASP Project Wiki Page: *https://www.owasp.org/index.ph
>>>>> p/OWASP_SeraphimDroid_Project
>>>>>
>>>>> *Github **URL:* https://github.com/nikolamilos
>>>>> evic86/owasp-seraphimdroid
>>>>>
>>>>>
>>>>>
>>>>> <https://docs.google.com/a/owasp.org/spreadsheets/d/1HlWQRu3FYANlNsnRsAYU9EC-JLkCtWNOw_78SPILzd4/edit?usp=sharing>
>>>>>
>>>>> *Positive Feedback Received  - See Results*
>>>>> <https://docs.google.com/a/owasp.org/spreadsheets/d/1HlWQRu3FYANlNsnRsAYU9EC-JLkCtWNOw_78SPILzd4/edit?usp=sharing>
>>>>>
>>>>>
>>>>> *Incubator to Lab Status Project Review Report*
>>>>> <https://docs.google.com/a/owasp.org/document/d/1uPVbbFLxHixU-vZi1mqYJqTx81j-huTszdvLU3WBcXE/edit?usp=sharing>
>>>>>
>>>>> *Project Name:* OWASP Security Logging Project
>>>>>
>>>>> *Project Leader: * Sytze van Koningsveld
>>>>>
>>>>> *Github page**:* https://github.com/javabeanz/owasp-security-logging
>>>>>
>>>>> *Project Web Page:*  https://www.owasp.org/index.p
>>>>> hp/OWASP_Security_Logging_Project
>>>>> --
>>>>>
>>>>>
>>>>> <https://docs.google.com/a/owasp.org/spreadsheets/d/1GEM-IsphFvrDESpMRD1aVzJh5qh4540q_aaO1OljJu0/edit?usp=sharing>
>>>>> *Positive Feedback Received  - See Results*
>>>>> <https://docs.google.com/a/owasp.org/spreadsheets/d/1GEM-IsphFvrDESpMRD1aVzJh5qh4540q_aaO1OljJu0/edit?usp=sharing>
>>>>>
>>>>> Claudia Aviles-Casanovas <claudia.aviles-casanovas at owasp.org>
>>>>> Project Coordinator
>>>>> Phone:973-288-1697 <(973)%20288-1697>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>
>>>
>>> --
>>> Regards,
>>>
>>> Mark Denihan
>>> OWASP Security Shepherd Project Leader
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170112/2dcc93e4/attachment-0001.html>


More information about the OWASP-Leaders mailing list