This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Task Force/OWASP Projects"
(→Current To-do list) |
Paul Ritchie (talk | contribs) (→Current Members) |
||
Line 53: | Line 53: | ||
* Jason Johnson | * Jason Johnson | ||
* Gary D. Robinson | * Gary D. Robinson | ||
− | * | + | * Noreen Whysel - OWASP Community Manager (Staff) |
==OWASP Projects Task Force (Concept)== | ==OWASP Projects Task Force (Concept)== |
Revision as of 18:30, 27 January 2015
This task force is focused on OWASP Projects with a first focus on cleaning up the OWASP incubator list
Current To-do list
Tracking of current stuff is done temporary here as we plan to use Jira in the long run.
- Clean up of Incubator Projects and inactivate projects without a release or updates for over a year.
- Inactive/Active Project Audits:https://groups.google.com/a/owasp.org/forum/?hl=en#!forum/projects-task-force (must be OWASP member)
- Project Reviews: See here for more details
- [Task: Project Metrics Collection Project Metrics Collection: Data needed]
- Plan next EU Project Summit 2015 Amsterdam
- AppSecUSA 2014 Projects Summit Rescue
- USA Summit 2014 is happening wiki page here
- LAB Projects Code Analysis Report
- The Proposal Evaluation Methodology for OWASP Projects - Johanna has put together a proposal for evaluating project. The proposal can be found here: Proposal Evaluation.
- Create a coherent wiki page for the Project Dashboard.
To-do list: Future Tasks
- Gather support and funding to have 1 large OWASP Summit.
- Design a more sustainable revenue stream using the Project’s IP.
- Identify & promote cross-project collaboration to move clusters of projects forward, with e.g. work groups that work on a certain domain.
- Start a task force of people with spare cycles that can help projects that need extra man-power of are falling behind in delivery of new releases (especially the flag ship projects).
Completed Tasks
- create a new mailing list (in google groups) for this task force: https://groups.google.com/a/owasp.org/forum/?hl=en#!forum/projects-task-force
- Submissions for Open Source Showcase at AppSec EU: See here for more details: Completed by Team. - May 02, 2014
- Need to review Java HTML Sanitizer Project: See here for more details: Removed from the Review List - Samantha - May 02, 2014
- Wikify Projects Dashboard: Removed as agreed it is unnecessary - Samantha - May 02, 2014
- Move the Google Groups to OWASP Google App - Jonathan - July 16, 2014
- Inactivated all Incubator Documentation projects with no release in over a year and no updates. - August 2, 2014.
- Need to get all project repos added to https://www.openhub.net/orgs/OWASP: DONE- 88 projects have an open repository
- Created the Project Dashboard. Look for link once the wiki page has been created.
Failed Tasks
Execution Power
This task force exists on the assumption that it has a mandate from the OWASP leaders to act on behalf of the OWASP community on what is best for OWASP Projects. We are in the process of submitting a Committee Proposal for Project reviews
If somebody (namely an OWASP Leader or Board member) disagree with any of the decisions made, he/she has two options:
- join this Task Force/Committe
- create another equivalent 'OWASP Projects group' and do a better job there
note that Committee 2.0 will change this as this task force might converge to a new Committee or fall under one if needed
Current Members
- Johanna Curiel
- Jonathan Marcil
- Jason Johnson
- Gary D. Robinson
- Noreen Whysel - OWASP Community Manager (Staff)
OWASP Projects Task Force (Concept)
This is a new type of OWASP initiative, focused on 'getting things done', the concept is still evolving but here are the current (in draft) guiding principles:
- this 'task force is an invitation-only group' (to join the task force, requests should be made directly with existing task force members)
- all existing members have VETO power, and it is assumed that all decisions are backed up with all existing members
- only existing members can send the invitations
- there is a 1 month minimum activity required (or the member is temporarily out).
- invitations are automatically approved in 24h
- existing members can VETO new members (and existing members can be kickout by majority)
- there an one special member who has veto power the responsibility to enforce the 'one month contribution MIA scenario' (i.e. to kick out the 'non contributing members')
- all communication MUST be made (as much as practically possible) under public mediums: Wiki, public mailings, public Hangout sessions
- there are NO decisions made BEHIND closed doors, or without a solid digital (hyperlinkable) trail
Discussions
Google Group You must be logged in your OWASP Google App account to view and post to the group.