Various Corrections and Fixes #3
Conversation
|
@ferdasonmez please review/merge. |
Properly set project level. Remove redundant blank lines. Fix project badges. Move assets into the assets directory. Fixes #2 Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>
|
@hblankenship please merge this one, thanks. PL doesn't react so far. |
|
Hi,
Sorry, I am reading the messages. I didn't see any problem with the web
site, this is why I didn't react.
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
…On Sun, Apr 18, 2021 at 11:05 PM Björn Kimminich ***@***.***> wrote:
@hblankenship <https://github.com/hblankenship> please merge this one,
thanks. PL doesn't react so far.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFHZI552KNZZE63LIXDTJNJRZANCNFSM424LYSNA>
.
|
|
You'd have to look at your deployed site, or the Pull Request via Github to actually see what's being changed/corrected. Or you can check the migration guide for local testing details. |
|
|
||
| #  Case Studies and Experiences | ||
| # [](https://owasp.org/projects/) | ||
| [](https://github.com/OWASP/www-project-security-qualitative-metrics/blob/master/LICENSE) |
There was a problem hiding this comment.
This was for a completely separate user/project
There was a problem hiding this comment.
It is ok if you can provide a link for the flagship.svg file.
There was a problem hiding this comment.
This isn’t a flagship project, in fact it isn’t even an up-to-date project if the content is based on ASVS 3.0
| # [](https://owasp.org/projects/) | ||
| [](https://github.com/OWASP/www-project-security-qualitative-metrics/blob/master/LICENSE) | ||
|
|
||
| [](https://github.com/OWASP/www-project-security-qualitative-metrics/releases) |
There was a problem hiding this comment.
Wrong repo/project. This/your project doesnt have a 1.1.1 release
There was a problem hiding this comment.
I had some difficulty on setting up a version. If you can correct it. You are welcome to do it.
There was a problem hiding this comment.
The correction is in this PR, just merge it
|
|
||
|
|
||
|
|
||
| # F.A.Q. [] |
There was a problem hiding this comment.
It doesn't make sense to have a link in a heading (in this context)
There was a problem hiding this comment.
I have seen some samples like this but it is not important. Oiginally it wasn't in the heading. Actually, this site didn't have any problem visually. IT was already checked. I do not understand why these updates come now.
There was a problem hiding this comment.
Because I went through the list of flagship projects and noticed this one I didn't recognize. I found all these issues to be fixed. So I submitted the changes for you to merge.
|
|
||
|
|
||
| #  Case Studies and Experiences | ||
| # [](https://owasp.org/projects/) |
There was a problem hiding this comment.
Your project isn't a flagship
There was a problem hiding this comment.
Why do you change it now. Initially, when it is prepared it was reviewed and they told me everything was ok. I didn't assign it to be flagship in the first place.
It is very discouraging to make a change at this step. I do not want this change if possible.
There was a problem hiding this comment.
It was listed in the flagship projects when it is accepted and this is not something I made. I do not want to accept to make a change in this step. This should be discussed if necessary and should not be decided as a part of a web site format change update.
There was a problem hiding this comment.
You left defaults and didn't bother reading the on boarding info (as far as I can see)
There was a problem hiding this comment.
OWASP staff already pushed a change for index.md correcting the project level. This is further to that fix.
There was a problem hiding this comment.
"You left defaults and didn't bother reading the on boarding info (as far as I can see)" this is not correct. This is just an assumption. I am not familiar with the MD format, so I had some difficulties, to do some things, like version but I didn't leave anything in the defaults.
|
|
||
|
|
||
| ### Downloads or Social Links | ||
| * [Chat Room](owasp-www-project-security-qualitative-metrics/community) |
There was a problem hiding this comment.
This link was invalid
There was a problem hiding this comment.
How did you change it?
There was a problem hiding this comment.
I replaced it with a valid link
| @@ -1,22 +1,21 @@ | |||
| ### Security Qualitative Metrics Information | |||
| * [Flagship Project(https://img.shields.io/badge/owasp-flagship-blue.svg)](https://owasp.org/projects/) | |||
| * [Type of Project](#) | |||
There was a problem hiding this comment.
This link was invalid
There was a problem hiding this comment.
I couldn't find a proper link for a flagship svg file. IF you provide a lkink I can update it.
|
I understand, I just used that svg file I think. You may update the link.
Thanks..
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
…On Sun, Apr 18, 2021 at 11:35 PM Rick M ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In info.md
<#3 (comment)>
:
> @@ -1,22 +1,21 @@
### Security Qualitative Metrics Information
-* [Flagship Project(https://img.shields.io/badge/owasp-flagship-blue.svg)](https://owasp.org/projects/)
-* [Type of Project](#)
This link was invalid
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFFP2D3Z6NZARXTHTYDTJNNDRANCNFSM424LYSNA>
.
|
|
Excellent. All you have to do is merge the pull request, and all those items will be fixed. |
|
This is in the list of flagship projects for may be a year. I didn't put it
there. It was put by the OWASP directors, and I prepared the page
accordingly. So, this is not my fault, even if you think it is. It is also
introduced as like this to potential users for whole this duration. Just
recently we prepared a video to introduce this project on some platforms. I
do not find it appropriate to change its level like this at this step. I
accepted other changes, please just take back this change, so that I can
merge.
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
…On Mon, Apr 19, 2021 at 12:39 AM Rick M ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In FAQ.md
<#3 (comment)>
:
>
-
-
-
-# F.A.Q. []
Because I went through the list of flagship projects and notice this one I
didn't recognize. I found all these thu us good be fixed. So I submitted
the changes for you to merge.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFAMS6TWWI7QH4UQDC3TJNUS3ANCNFSM424LYSNA>
.
|
|
When I prepared the MD files, I checked other Github sites for other
projects. Most of the Incubator projects even do not have a valid content
or site. They are the ones which actually do not bother to create a proper
site, but leave the defaults (not all of course). Because you checked the
flagships now and didn't recognize a project should not be a reason for a
level change. This is very disappointing. I am telling you, I didn't put
it in the flagship in the first place.
But it was put there cause it had been found mature enough. I didn't do it
myself. Since then I am introducing it like that. Just recently we prepared
a video. I am very disappointed with this update. You put it in a level,
then just change it like this. This is not correct, and it does not look
professional both for you and for me.
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
…On Mon, Apr 19, 2021 at 12:59 AM Rick M ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In CASE-STUDIES-AND-EXPERIENCES.md
<#3 (comment)>
:
>
-
-#  Case Studies and Experiences
-# [](https://owasp.org/projects/)
OWASP staff already pushed a change for index.md correcting the project
level. This is further to that fix.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFEU5R7DA6B4CCQUV7DTJNW5NANCNFSM424LYSNA>
.
|
|
As you can see in this commit a week ago by OWASP staff: f49a7e2 this isn’t a flagship project. I’m sorry that this comes as some sort of surprise. OWASP projects progress through a graduation process incubator > lab > flagship. That you merged content that was wrong originally doesn’t change the fact that it’s been wrong from the start. (No projects start as Flagship.) This Pull Request simply builds on that correction, and issue #2. |
|
Yes, I understand, but not every project start at same level of maturity.
Some start as just an idea (as far as I see in the empty incubator project
web sites.) This is a complete list of metrics. It is already presented in
academic conferences and published in an academic publication. It has also
been used in important projects from private sector and academy.
I will not discuss further cause it is 01:30 AM nearly. You already made
your decision and it is very late.
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
…On Mon, Apr 19, 2021 at 1:13 AM Rick M ***@***.***> wrote:
As you can see in this commit a week ago by OWASP staff: f49a7e2
<f49a7e2>
this isn’t a flagship project.
I’m sorry that this comes as some sort of surprise. OWASP projects
progress through a graduation process incubator > lab > flagship. That you
merged content that was wrong originally doesn’t change the fact that it’s
been wrong from the start. (No projects start as Flagship.)
This Pull Request simply builds on that correction, and issue #1
<#1>
.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFGWJVERKRKNN4FVITTTJNYRRANCNFSM424LYSNA>
.
|
|
I haven't made any decision, I'm just a community member trying to correct issues in public content. If you believe it should be promoted from incubator to lab you can submit a request like any other project. (Then subsequently flagship as well.) Though that doesn't alter the current state of things. Anyway I understand it's late for you. I'll hit up some staff or the project committee and see if they can bring some clarity that I'm might not be communicating. |
](https://owasp.org/projects/){kind=link}
They indeed all start at the same level and have to be promoted through the existing higher levels upon request, it does not matter how polished they are technically or content wise. And as the one opening the issue #2, I thought I made it clear that not you did something wrong but the website template was wrong for quite a while. |
|
Chapter 5 of the (slightly dusty) https://owasp.org/www-pdf-archive/PROJECT_LEADER-HANDBOOK_2014.pdf explains the maturity levels, but it only subtly mentions that all start as Incubator, by saying that you can request promotion only after delivering one release under OWASP successfully. |
|
Thanks, I will do that..
…On Mon, 19 Apr 2021, 06:00 Björn Kimminich, ***@***.***> wrote:
Chapter 5 of the (slightly dusty)
https://owasp.org/www-pdf-archive/PROJECT_LEADER-HANDBOOK_2014.pdf
explains the maturity levels, but it only subtly mentions that all start as
Incubator, by saying that you can request promotion after delivering one
release under OWASP successfully.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFGVEINSUJ6TP2HN46TTJO2F7ANCNFSM424LYSNA>
.
|
|
Since this project was already deployed successfully about a year, I
request an increase of project level please? I understand that I can do it
after first deployment, which was already completed.
PS. I am aware that this should be updated based on the latest version.
Someone who knows the background would understand that it can not be done
over a short period of time. Currently, I am very busy and cannot do that
update very soon, but will do when some free time in the future. This
current version was prepared over a long period of time. However, the
information provided is still useful, if the reader knows that there are
changes between V3 and V4.
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
On Mon, Apr 19, 2021 at 12:50 PM Ferda Özdemir Sönmez <
***@***.***> wrote:
… Thanks, I will do that..
On Mon, 19 Apr 2021, 06:00 Björn Kimminich, ***@***.***>
wrote:
> Chapter 5 of the (slightly dusty)
> https://owasp.org/www-pdf-archive/PROJECT_LEADER-HANDBOOK_2014.pdf
> explains the maturity levels, but it only subtly mentions that all start as
> Incubator, by saying that you can request promotion after delivering one
> release under OWASP successfully.
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <#3 (comment)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AB6QWFGVEINSUJ6TP2HN46TTJO2F7ANCNFSM424LYSNA>
> .
>
|
|
I'm sure this is documented in owasp.org/www-policy or the Project handbook or something. But in order to request a graduation |
JFYI, following those steps will momentarily give you the above message, as the Project Committee is looking into ways to improve and simplify the graduation process for both requesting project and reviewing members. |
|
Thanks for the heads up, I hadn't taken the step to encounter that message 🤷 Edited: For typos... |
|
Thanks for the information Rick. I am very busy these days. Your
guidance will help me very much.
*Kind Regards,*
*Dr. Ferda Özdemir Sönmez*
…On Wed, Apr 28, 2021 at 2:06 AM Rick M ***@***.***> wrote:
I'm sure this is documented in owasp.org/www-policy or the Project
handbook or something. But in order to request a graduation incubator >
lab: You'll need to visit: https://owasp.org/contact/, hit "Contact us",
login to Jira ("sign up" if you don't already have one), and do a
"Non-funding Request Service Desk" request completing a "Project Graduation
Application".
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6QWFCUZ3EFXIQPMU6QZ2LTK5NRPANCNFSM424LYSNA>
.
|
Properly set project level. Remove redundant blank lines. Fix project badges. Move assets into the assets directory. Fix links, etc.
Fixes #2
Signed-off-by: kingthorin kingthorin@users.noreply.github.com