[Owasp_project_leader_list] OWASP Project Audits

Samantha Groves samantha.groves at owasp.org
Tue Apr 22 18:01:20 UTC 2014


I agree. Lets get started? Who is doing what? I can send our form to the
lists.


On Tue, Apr 22, 2014 at 11:00 AM, psiinon <psiinon at gmail.com> wrote:

> I vote for a relatively aggressive approach to demoting projects.
> No apparent code changes, releases or home page edits in the last 12
> months? Email leader saying demotion is immanent. No response to email in
> one month? Demote.
> 1 email explaining why the project is still alive: keep alive for now..
>
> That should weed out a load of the deadwood!
>
> Obviously promoting projects requires a bit more effort, but ask the
> leaders to justify promotion as they have a vested interest in making it
> so, and that reduces the load on the reviewers.
>
> Cheers,
>
> Simon
>
>
> On Tue, Apr 22, 2014 at 6:50 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
>> Samantha,
>>
>> What was the result of the previous project audit?
>>
>> My understanding is that no project has moved up or down the project
>> hierarchy in the past few years.
>>
>> Just curious what the endgame or goal is here.
>>
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> On Apr 22, 2014, at 10:43 AM, Samantha Groves <samantha.groves at owasp.org>
>> wrote:
>>
>> Thank you guys.
>>
>> +1 I love it, and I would love it more if I had a handful of people
>> pitching in as I think it will go way faster. The last audit took quite a
>> while to do. The next one was scheduled to start in June, but we have
>> started early.
>>
>> For reference, this is what I did the last time:
>> https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdEdCYVJpdmZHaWJYZ055WHROa19qN3c&usp=sharing
>>
>> I put together the form Simon suggested:
>> https://docs.google.com/a/owasp.org/forms/d/14DYS3kY6P2uqJqAMd3F-cMfUPg-DXCK3sQvtggZ1gek/viewform
>>
>> Let me know what you think. We can e-mail this list, and all of the other
>> known active project leaders. They all have 3 weeks to respond, as Johanna
>> suggested. I agree with that. After that, the project is marked inactive.
>> How does that sound?
>>
>>
>>
>>
>> On Tue, Apr 22, 2014 at 7:35 AM, Matt Tesauro <matt.tesauro at owasp.org>wrote:
>>
>>> +1
>>>
>>> I agree that a quick survey of the project leaders may help get enough
>>> responses so that a sorting can occur allowing more detailed audits of the
>>> more active projects.  If a project won't answer a short form, they are
>>> quite unlikely to do a few audit.  Its also possible that I'm ignorant of
>>> all the work you're doing on these audits.
>>>
>>> I do think you're doing awesome (and somewhat thankless) work.  I
>>> remember trying to herd the cats while part of the Global Project
>>> Committee.  It is not an easy task.  Thanks for all your awesome work so
>>> far.
>>>
>>>
>>> --
>>> -- Matt Tesauro
>>> OWASP WTE Project Lead
>>> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
>>> http://AppSecLive.org - Community and Download site
>>> OWASP OpenStack Security Project Lead
>>> https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project
>>>
>>>
>>> On Tue, Apr 22, 2014 at 4:33 AM, psiinon <psiinon at gmail.com> wrote:
>>>
>>>> Samantha,
>>>> cc OWASP Project leaders,
>>>>
>>>> Auditing all of the OWASP Projects (as per
>>>> https://github.com/OWASP/Projects_Task_Force/issues/2) seems to be a
>>>> significant undertaking, and its one I think the project leaders could (and
>>>> possible _should_) help with.
>>>>
>>>> How about setting up a simple form with high level questions like:
>>>>
>>>>    - Project name:
>>>>    - Leaders name:
>>>>    - Ohloh link:
>>>>    - Source control link (if not on Ohloh):
>>>>    - Is your project active? (Yes, No, Clinging on for dear life)
>>>>    - When was the last release?
>>>>    - Link to last release:
>>>>    - When do you think the next release will be?
>>>>
>>>> Or whatever questions you want the answers to, but something that
>>>> someone can fill in very quickly.
>>>>
>>>> Then ask all of the project leaders to fill that out for each of their
>>>> projects.
>>>>
>>>> The audit should go further than this, but at least that would be
>>>> really useful input which project leaders should be able to supply quite
>>>> easily.
>>>>
>>>> And if a leader doesnt fill in this form after being prompted a couple
>>>> of times then maybe we should just move it to inactive status?
>>>>
>>>> Cheers,
>>>>
>>>> Simon
>>>>
>>>> --
>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>
>>>> _______________________________________________
>>>> Owasp_project_leader_list mailing list
>>>> Owasp_project_leader_list at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list
>>>>
>>>>
>>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*
>>
>> *OWASP Projects Manager*
>>
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form <http://www.tfaforms.com/263506>
>>
>>
>>
>>  _______________________________________________
>> Owasp_project_leader_list mailing list
>> Owasp_project_leader_list at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list
>>
>>
>> _______________________________________________
>> Owasp_project_leader_list mailing list
>> Owasp_project_leader_list at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list
>>
>>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>



-- 

*Samantha Groves, MBA*

*OWASP Projects Manager*


The OWASP Foundation

Phoenix, USA

Email: samantha.groves at owasp.org

Skype: samanthahz


OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>

Book a Meeting with Me <http://goo.gl/mZXdZ>

OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>

New Project Application Form <http://www.tfaforms.com/263506>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_project_leader_list/attachments/20140422/36fb328a/attachment.html>


More information about the Owasp_project_leader_list mailing list