OWASP Global Projects Committee Brad Causey Leo Cavallari Pravir Chandra Jason Li Matt Tesauro...
-
Upload
marcus-davidson -
Category
Documents
-
view
214 -
download
0
Transcript of OWASP Global Projects Committee Brad Causey Leo Cavallari Pravir Chandra Jason Li Matt Tesauro...
OWASP Global ProjectsCommittee
Brad CauseyLeo CavallariPravir ChandraJason LiMatt Tesauro
**Paulo Coimbra****Dinis Cruz**
Presentation Overview
• The original plan post-Portugal• One year later• Assessment Criteria v2• Survey & orphaned projects• Wiki templates and project meta-data• Next Steps• Goals for 2010• Structured discussions• Questions/Comments/Flames
The original plan post-Portugal
• Define and apply quality/health metrics to projectso Incorporate results for categorization
• Create and capture project meta-data• Provide repository for all OWASP projects
o Migrate projects to new repository• Create project "kit" for new projects
o Template for project pages• Revamp the view of OWASP projects
o Rework "Projects" page and tables• Improve transitions from SoC to full projects• Formulate high-level workflows for documentation
projects
One Year Later
• Assessment Criteria v2• Project surveys• Identified orphaned
projects• Finding Leaders for
orphaned projects• Supported new projects• Centralized Data about
projects – Wiki Templates
• Revised SoC plans
Assessment Criteria v2
• Why does OWASP have the ACv2?o Evaluation of future SoC projectso Collect a common set of info on projects
• Why collect all this info on projects?o Currently situation = grab bag of projectso GPC would like to promote projects
External audiencesProject to project integrationRecruit volunteers
Assessment Criteria v2
• My project is a release, my release is a project? Eh?o ACv2 makes a distinction between a project and
the releases the project createso Releases are measured against Alpha, Beta, Stable
Project leads decide when they want a release reviewed - point releases vs trunk
o Projects are measured against levels of healtho Project health is still very early in development
GPC has a lot of work to do here
Reviewers Wanted!!!!
• We have a lot of projects• Project make a lot of releases• We ALWAYS can use reviewersoJust contact the GPCoSpread the word
Easy way to get involvedFirst step for new contributors!
Survey & Orphaned Projects
• Conducted project surveyo First global look across
all projectso Collected loads of usable
meta-data• Will conduct the survey
yearly• Identified projects that
were un-owned (orphans)• Always looking for new
project leaders for orphans
Wiki Templates & Project Meta-data
• Used wiki templates to standardize data cataloging for OWASP projects
• Enables dynamic re-use of data without duplication• Allows us to dynamically generate summary pages for
each projecto Consistent look and feel
• Enables future dashboarding effortso Like the current project information tab
Next Steps
• Need project leader buy-in/feedback on Assessment Criteria v2
• Need reviewers for projects and releases
• NOT an Assessment Criteria v3 (at least not for a year!)
Goals for 2010
1.Apply Assessment Criteria v2 to all projects
•Unified dashboard for OWASP projects
•Launch and manage Season of Code 2010
Discussion: Assessment Criteria v2
• Do you understand it?
• Does it make sense what changed?
• Do you understand how it affects you?
Discussion: Wiki Templates & Project Pages
• Thoughts and feedback?
• Objections to changing project pages?
• How would this impact your project?
Discussion: Season of Code
• No SoC 2009o We realized there were some challenges that
we didn't expecto Push submitted proposals until next cycle
• New season of code plano Changes on focus of proposalso Changes to payment structure
Questions/Comments/Flames
• What do you think about what we've done?o Future plans?
• What more can the GPC do to help you?