<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">I agree with all of that.<div class=""><br class=""></div><div class="">This is an open source project. If they find issues, specially tiny issues that can be fixed with a few lines of code,</div><div class="">they are welcome to do so. That is not grounds for deleting a project.</div><div class=""><br class=""></div><div class="">The way I see it, is that they are trolling, and not helping. I have not created this library, and I’m only defending it because it is the right thing to do.</div><div class="">If you’d want to keep your “users” happy and your “contributors” unhappy, you should think of a commercial organization instead of an open one.</div><div class=""><br class=""></div><div class="">Regards</div><div class="">-Abbas</div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Nov 25, 2015, at 1:25 PM, johanna curiel curiel <<a href="mailto:johanna.curiel@owasp.org" class="">johanna.curiel@owasp.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Abbas<div class=""><br class=""></div><div class="">I think they made very strong points and the project is right now inactive since it has not been updated in more than a year.</div><div class=""><br class=""></div><div class="">The people commenting on your project have themselves quite reputation too.</div><div class=""><br class=""></div><div class="">I think if these issues cannot be fixed by you since you are the leader and since the project is inactive, the best is to warn users.</div><div class="">Sven who was a contributor also acknowledge the issues.</div><div class=""><br class=""></div><div class="">By the way , from complains of multiple PHP developers in the github page of the project to now twitter means they are not happy and they are trying to escalate their concerns.Thats how I see this.</div><div class=""><br class=""></div><div class="">regards</div><div class=""><br class=""></div><div class="">Johanna</div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Wed, Nov 25, 2015 at 2:20 PM, Abbas Naderi <span dir="ltr" class=""><<a href="mailto:abiusx@owasp.org" target="_blank" class="">abiusx@owasp.org</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">They are trying to troll the project.<div class="">Read the thread at <a href="https://github.com/OWASP/phpsec/issues/108#issuecomment-159676446" target="_blank" class="">https://github.com/OWASP/phpsec/issues/108#issuecomment-159676446</a> to realize that.</div><div class="">We have provided ample opportunity for them to contribute, fix, or help the project.</div><div class="">All they want is to take the project down, which I obviously refuse.</div><div class=""><br class=""></div><div class="">I don’t think it really hurts OWASP reputation. If anyone delves into the technical discussions that would be apparent.</div><div class="">Regards</div><span class="HOEnZb"><font color="#888888" class=""><div class="">-Abbas</div></font></span><div class=""><div class="h5"><div class=""><br class=""></div><div class=""><div class=""><blockquote type="cite" class=""><div class="">On Nov 25, 2015, at 1:17 PM, johanna curiel curiel <<a href="mailto:johanna.curiel@owasp.org" target="_blank" class="">johanna.curiel@owasp.org</a>> wrote:</div><br class=""><div class=""><div dir="ltr" class="">Hi Erlend<div class=""><br class=""></div><div class="">We are aware of the issues and remediation is underway ;-)</div><div class=""><br class=""></div><div class="">regards</div><div class=""><br class=""></div><div class="">Johanna</div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Wed, Nov 25, 2015 at 1:54 PM, Jim Manico <span dir="ltr" class=""><<a href="mailto:jim.manico@owasp.org" target="_blank" class="">jim.manico@owasp.org</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000" class="">
    Yup, it's bad.<br class="">
    <br class="">
    Johanna Curiel and Claudia are leading the charge here. They are in
    the process of fully removing the project from GitHub. As in, right
    now…<br class="">
    <br class="">
    - Jim<div class=""><div class=""><br class="">
    <br class="">
    <br class="">
    <div class="">On 11/25/15 7:50 PM,
      <a href="mailto:erlend.oftedal@owasp.org" target="_blank" class="">erlend.oftedal@owasp.org</a> wrote:<br class="">
    </div>
    </div></div><blockquote type="cite" class=""><div class=""><div class="">
      
      <div class="">
        <div style="font-family:Calibri,sans-serif;font-size:11pt" class="">Hi<br class="">
          <br class="">
          See <a href="https://twitter.com/voodooKobra/status/669537889500311553" target="_blank" class="">https://twitter.com/voodooKobra/status/669537889500311553</a>
          and the link in that message. <br class="">
          <br class="">
          According to the OWASP website the project is inactive, yet
          contributions are made on github, and there are no signs of
          the project status on github.<br class="">
          The crypto code is bad, as voodooKobra rightly points out.
          With a known key and iv, this encryption is useless.<br class="">
          And the code is referenced from stackoverflow++.<br class="">
          <br class="">
          When deactivating a project we need to make sure the
          deactivation is clearly visble on github as well.<br class="">
          <br class="">
          Best regards<br class="">
          Erlend Oftedal<br class="">
          OWASP Norway<br class="">
          @webtonull</div>
      </div>
      <br class="">
      <fieldset class=""></fieldset>
      <br class="">
      </div></div><pre class="">_______________________________________________
OWASP-Leaders mailing list
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank" class="">OWASP-Leaders@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank" class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a>
</pre>
    </blockquote>
    <br class="">
  </div>

<br class="">_______________________________________________<br class="">
OWASP-Leaders mailing list<br class="">
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank" class="">OWASP-Leaders@lists.owasp.org</a><br class="">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank" class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="">
<br class=""></blockquote></div><br class=""></div>
_______________________________________________<br class="">OWASP-Leaders mailing list<br class=""><a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank" class="">OWASP-Leaders@lists.owasp.org</a><br class=""><a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank" class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class=""></div></blockquote></div><br class=""></div></div></div></div></blockquote></div><br class=""></div>
</div></blockquote></div><br class=""></div></body></html>