If OWASP cannot handle archives, there are other non profits with missions to archive defunct programs that might be interested. For example, Science Gateways. Although they mostly archive gov't funded research, sometimes they will archive tools. Same possibly for CTSC.<br><br><div class="gmail_quote"><div dir="ltr">On Tue, Jan 10, 2017, 10:06 AM Sean Auriti <<a href="mailto:sean.auriti@owasp.org">sean.auriti@owasp.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="https://tommcfarlin.com/delete-old-repositories/" class="gmail_msg" target="_blank">https://tommcfarlin.com/delete-old-repositories/</a><br class="gmail_msg"><br class="gmail_msg">It seems there is some value to having the code around and marked as archived / deprecated / unmaintained.<br class="gmail_msg"><br class="gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg"><div dir="ltr" class="gmail_msg">On Tue, Jan 10, 2017 at 4:55 AM Bjoern Kimminich <<a href="mailto:bjoern.kimminich@owasp.org" class="gmail_msg" target="_blank">bjoern.kimminich@owasp.org</a>> wrote:<br class="gmail_msg"></div><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">I do not think that OWASP org on GitHub should be a historical inventory. Everything on <a href="http://github.com/OWASP" class="gmail_msg" target="_blank">github.com/OWASP</a> should be usable, documented and - most importantly - responsive to user requests (via Issues) and contributions (via PRs). Unmaintained projects fail at responsiveness, so they end up with tons of unanwered issues.<div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Prime example from yesterday: In <a href="https://github.com/OWASP/rbac/issues/88" class="gmail_msg" target="_blank">https://github.com/OWASP/rbac/issues/88</a> a user asks: <i class="gmail_msg">"<span style="color:rgb(51,51,51);font-family:-apple-system,blinkmacsystemfont,"segoe ui",helvetica,arial,sans-serif,"apple color emoji","segoe ui emoji","segoe ui symbol";font-size:14px" class="gmail_msg">why no new commits in the package from 2015, I need to use it in large scale app and I'm afraid because of maintained. </span><span style="color:rgb(51,51,51);font-family:-apple-system,blinkmacsystemfont,"segoe ui",helvetica,arial,sans-serif,"apple color emoji","segoe ui emoji","segoe ui symbol";font-size:14px" class="gmail_msg">any help?</span>"</i></div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">This leaves a bad impression on maturity of OWASP's open source offerings. Even an honest <i class="gmail_msg">"Sorry, this project is currently not in active development!"</i> would be fine. Not receiving a response is what frustrates me most when opening an issue or PR. That's why we should at least make it visible when a project is unmaintained, so they <i class="gmail_msg">do not even ask a question in the first place</i> and won't be disappointed if they never get an answer.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Put the "Inactive Project" banner on top of the README. Adding a "Use Project X instead" would be great! Alternatively move projects like this to an "owasp-archive"- or "owasp-legacy"-org if you prefer. Zombies should not stay in our main GitHub organization and certainly we should not add more.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Also please note, that <i class="gmail_msg">deleting or moving a GitHub repository</i> is <u class="gmail_msg">not</u> equivalent to <i class="gmail_msg">deleting an OWASP Project</i>. Furthermore, <i class="gmail_msg">unmaintained</i> is a pretty blurry term, so I'd make it easier to grasp with some KPIs, such as:</div><div class="gmail_msg"><ul class="gmail_msg"><li class="gmail_msg">number of total open issues</li><li class="gmail_msg">number of issues without a response/comment/label added by project team</li><li class="gmail_msg">age of oldest open issue</li><li class="gmail_msg"><i class="gmail_msg">same as above three for PRs</i></li><li class="gmail_msg">age of last commit</li><li class="gmail_msg">age of last release</li></ul><div class="gmail_msg">Statistics can give us a good overview here. Part of this we even get for free for projects we register on OpenHub: <a href="https://www.openhub.net/orgs/OWASP/projects" class="gmail_msg" target="_blank">https://www.openhub.net/orgs/OWASP/projects</a></div><div class="gmail_msg">They just don't seem to update as regular as they did in the past and I have no idea how to retrigger an analysis over there.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Cheers,</div></div><div class="gmail_msg">Björn</div></div><div dir="ltr" class="gmail_msg"><div class="gmail_extra gmail_msg"><br class="gmail_msg"></div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">On Tue, Jan 10, 2017 at 1:23 AM, Sean Auriti <span dir="ltr" class="gmail_msg"><<a href="mailto:sean.auriti@owasp.org" class="gmail_msg" target="_blank">sean.auriti@owasp.org</a>></span> wrote:<br class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr" class="gmail_msg">On this note.  I think it would be good that every single OWASP project be on the OWASP github.  Even if they are not actively maintained.  Also before we delete any project, it would be good to check in with the project leaders and confirm that they no longer want that project to be an OWASP project.</div><div hspace="streak-pt-mark" style="max-height:1px" class="gmail_msg"><img style="width:0px;max-height:0px;overflow:hidden" src="https://mailfoogae.appspot.com/t?sender=ac2VhbkBhbHBoYW9uZWxhYnMuY29t&type=zerocontent&guid=7d69089b-b5d9-47ee-b4b2-f27f418954d5" class="gmail_msg"><font color="#ffffff" size="1" class="gmail_msg">ᐧ</font></div><div class="m_478192807895692285m_-3139503789372015658gmail-HOEnZb gmail_msg"><div class="m_478192807895692285m_-3139503789372015658gmail-h5 gmail_msg"><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">On Mon, Jan 9, 2017 at 7:18 PM, Chetan Karande <span dir="ltr" class="gmail_msg"><<a href="mailto:chetan.karande@owasp.org" class="gmail_msg" target="_blank">chetan.karande@owasp.org</a>></span> wrote:<br class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><p dir="ltr" class="gmail_msg">+1. Thanks  Bjoern for bringing this up.</p>
<p dir="ltr" class="gmail_msg">Without proper access rights, there is no way for project leaders to assign issues to contributors who are not already part of OWASP github account. It would be really helpful for project leaders to have rights to create a project team and add members to it.</p><span class="m_478192807895692285m_-3139503789372015658gmail-m_8995449731613148128HOEnZb gmail_msg"><font color="#888888" class="gmail_msg">
<p dir="ltr" class="gmail_msg">Chetan Karande<br class="gmail_msg">
OWASP NodeGoat project </p></font></span><div class="m_478192807895692285m_-3139503789372015658gmail-m_8995449731613148128HOEnZb gmail_msg"><div class="m_478192807895692285m_-3139503789372015658gmail-m_8995449731613148128h5 gmail_msg">
<div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">On Jan 3, 2017 9:52 AM, "Bev Corwin" <<a href="mailto:bev.corwin@owasp.org" class="gmail_msg" target="_blank">bev.corwin@owasp.org</a>> wrote:<br type="attribution" class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr" class="gmail_msg">+1 Yes, please set up a committee meeting to discuss this and how to best set up. Best wishes.<div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Bev</div><div class="gmail_msg"><br class="gmail_msg"></div></div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">On Tue, Jan 3, 2017 at 4:55 AM, johanna curiel curiel <span dir="ltr" class="gmail_msg"><<a href="mailto:johanna.curiel@owasp.org" class="gmail_msg" target="_blank">johanna.curiel@owasp.org</a>></span> wrote:<br class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr" class="gmail_msg">+Bjoern, I agree on this.<div class="gmail_msg">If our technical staff also agrees, I think this clean up is surely necessary</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">@Matt: If you also agree or have another suggestions from the technical point of view, please let us know so Bjorn can continue with the proposed changes</div></div><div class="gmail_extra gmail_msg"><div class="gmail_msg"><div class="m_478192807895692285m_-3139503789372015658gmail-m_8995449731613148128m_-2092880622667839636m_7001777449250784046h5 gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">On Wed, Dec 28, 2016 at 3:35 PM, Bjoern Kimminich <span dir="ltr" class="gmail_msg"><<a href="mailto:bjoern.kimminich@owasp.org" class="gmail_msg" target="_blank">bjoern.kimminich@owasp.org</a>></span> wrote:<br class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br class="gmail_msg">
Hash: SHA512<br class="gmail_msg">
<br class="gmail_msg">
Hi all,<br class="gmail_msg">
<br class="gmail_msg">
I noticed that the access rights on our GitHub organization are a mess at the moment. Most repositories have a "team" defined representing the project team - which is good, especially if a project has multiple repos, where manually adding individuals to each stops being fun.<br class="gmail_msg">
<br class="gmail_msg">
The bad news: Most of these "teams" have been deleted at some point in time. GitHub unfortunately does not remove those from assigned repos automatically. So we now have a several zombie teams on GitHub that show a 404 when trying to view them.<br class="gmail_msg">
<br class="gmail_msg">
Then there is this "Owner" team where ~17 people are in, and an "Admin" team where only I am in, for unknown reason. Neither team membership gives full access to the org settings, so no idea what they are good for.<br class="gmail_msg">
<br class="gmail_msg">
Is there a secret concept behind this? If not, I vote for tabula rasa:<br class="gmail_msg">
<br class="gmail_msg">
1. Delete all teams<br class="gmail_msg">
2. Remove all (zombie) teams from all repos<br class="gmail_msg">
3. Create a dedicated team per OWASP project that has repos in the org and assign their members<br class="gmail_msg">
4. Assign teams to their repos as "Writer" or "Admin" (depending how project prefers)<br class="gmail_msg">
5. Give at least project leader individual "Admin" prefs on repos of his/her projects<br class="gmail_msg">
(6. Create one admin team and assign it as "Admin" to all repos)<br class="gmail_msg">
<br class="gmail_msg">
Better ideas? I suggest doing this *after* clearing the trash/empty repositories to avoid useless effort.<br class="gmail_msg">
<br class="gmail_msg">
Cheers,<br class="gmail_msg">
Bjoern<br class="gmail_msg">
-----BEGIN PGP SIGNATURE-----<br class="gmail_msg">
<br class="gmail_msg">
iQFfBAEBCgBJQhxCasO2cm4gS2ltbWluaWNoIChQcml2YXRlIEVtYWlsYWRyZXNz<br class="gmail_msg">
ZSkgPGJqb2Vybi5raW1taW5pY2hAZ214LmRlPgUCWGPNngAKCRAGKoWoy/vc2qtI<br class="gmail_msg">
B/9qLzlJN8WtFlSvfHZVKBAfo+uFAKAz53WNqnRvmJvn/zEhPgbsT7hMgfbwnoLV<br class="gmail_msg">
UcM01uvOBsVZRZIsyBP1fpcy+1mtPsD6FnYhGZBhglQm2UTuHK3iyrLCEnYX/Glc<br class="gmail_msg">
i8wVeIUIAcQUac+Jwj4MAuvh64naNKHqQyg9z3pPM1cMEpAmtWFyytUT9eUrVlnn<br class="gmail_msg">
HElvBxPB8b3oMcj22bpY75WtJDY0uHLs2ylFTNTISSKYVad2NBMLZPGnIZ5AONkq<br class="gmail_msg">
3ydSDAoJxnVJx1CIK6kP0beFxm3QyAaGvwlu9pWr19SlWG9btW7soM/Z8flkY+ji<br class="gmail_msg">
DCm6qOptWAgnW8PzsjmO/TRv<br class="gmail_msg">
=P6AH<br class="gmail_msg">
-----END PGP SIGNATURE-----<br class="gmail_msg">
<br class="gmail_msg">
_______________________________________________<br class="gmail_msg">
OWASP-Leaders mailing list<br class="gmail_msg">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="gmail_msg" target="_blank">OWASP-Leaders@lists.owasp.org</a><br class="gmail_msg">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="gmail_msg">
</blockquote></div><br class="gmail_msg"><br clear="all" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div></div></div><span class="m_478192807895692285m_-3139503789372015658gmail-m_8995449731613148128m_-2092880622667839636m_7001777449250784046HOEnZb gmail_msg"><font color="#888888" class="gmail_msg">-- <br class="gmail_msg"><div class="m_478192807895692285m_-3139503789372015658gmail-m_8995449731613148128m_-2092880622667839636m_7001777449250784046m_-7774063190847597521gmail_signature gmail_msg"><div dir="ltr" class="gmail_msg"><div class="gmail_msg">Johanna Curiel </div>OWASP Volunteer</div></div>
</font></span></div>
<br class="gmail_msg">_______________________________________________<br class="gmail_msg">
OWASP-Leaders mailing list<br class="gmail_msg">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="gmail_msg" target="_blank">OWASP-Leaders@lists.owasp.org</a><br class="gmail_msg">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="gmail_msg">
<br class="gmail_msg"></blockquote></div><br class="gmail_msg"></div>
<br class="gmail_msg">_______________________________________________<br class="gmail_msg">
OWASP-Leaders mailing list<br class="gmail_msg">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="gmail_msg" target="_blank">OWASP-Leaders@lists.owasp.org</a><br class="gmail_msg">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="gmail_msg">
<br class="gmail_msg"></blockquote></div></div>
</div></div><br class="gmail_msg">_______________________________________________<br class="gmail_msg">
OWASP-Leaders mailing list<br class="gmail_msg">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="gmail_msg" target="_blank">OWASP-Leaders@lists.owasp.org</a><br class="gmail_msg">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="gmail_msg">
<br class="gmail_msg"></blockquote></div><br class="gmail_msg"></div>
</div></div><br class="gmail_msg">_______________________________________________<br class="gmail_msg">
OWASP-Leaders mailing list<br class="gmail_msg">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="gmail_msg" target="_blank">OWASP-Leaders@lists.owasp.org</a><br class="gmail_msg">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="gmail_msg">
<br class="gmail_msg"></blockquote></div><br class="gmail_msg"></div></div></blockquote></div>
_______________________________________________<br class="gmail_msg">
OWASP-Leaders mailing list<br class="gmail_msg">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="gmail_msg" target="_blank">OWASP-Leaders@lists.owasp.org</a><br class="gmail_msg">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="gmail_msg">
</blockquote></div>