Hi Russel, That is a good news for me. I have added a timeline and posted it over melange.
Public Gist for the same: https://gist.github.com/2203174 -- Rohan On 16:14 +0800 / 6 Apr, Russell Keith-Magee wrote: > > On 06/04/2012, at 3:54 PM, Rohan Jain wrote: > > > Hi Russel, > > > > Thanks for the reply. > > > > On 14:42 +0800 / 6 Apr, Russell Keith-Magee wrote: > >> > >> Hi Rohan, > >> > >> Apologies for the lack of response. Anyone who has put effort into writing > >> up a proposal certainly deserves a response of some kind, so we've dropped > >> the ball here. > >> > >> In our defence, here's a couple of the reasons why your proposal probably > >> hasn't got a wild response: > >> > >> * You've picked a project on your own, rather than one that is on the list > >> of suggested projects. Part of the GSoC process is mentoring, and you need > >> to have a mentor that can spare the time, and has the technical skills to > >> review your work. Most of the projects on the suggested list already have > >> champions inside the community, so if you pick one of them, you're likely > >> to get a response. If you pick your own project, you also have to find > >> someone to get sufficiently enthused about it. > > > > I had picked the project from the list of suggested projects > > (https://code.djangoproject.com/wiki/SummerOfCode2012#SecurityEnhancements). > > In fact, I have tried to take on each of the issues mentioned there, > > point by point. I did talk to Paul over the IRC about this. > > Ah. Now I look a little stupid.... :-) > > That project has evidently been added to the list since I last looked at the > list. Apologies for not keeping up to date. > > >> Regarding your project proposal itself: I can't really address the > >> technical merits, because I don't have any expertise on CORS, or the > >> subtleties of the CSRF changes your proposing. What you've proposed > >> certainly sounds interesting on the surface, but I'd really want to see > >> someone like Paul McMillan comment on the technical specifics. Ideally, > >> Paul would also mentor the project, since he's Django's resident security > >> expert, and he'd need to sign off on anything that was bound for trunk. > > > > I had some discussions with Paul over this earlier, but since a week > > days I haven't been able to find him online. > > It's good that you've discussed this with Paul -- he's certainly the man to > speak to. > > >> So - apologies for not responding sooner. Unfortunately, I suspect that > >> while your project probably has merit, the community isn't in a position > >> to support your ambition at the moment. If Paul wants to swoop in at the > >> last minute and prove me wrong, I'd be a very happy man -- I hate seeing > >> someone enthusiastic get turned away -- but absent of that, it's only fair > >> that we be honest to you about your chances. > > > > No worries. I am at a blame too for my own activity. I myself have > > learnt a lot of interesting stuff from this. I would anyway be glad to > > give something back to django. > > The fact that this project *is* in fact on our suggested projects list means > I probably have to alter my advice. > > If you're still interested in doing this project, it's worth submitting it. > You've clearly put in a bunch of effort already, and it would be a pity for > that to go to waste. As an organization, we have a certain amount of > discretion as to the projects we pick, and if someone is clearly working with > the community to improve API or sort out fine details, we may be able to > overlook small problems with an "official" application. However, the > "official" application still needs to be submitted in order for the GSoC > process to go ahead. What you've got here looks solid enough to demonstrate > you've thought about the problem and have an good idea of how you're going to > solve it. > > That said, ultimate selection of the project will probably have more to do > with Paul's availability and enthusiasm to mentor than the technical aspects > of your proposal. > > All I would suggest is: > > * Add a detailed work breakdown (granularity ~1 week) > > * Push the "merging" activities to the status of "stuff I'll do if the > schedule allows at the end of the project". That removes the emphasis from > the merging activity, making it look less suspect from the GSoC process > point-of-view. > > * Submit the proposal, and hope Paul is watching this thread :-) > > Yours, > Russ Magee %-) > > -- > You received this message because you are subscribed to the Google Groups > "Django developers" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/django-developers?hl=en. > -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
