Github Star Heresy


@author Randy Gingeleski

@since 01/08/2017

@see open source, soapbox


*start soapbox*

Evan and I have a web app scanner called Jawfish that (as of this writing) does not work.

It’s never worked. It looks nice, the GUI is fine, but the middleware’s been screwy forever. For the longest time, the repo didn’t even include the requirements.txt file for pip or list the dependencies in the readme. It was a total bane to run in the first place.

Yet, due to some press by and other outlets, it’s more starred than any of my more useful work on Github.

Takeaways –

  • Github stars mean nothing.
  • How quick and easy it is to get a project running is really important. Strangers will not put in unreasonable amounts of effort to use it, test it, and especially not develop it.

Even OWASP Benchmark only has 52 stars. The implications of that project are huge and can really advance infosec.

*end soapbox*