[Owasp_project_leader_list] OWASP Project Audits

Samantha Groves samantha.groves at owasp.org
Tue Apr 22 17:43:26 UTC 2014


Thank you guys.

+1 I love it, and I would love it more if I had a handful of people
pitching in as I think it will go way faster. The last audit took quite a
while to do. The next one was scheduled to start in June, but we have
started early.

For reference, this is what I did the last time:
https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdEdCYVJpdmZHaWJYZ055WHROa19qN3c&usp=sharing

I put together the form Simon suggested:
https://docs.google.com/a/owasp.org/forms/d/14DYS3kY6P2uqJqAMd3F-cMfUPg-DXCK3sQvtggZ1gek/viewform

Let me know what you think. We can e-mail this list, and all of the other
known active project leaders. They all have 3 weeks to respond, as Johanna
suggested. I agree with that. After that, the project is marked inactive.
How does that sound?




On Tue, Apr 22, 2014 at 7:35 AM, Matt Tesauro <matt.tesauro at owasp.org>wrote:

> +1
>
> I agree that a quick survey of the project leaders may help get enough
> responses so that a sorting can occur allowing more detailed audits of the
> more active projects.  If a project won't answer a short form, they are
> quite unlikely to do a few audit.  Its also possible that I'm ignorant of
> all the work you're doing on these audits.
>
> I do think you're doing awesome (and somewhat thankless) work.  I remember
> trying to herd the cats while part of the Global Project Committee.  It is
> not an easy task.  Thanks for all your awesome work so far.
>
>
> --
> -- Matt Tesauro
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site
> OWASP OpenStack Security Project Lead
> https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project
>
>
> On Tue, Apr 22, 2014 at 4:33 AM, psiinon <psiinon at gmail.com> wrote:
>
>> Samantha,
>> cc OWASP Project leaders,
>>
>> Auditing all of the OWASP Projects (as per
>> https://github.com/OWASP/Projects_Task_Force/issues/2) seems to be a
>> significant undertaking, and its one I think the project leaders could (and
>> possible _should_) help with.
>>
>> How about setting up a simple form with high level questions like:
>>
>>    - Project name:
>>    - Leaders name:
>>    - Ohloh link:
>>    - Source control link (if not on Ohloh):
>>    - Is your project active? (Yes, No, Clinging on for dear life)
>>    - When was the last release?
>>    - Link to last release:
>>    - When do you think the next release will be?
>>
>> Or whatever questions you want the answers to, but something that someone
>> can fill in very quickly.
>>
>> Then ask all of the project leaders to fill that out for each of their
>> projects.
>>
>> The audit should go further than this, but at least that would be really
>> useful input which project leaders should be able to supply quite easily.
>>
>> And if a leader doesnt fill in this form after being prompted a couple of
>> times then maybe we should just move it to inactive status?
>>
>> Cheers,
>>
>> Simon
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>> _______________________________________________
>> Owasp_project_leader_list mailing list
>> Owasp_project_leader_list at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list
>>
>>
>


-- 

*Samantha Groves, MBA*

*OWASP Projects Manager*


The OWASP Foundation

Phoenix, USA

Email: samantha.groves at owasp.org

Skype: samanthahz


OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>

Book a Meeting with Me <http://goo.gl/mZXdZ>

OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>

New Project Application Form <http://www.tfaforms.com/263506>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_project_leader_list/attachments/20140422/acf1aafe/attachment.html>


More information about the Owasp_project_leader_list mailing list