OWASP Project Health Dashboard

[arkid15r]

OWASP Project Health Dashboard Development Plan

The Project Health Dashboard will provide internal visibility into the health and status of OWASP projects, including both new and older projects, with a focus on monitoring key health metrics and automated evaluations. This tool will help identify projects that require attention, such as those with low activity, leadership issues, or non-compliance, and will not be publicly available.

1. Define Health Metrics and Indicators

• Goal: Define key metrics and indicators to assess the health of a project.
• Tasks:
  • Identify key health metrics (e.g., number of contributors, open vs. closed issues, release frequency, etc.).
  • Develop project health indicators, such as:
    • Releases: Number of releases, stability, frequency.
    • Integration with OWASP.org: Regular updates to OWASP site with project content.
    • Project age: Age of the project, with considerations for mature projects.
    • Last release: Last commit, commit hash, and the stars received.
    • Activity metrics: Number of stars, forks, issues, pull requests, issues needing help.
    • Compliance checks: Ensuring projects adhere to OWASP funding policies.
  • Metrics for Project Vitality: Track growth over time in terms of contributors, issues, PRs, and activity.

2. Identify and Flag Projects with Health Issues

• Goal: Automatically identify projects with potential health issues.
• Tasks:
  • Flag old projects with no recent releases or updates.
  • Identify new projects that failed to launch based on lack of activity (e.g., no commits or releases in a set period).
  • Highlight projects with fewer than two leaders or contributors.
  • Track projects with non-compliant funding policies.
  • Perform automated checks to evaluate if a project’s health metrics fall below set thresholds.

3. Create Project Health Evaluation Criteria

• Goal: Develop a system to evaluate the health of projects based on their activity and compliance.
• Tasks:
  • Establish health thresholds for various metrics:
    • Number of releases within a defined timeframe.
    • Integration level with OWASP.org (ensure the project has up-to-date content and documentation).
    • Frequency and stability of releases (e.g., multiple releases in the last year).
    • Number of open issues versus closed issues, and the turnaround time for pull requests.
    • Contributor growth and activity trends.
  • Track project age to differentiate between young and mature projects.
  • Flag projects with issues needing help or long unaddressed open issues.

4. Dashboard Layout & Design

• Goal: Design a user-friendly dashboard to visualize project health data.
• Tasks:
  • Design the overall layout, ensuring that health metrics are easy to read and understand.
  • Include sections for:
    • General health overview for each project (status, issues, PRs, releases).
    • Vitality scores: Graphical representations of health (e.g., pie charts, line charts for activity trends).
    • Compliance checks (funding policy, leadership).
    • Last updates and releases for each project.
  • Make sure the dashboard allows internal users to filter by:
    • Projects with critical health issues.
    • Projects based on their release frequency or issue metrics.
  • Provide clear indicators and visual alerts for projects that need attention.

5. CSV Export Functionality

• Goal: Enable export of project health data for offline analysis or reporting.
• Tasks:
  • Implement functionality to export health data in CSV format for each project or multiple projects.
  • Ensure that CSV export includes essential information such as:
    • Project metadata (name, description, leadership).
    • Health metrics (release frequency, issues, PRs, contributors, etc.).
    • Compliance status (e.g., funding policy).
  • Ensure CSV is structured clearly, with headers matching the dashboard columns.

6. Implement Automated Health Monitoring Scenarios

• Goal: Set up automated monitoring and evaluation of project health.
• Tasks:
  • Implement automated scripts that run on a periodic basis (e.g., weekly) to check project health.
  • Automate the process of:
    • Evaluating release frequency and stability.
    • Checking integration with OWASP.org.
    • Tracking contributions and pull request turnaround time.
    • Evaluating compliance with OWASP funding policies.
  • Automatically flag projects based on defined health thresholds.
  • Send notifications to project maintainers or relevant stakeholders when a project’s health score drops below a threshold.

7. Health Report Generation

• Goal: Generate regular health reports to be shared with internal stakeholders.
• Tasks:
  • Automatically generate health reports for each project, summarizing its status over time.
  • Create monthly or quarterly reports showcasing the overall health of OWASP projects, highlighting those in need of attention.
  • Allow internal users to subscribe to receive health reports for projects they follow or manage.

8. Continuous Improvement & User Feedback

• Goal: Continuously improve the Project Health Dashboard based on internal feedback.
• Tasks:
  • Collect feedback from internal users on the dashboard’s effectiveness and clarity.
  • Regularly review and update the health evaluation metrics based on changes to OWASP’s needs.
  • Add new health indicators as needed (e.g., community engagement, issue resolution time, etc.).
  • Implement a feedback system where internal users can suggest new features or improvements.

9. Final Testing & Deployment

• Goal: Ensure that the Project Health Dashboard works reliably across various scenarios and environments.
• Tasks:
  • Conduct functional testing for automated checks, ensuring metrics are calculated accurately.
  • Test the CSV export functionality to ensure data integrity.
  • Validate the visualizations and dashboard layout for clarity and usability.
  • Deploy the dashboard for internal use on OWASP Nest and promote it among internal stakeholders.

[yashgoyal0110]

Hey @arkid15r

I am highly interested in contributing to the OWASP Project Health Dashboard as I have prior experience working on similar dashboards that track project metrics, automate evaluations, and provide actionable insights. My background in full-stack development, data visualization, and automation aligns well with this initiative. I have worked with technologies like React.js, Node.js, and MySQL to build real-time dashboards, integrating various data sources to monitor activity trends and compliance metrics. I am particularly excited about the opportunity to enhance project visibility, automate health assessments, and improve the internal monitoring of OWASP projects. I look forward to collaborating and leveraging my skills to contribute meaningfully to this initiative.

[RitikJha93]

Hi @arkid15r

Project Health Dashboard is something which is great initiative to keep a track of projects health. It's a great problem which I would like to work upon and contribute in building this

Why I want to work on Project Health Dashboard ?
I have experience in working with

• React
• Typescript
• Tailwind CSS
• Django
• CI/CD
• GraphQL

As I have previously worked on this technologies which aligns with the features which we are aiming to implement. This will help me in contributing and build something which will be useful to the community

Features which I'm keen to work on

1. Project Health Evaluation Criteria - Evaluation of the project health based on the project age, marking old project as flagged
2. Automated Health monitoring Scenarios - This is quite interesting as writing scripts to automate the entire process of tracking project periodically, sending notifications to maintainers, tracking pull requests and contribution
3. Health Report Generation - I have previously worked on generating charts and pdfs based on the data. It would be interesting to generate and display reports for ease of tracking projects
4. Deployment - We can use docker to make the codebase independent of environments so that it runs seamlessly on any machine and k8s cluster for deployment

Working on this project will provide a significant growth in my learning and open source journey
Looking forward to contribute towards the success of the community