Confirmed users
491
edits
Contribute/Security Assurance: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
|||
| Line 21: | Line 21: | ||
Q: Can you point someone interested in contributing to your project to a list of available contribution opportunities? | Q: Can you point someone interested in contributing to your project to a list of available contribution opportunities? | ||
A: | A: Mozilla Web Bounty Program [http://www.mozilla.org/security/bug-bounty.html link]. There are also plans to publish our security verification guide and steps to get involved in the verification of new web applications. More info coming on this. | ||
Suggestion: Look at what your team's needs are and what gaps you have in staffing to come up with a list of contribution opportunities. Capture those on a wiki page, in bugs, as role descriptions in Jobvite or whatever makes sense for your community. | Suggestion: Look at what your team's needs are and what gaps you have in staffing to come up with a list of contribution opportunities. Capture those on a wiki page, in bugs, as role descriptions in Jobvite or whatever makes sense for your community. | ||
| Line 29: | Line 29: | ||
Q: Are there clearly understood steps someone can follow to go from knowing nothing about your project to successfully contributing? | Q: Are there clearly understood steps someone can follow to go from knowing nothing about your project to successfully contributing? | ||
A: | A: Mozilla Web Bounty Program [http://www.mozilla.org/security/bug-bounty-faq-webapp.html FAQ] | ||
Suggestion: In addition to just documenting these steps, look for a simple 5-minute task that someone can take to get started (for example, signing up for Bugzilla if they are interested in coding) and also figure out where in the process you can add a mentor to help people. | Suggestion: In addition to just documenting these steps, look for a simple 5-minute task that someone can take to get started (for example, signing up for Bugzilla if they are interested in coding) and also figure out where in the process you can add a mentor to help people. | ||
| Line 37: | Line 37: | ||
Q: Can you measure participation or contributors today? If so, what metrics can you track? What goal or metric would you like to achieve for Q1? Alternatively, what metrics would you like to get in place for Q1? | Q: Can you measure participation or contributors today? If so, what metrics can you track? What goal or metric would you like to achieve for Q1? Alternatively, what metrics would you like to get in place for Q1? | ||
A: | A: We are currently able to track bug submitters to the bounty program. | ||
Suggestion: Write down what you think would be helpful to track even if it isn't possible to get that data today. We'll work on implementing dashboards when we know what data we want. | Suggestion: Write down what you think would be helpful to track even if it isn't possible to get that data today. We'll work on implementing dashboards when we know what data we want. | ||