Task Force/OWASP Projects

This task force is focused on OWASP Projects with a first focus on cleaning up the OWASP incubator list

Current To-do list
Tracking of current stuff is done temporary here as we plan to use Jira in the long run.


 * Update this page so it has all the latest content
 * Clean up of Incubator Projects and inactivate projects without a release or updates for over a year.
 * Inactive/Active Project Audits: See here for more details
 * Project Reviews: See here for more details
 * Need to get all project repos added to Ohloh: http://www.ohloh.net/orgs/OWASP
 * [Task: Project Metrics Collection Project Metrics Collection: Data needed]
 * Help Jonathan promote media project for different media needs around OWASP
 * Find a Summit Session partner for Eoin for Dev Guide Session
 * EU Project Summit 2015 Amsterdam
 * AppSecUSA 2014 Projects Summit Rescue
 * Call for sponsorship for the Project Summit - Jonathan has been sending out notes to chapter leaders ask for their help in making the Project Summit possible at AppSec USA.
 * LAB Projects Code Analysis Report
 * The Proposal Evaluation Methodology for OWASP Projects - Johanna has put together a proposal for evaluating project. The proposal can be found here: Proposal Evaluation.
 * Create a Projects Dashboard which will be open for the community to review the status of projects.

To-do list: Future Tasks

 * Gather support and funding to have 1 large OWASP Summit.
 * Design a more sustainable revenue stream using the Project’s IP.
 * Identify & promote cross-project collaboration to move clusters of projects forward, with e.g. work groups that work on a certain domain.
 * Start a task force of people with spare cycles that can help projects that need extra man-power of are falling behind in delivery of new releases (especially the flag ship projects).

Completed Tasks

 * create a mailing list (in google groups) for this task force: Completed by Samantha - April 15th 2014
 * Submissions for Open Source Showcase at AppSec EU: See here for more details: Completed by Team. - May 02, 2014
 * Need to review Java HTML Sanitizer Project: See here for more details: Removed from the Review List - Samantha - May 02, 2014
 * Wikify Projects Dashboard: Removed as agreed it is unnecessary - Samantha - May 02, 2014
 * Move the Google Groups to OWASP Google App - Jonathan - July 16, 2014
 * Inactivated all Incubator Documentation projects with no release in over a year and no updates. - August 2, 2014.

Failed Tasks

 * 2014 Cambridge Summit Sponsorship Needs

Execution Power
This task force exists on the assumption that it has a mandate from the OWASP leaders to act on behalf of the OWASP community on what is best for OWASP Projects.

If somebody (namely an OWASP Leader or Board member) disagree with any of the decisions made, he/she has two options:


 * join this Task Force
 * create another equivalent 'OWASP Projects group' and do a better job there

note that Committee 2.0 will change this as this task force might converge to a new Committee or fall under one if needed

Current Members

 * Johanna Curiel
 * Chuck (invitation pending)
 * Dinis Cruz
 * Jonathan Marcil
 * Jason Johnson
 * Gary D. Robinson
 * Kait Disney-Leugers & Sarah Baso as OWASP Staff

OWASP Projects Task Force (Concept)
This is a new type of OWASP initiative, focused on 'getting things done', the concept is still evolving but here are the current (in draft) guiding principles:


 * 1)  this 'task force is an invitation-only group' (to join the task force, requests should be made directly with existing task force members)
 * 2) all existing members have VETO power, and it is assumed that all decisions are backed up with all existing members
 * 3) only existing members can send the invitations
 * 4) there is a 1 month minimum activity required (or the member is temporarily out).
 * 5) invitations are automatically approved in 24h
 * 6) existing members can VETO new members (and existing members can be kickout by majority)
 * 7) there an one special member who has veto power the responsibility to enforce the 'one month contribution MIA scenario' (i.e. to kick out the 'non contributing members')
 * 8) all communication MUST be made (as much as practically possible) under public mediums: Wiki, public mailings, public Hangout sessions
 * 9) there are NO decisions made BEHIND closed doors, or without a solid digital (hyperlinkable) trail

Discussions
Google Group You must be logged in your OWASP Google App account to view and post to the group.