Task Force/OWASP Projects
This task force is focused on OWASP Projects with a first focus on cleaning up the OWASP incubator list
Current To-do list
Tracking of current stuff is done temporary here as we plan to use Jira in the long run.
- Clean up of Incubator Projects and inactivate projects without a release or updates for over a year.
- Inactive/Active Project Audits:https://groups.google.com/a/owasp.org/forum/?hl=en#!forum/projects-task-force (must be OWASP member)
- Project Reviews: See here for more details
- [Task: Project Metrics Collection Project Metrics Collection: Data needed]
- Plan next EU Project Summit 2015 Amsterdam
- AppSecUSA 2014 Projects Summit Rescue
- USA Summit 2014 is happening wiki page here
- LAB Projects Code Analysis Report
- The Proposal Evaluation Methodology for OWASP Projects - Johanna has put together a proposal for evaluating project. The proposal can be found here: Proposal Evaluation.
- Create a coherent wiki page for the Project Dashboard.
To-do list: Future Tasks
- Gather support and funding to have 1 large OWASP Summit.
- Design a more sustainable revenue stream using the Project’s IP.
- Identify & promote cross-project collaboration to move clusters of projects forward, with e.g. work groups that work on a certain domain.
- Start a task force of people with spare cycles that can help projects that need extra man-power of are falling behind in delivery of new releases (especially the flag ship projects).
- create a new mailing list (in google groups) for this task force: https://groups.google.com/a/owasp.org/forum/?hl=en#!forum/projects-task-force
- Submissions for Open Source Showcase at AppSec EU: See here for more details: Completed by Team. - May 02, 2014
- Need to review Java HTML Sanitizer Project: See here for more details: Removed from the Review List - Samantha - May 02, 2014
- Wikify Projects Dashboard: Removed as agreed it is unnecessary - Samantha - May 02, 2014
- Move the Google Groups to OWASP Google App - Jonathan - July 16, 2014
- Inactivated all Incubator Documentation projects with no release in over a year and no updates. - August 2, 2014.
- Need to get all project repos added to https://www.openhub.net/orgs/OWASP: DONE- 88 projects have an open repository
- Created the Project Dashboard. Look for link once the wiki page has been created.
This task force exists on the assumption that it has a mandate from the OWASP leaders to act on behalf of the OWASP community on what is best for OWASP Projects. We are in the process of submitting a Committee Proposal for Project reviews
If somebody (namely an OWASP Leader or Board member) disagree with any of the decisions made, he/she has two options:
- join this Task Force/Committe
- create another equivalent 'OWASP Projects group' and do a better job there
note that Committee 2.0 will change this as this task force might converge to a new Committee or fall under one if needed
- Munir Njiru
- Abbas Naderi
- Claudia Aviles Casanovas - OWASP Project Coordinator (Staff)
OWASP Projects Task Force (Concept)
This is a new type of OWASP initiative, focused on 'getting things done', the concept is still evolving but here are the current (in draft) guiding principles:
- this 'task force is an invitation-only group' (to join the task force, requests should be made directly with existing task force members)
- all existing members have VETO power, and it is assumed that all decisions are backed up with all existing members
- only existing members can send the invitations
- there is a 1 month minimum activity required (or the member is temporarily out).
- invitations are automatically approved in 24h
- existing members can VETO new members (and existing members can be kickout by majority)
- there an one special member who has veto power the responsibility to enforce the 'one month contribution MIA scenario' (i.e. to kick out the 'non contributing members')
- all communication MUST be made (as much as practically possible) under public mediums: Wiki, public mailings, public Hangout sessions
- there are NO decisions made BEHIND closed doors, or without a solid digital (hyperlinkable) trail
Google Group You must be logged in your OWASP Google App account to view and post to the group.