<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: OWASP BLT</title>
    <description>The latest articles on DEV Community by OWASP BLT (owaspblt).</description>
    <link>https://dev.to/owaspblt</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Forganization%2Fprofile_image%2F12465%2Fd2237075-139f-4711-81f7-136fab749d1b.png</url>
      <title>DEV Community: OWASP BLT</title>
      <link>https://dev.to/owaspblt</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/owaspblt"/>
    <language>en</language>
    <item>
      <title>Connecting AI and Security with BLT-MCP</title>
      <dc:creator>Nachiket Roy</dc:creator>
      <pubDate>Mon, 06 Jul 2026 21:25:45 +0000</pubDate>
      <link>https://dev.to/owaspblt/connecting-ai-and-security-with-blt-mcp-2cgb</link>
      <guid>https://dev.to/owaspblt/connecting-ai-and-security-with-blt-mcp-2cgb</guid>
      <description>&lt;p&gt;This summer i was given the opportunity to work on my BLT-MCP project with OWASP-BLT. Over the last few months, I've been working on transforming how users interact with BLT. Now it marks the midpoint of the project, and there's been some interesting development i would like to share.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What is MCP?&lt;/strong&gt;&lt;br&gt;
MCP (Model Context Protocol) is an emerging open standard that helps AI models securely interact with local tools and remote data sources. By building an MCP server for OWASP BLT, we're essentially teaching AI assistants (like Claude, Cursor) how to natively speak with BLT directly. Your AI can read issue context, browse repositories, and submit vulnerabilities, without ever leaving your IDE.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The Two Pillars So Far&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;p&gt;The MCP Server&lt;br&gt;
Written in Python, the server acts as the translation layer between LLMs and the BLT API. It exposes two main capabilities to the AI:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Resources (blt:// URIs) - the AI can fetch live data exactly when it needs context. For example, reading blt://issues/123 to get the details of a specific vulnerability.&lt;/li&gt;
&lt;li&gt;Tools - actionable endpoints that let the AI do things, like submit_issue and add_comment.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;&lt;p&gt;The BLT-CLI (Rust Terminal UI)&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;While IDE integration is great, sometimes you just want a fast terminal experience. I built BLT-CLI in Rust using ratatui a Terminal UI (TUI) that connects directly to the MCP server and the BLT API. Triage logic is being built alongside it, so you can browse, review, and act on issues right from the terminal.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F7fail4gc4myc0882dv50.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F7fail4gc4myc0882dv50.png" alt="BLT easter" width="800" height="488"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What's Next&lt;/strong&gt;&lt;br&gt;
The core logic and terminal are built. For the remaining sprint, I'll be focused on testing everything end-to-end, polishing the rough edges, and starting work on a vision pipeline that can turn a dropped screenshot into a drafted vulnerability report, which is still early and in progress.&lt;br&gt;
Thanks for following along!&lt;/p&gt;

</description>
      <category>mcp</category>
      <category>owasp</category>
      <category>cli</category>
    </item>
    <item>
      <title>Building BLT HackerHouse: An Open Source Journey!</title>
      <dc:creator>rp_dex</dc:creator>
      <pubDate>Sun, 05 Jul 2026 16:35:08 +0000</pubDate>
      <link>https://dev.to/owaspblt/building-blt-hackerhouse-an-open-source-journey-4cdj</link>
      <guid>https://dev.to/owaspblt/building-blt-hackerhouse-an-open-source-journey-4cdj</guid>
      <description>&lt;p&gt;Over the past few weeks, I've had the opportunity to intern with OWASP BLT, where I've been working on BLT HackerHouse a real time platform that visualizes contributor activity in an interactive virtual house.&lt;/p&gt;

&lt;p&gt;The idea behind HackerHouse is simple: as contributors open merge requests, report bugs, or interact with the project, their avatars move through different rooms, giving maintainers a live overview of what's happening across the community. Behind that visualization is a backend responsible for processing events, managing contributor state, and delivering updates in real time.&lt;/p&gt;

&lt;p&gt;When I joined, I expected my biggest challenge to be designing the backend architecture. Instead, the project took an unexpected turn.&lt;/p&gt;

&lt;p&gt;During development, the OWASP BLT GitHub organization became inaccessible, requiring the team to migrate active development to GitLab. It wasn't just a matter of moving repositories documentation, development workflows, CI/CD pipelines, and contributor onboarding all had to be updated while development continued.&lt;/p&gt;

&lt;p&gt;It was the first time I'd experienced how quickly the direction of an open source project can change and how important adaptability is. Watching the community reorganize and keep shipping despite the disruption was a valuable lesson in resilience.&lt;/p&gt;

&lt;p&gt;Alongside the migration, I focused on building the backend foundation for HackerHouse. This included designing an event processing pipeline, implementing webhook handling, creating a unified event model, building real-time communication with WebSockets, and writing automated tests to ensure the system remained reliable as it evolved.&lt;/p&gt;

&lt;p&gt;One of my biggest takeaways from this internship has been that building software isn't just about implementing features. It's about designing systems that can evolve, collaborating with an open source community, and adapting when unexpected challenges arise.&lt;/p&gt;

&lt;p&gt;I'm excited to continue developing HackerHouse over the coming weeks and contribute further to the OWASP BLT ecosystem. This experience has already taught me far more than I expected not just about backend engineering, but about how resilient and collaborative open source communities can be.&lt;/p&gt;

</description>
      <category>backend</category>
      <category>opensource</category>
      <category>showdev</category>
      <category>webdev</category>
    </item>
    <item>
      <title>GSoC'26 Midterm Blog: Building BLT University Into an Interactive Security Learning Platform</title>
      <dc:creator>saksh</dc:creator>
      <pubDate>Sun, 05 Jul 2026 15:51:10 +0000</pubDate>
      <link>https://dev.to/owaspblt/gsoc26-midterm-blog-building-blt-university-into-an-interactive-security-learning-platform-30ho</link>
      <guid>https://dev.to/owaspblt/gsoc26-midterm-blog-building-blt-university-into-an-interactive-security-learning-platform-30ho</guid>
      <description>&lt;h3&gt;
  
  
  Overview
&lt;/h3&gt;

&lt;p&gt;This summer, I got the chance to contribute to OWASP BLT, a project under the OWASP umbrella organization, through Google Summer of Code 2026. My project is focused on BLT University, a security learning platform that helps learners and contributors understand web vulnerabilities through hands-on labs.&lt;/p&gt;

&lt;p&gt;The main idea behind this project is simple: instead of only reading about vulnerabilities, learners should be able to identify vulnerable code, explain why it is unsafe, and then fix it. This makes security learning more practical and closer to real open-source contribution work.&lt;/p&gt;

&lt;p&gt;BLT University is part of the OWASP BLT ecosystem and aims to make cybersecurity education more accessible through open learning material and practical labs.&lt;/p&gt;

&lt;p&gt;During the first half of GSoC, most of my work went into building the foundation for this experience: structuring labs, creating an interactive lab engine, adding validation, improving contributor workflows, and setting up tests so the platform can grow safely.&lt;/p&gt;

&lt;h3&gt;
  
  
  What is my GSoC all about?
&lt;/h3&gt;

&lt;p&gt;My GSoC project is about transforming BLT University from a mostly static educational site into an interactive cybersecurity learning platform.&lt;/p&gt;

&lt;p&gt;The core learning flow I am building is:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Identify the vulnerable part of a code snippet.&lt;/li&gt;
&lt;li&gt;Explain why the code is vulnerable.&lt;/li&gt;
&lt;li&gt;Fix the issue using safer code.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;This flow is being built on top of a static Jekyll site, so a big part of the work has been designing a system that works without a traditional backend while still supporting structured content, validation, progress tracking, and future dashboard features.&lt;/p&gt;

&lt;p&gt;The main tech stack for this phase included Jekyll, Markdown, YAML frontmatter, JavaScript, JSON Schema, Python validation scripts, Jest, jsdom, GitLab CI, and browser &lt;code&gt;localStorage&lt;/code&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  Key deliverables
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Lab content and platform structure&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Created 10 labs across major web security topics.&lt;/li&gt;
&lt;li&gt;Moved lab content into &lt;code&gt;_labs/&lt;/code&gt; using Markdown and YAML frontmatter.&lt;/li&gt;
&lt;li&gt;Added lab listing and lab detail pages.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fz76wkxlr9fnvq9w4gl18.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fz76wkxlr9fnvq9w4gl18.png" alt="Lab preview" width="800" height="473"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Interactive learning experience&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Built an interactive lab engine with Identify, Explain, and Fix stages.&lt;/li&gt;
&lt;li&gt;Added line-selection based vulnerability identification.&lt;/li&gt;
&lt;li&gt;Added explanation and fix validation.&lt;/li&gt;
&lt;li&gt;Added browser-side progress storage using &lt;code&gt;localStorage&lt;/code&gt;.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/5jCfPt3sg4E"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Contributor workflow&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Added schema validation for labs.&lt;/li&gt;
&lt;li&gt;Added a lab validation script for contributors.&lt;/li&gt;
&lt;li&gt;Added contributor documentation and a reusable lab template.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Gitlab CIs &amp;amp; Tests&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Added GitLab CI checks for validation, build, and tests.&lt;/li&gt;
&lt;li&gt;Added a Jest test baseline for lab behavior, validators, progress storage, and state transitions.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Progress vs proposal
&lt;/h3&gt;

&lt;p&gt;At midterm, the strongest progress is in the foundation layer. BLT University now has a structured lab platform and the core interactive learning flow is mostly in place.&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Proposal area&lt;/th&gt;
&lt;th&gt;Current progress&lt;/th&gt;
&lt;th&gt;Status&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Structured labs&lt;/td&gt;
&lt;td&gt;Labs live in &lt;code&gt;_labs/&lt;/code&gt; and render through Jekyll.&lt;/td&gt;
&lt;td&gt;Mostly complete&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Interactive flow&lt;/td&gt;
&lt;td&gt;Identify, Explain, Fix, feedback, hints, and progress storage are working.&lt;/td&gt;
&lt;td&gt;Mostly complete&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Contributor workflow&lt;/td&gt;
&lt;td&gt;Schema validation, docs, and a reusable lab template are in place.&lt;/td&gt;
&lt;td&gt;Mostly complete&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Quality checks&lt;/td&gt;
&lt;td&gt;GitLab CI and Jest test coverage have been added.&lt;/td&gt;
&lt;td&gt;In progress&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Intelligence dashboard&lt;/td&gt;
&lt;td&gt;Planned for the second half.&lt;/td&gt;
&lt;td&gt;Upcoming&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Personalisation&lt;/td&gt;
&lt;td&gt;Recommendations, analytics, badges, and streaks are planned next.&lt;/td&gt;
&lt;td&gt;In second half&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  Architecture
&lt;/h3&gt;

&lt;p&gt;The main challenge was connecting the different parts of BLT University into a reusable system.&lt;/p&gt;

&lt;p&gt;Lab content begins in &lt;code&gt;_labs/&lt;/code&gt;, where each lab is defined using Markdown and YAML frontmatter. During the Jekyll build process, these files are transformed into static pages. A shared JavaScript engine then powers the interactive Identify, Explain, and Fix workflow by loading the lab configuration, rendering the simulation, validating learner submissions, and tracking progress in the browser using &lt;code&gt;localStorage&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;flowchart LR
    author["Contributor writes lab&amp;lt;br/&amp;gt;Markdown + YAML frontmatter"] --&amp;gt; labs["_labs/ collection"]
    labs --&amp;gt; schema["Schema validation&amp;lt;br/&amp;gt;and lab checks"]
    schema --&amp;gt; ci["GitLab CI&amp;lt;br/&amp;gt;validate, build, test"]
    labs --&amp;gt; jekyll["Jekyll build"]
    jekyll --&amp;gt; page["Static lab page"]
    page --&amp;gt; data["Embedded lab data"]
    data --&amp;gt; engine["JavaScript lab engine"]
    engine --&amp;gt; identify["Identify vulnerable code"]
    identify --&amp;gt; explain["Explain the issue"]
    explain --&amp;gt; fix["Fix with safer code"]
    fix --&amp;gt; progress["Browser progress&amp;lt;br/&amp;gt;localStorage"]
    engine --&amp;gt; feedback["Hints and validation feedback"]
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Merge requests
&lt;/h3&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;a href="https://gitlab.com/owasp-blt/blt-university/-/merge_requests/1" rel="noopener noreferrer"&gt;MR !1&lt;/a&gt; introduced the first interactive simulation work and helped move the project from static reading material toward hands-on labs.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://gitlab.com/owasp-blt/blt-university/-/merge_requests/2" rel="noopener noreferrer"&gt;MR !2&lt;/a&gt; improved the lab page structure and site integration so labs could be rendered more consistently.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://gitlab.com/owasp-blt/blt-university/-/merge_requests/3" rel="noopener noreferrer"&gt;MR !3&lt;/a&gt; added schema validation, the lab validation script, and contributor-facing lab documentation.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://gitlab.com/owasp-blt/blt-university/-/merge_requests/4" rel="noopener noreferrer"&gt;MR !4&lt;/a&gt; expanded the lab with additional web security labs such as command injection, file upload vulnerabilities, open redirect, sensitive data exposure, and SSRF.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://gitlab.com/owasp-blt/blt-university/-/merge_requests/5" rel="noopener noreferrer"&gt;MR !5&lt;/a&gt; added automated test coverage for validators, simulation state transitions, progress storage, and lab engine behavior.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://gitlab.com/owasp-blt/blt-university/-/merge_requests/6" rel="noopener noreferrer"&gt;MR !6&lt;/a&gt; refined the lab simulation experience and addressed review feedback around reusable simulation behavior.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Links:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Repository: &lt;a href="https://gitlab.com/owasp-blt/blt-university" rel="noopener noreferrer"&gt;BLT University on GitLab&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;Live demo: &lt;a href="https://blt-university-250f70.gitlab.io/" rel="noopener noreferrer"&gt;BLT University&lt;/a&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Challenges &amp;amp; What I Learned
&lt;/h3&gt;

&lt;p&gt;One of the main challenges was building interactive experiences on a static Jekyll site without relying on a backend. The lab pages are static, but the learner experience still needs dynamic behaviour: selecting lines, validating answers, showing feedback, and tracking progress. This pushed me to think carefully about what should live in Markdown, what should be handled by Jekyll, and what should be handled by JavaScript.&lt;/p&gt;

&lt;p&gt;Another challenge was designing reusable validators. Security fixes can be written in many valid ways, so the validators cannot simply check for one exact answer. They need to focus on secure coding patterns, such as parameterised queries or restricted redirects, while still giving useful feedback to learners.&lt;/p&gt;

&lt;p&gt;I also learned how important state management is in an interactive learning flow. A step being unlocked is different from a step being completed, and learners should be able to restart earlier stages without the UI showing later stages as complete. Fixing these details made the lab engine feel more reliable and less confusing.&lt;/p&gt;

&lt;h3&gt;
  
  
  Next phase after midterm
&lt;/h3&gt;

&lt;p&gt;After midterm, the focus will move from the foundation layer to the intelligence and personalisation layer.&lt;/p&gt;

&lt;p&gt;It will include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Building the vulnerability intelligence dashboard to show vulnerability trends, OWASP category patterns, and related BLT University labs.&lt;/li&gt;
&lt;li&gt;Creating data files for vulnerability trends and OWASP category weights.&lt;/li&gt;
&lt;li&gt;Mapping vulnerability patterns to relevant labs.&lt;/li&gt;
&lt;li&gt;Building a recommendation system based on learner progress and vulnerability frequency.&lt;/li&gt;
&lt;li&gt;Improving the lab dashboard experience.&lt;/li&gt;
&lt;li&gt;Adding learner analytics across categories.&lt;/li&gt;
&lt;li&gt;Improving accessibility and keyboard navigation.&lt;/li&gt;
&lt;li&gt;Adding badges, streaks, and static hint fallbacks.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The long-term goal is for BLT University to become a platform where contributors can learn security through practice and understand which vulnerabilities matter most based on real patterns from open-source development.&lt;/p&gt;

&lt;p&gt;The first half of GSoC was about building the foundation: labs, validation, reusable interactions, contributor workflows, and tests. In the second half, I'll be building smarter learning experience where BLT University not only teaches individual vulnerabilities, but also helps learners understand what to practice next and why it matters.&lt;/p&gt;

&lt;h3&gt;
  
  
  Acknowledgement
&lt;/h3&gt;

&lt;p&gt;I would like to thank all my mentors, for their guidance, review feedback, and support throughout this period.&lt;/p&gt;

&lt;p&gt;Thank you for reading :) &lt;/p&gt;

</description>
      <category>opensource</category>
      <category>gsoc</category>
      <category>owasp</category>
      <category>programming</category>
    </item>
    <item>
      <title>📢 Calling all Content Writers &amp; Community Builders!</title>
      <dc:creator>Ananya</dc:creator>
      <pubDate>Sun, 03 May 2026 20:21:06 +0000</pubDate>
      <link>https://dev.to/owaspblt/calling-all-content-writers-community-builders-25c9</link>
      <guid>https://dev.to/owaspblt/calling-all-content-writers-community-builders-25c9</guid>
      <description>&lt;p&gt;Hey everyone! We are opening up opportunities for everyone to contribute to our official social media channels. If you enjoy writing, sharing tech insights, or highlighting community wins, we want you on the &lt;strong&gt;BLT Newsroom team&lt;/strong&gt;! 🗞️✨&lt;/p&gt;

&lt;p&gt;Here is how the process works:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Topics &amp;amp; Deadlines:&lt;/strong&gt; We will regularly share specific writing topics based on our current requirements, along with a submission deadline. &lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Submit Your Draft:&lt;/strong&gt; Write your post based on the given topic and share your draft right here in the group before the deadline hits. &lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Review &amp;amp; Feedback:&lt;/strong&gt; The lead project maintainer and social media maintainers will review all the submitted drafts. &lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Final Selection:&lt;/strong&gt; The draft that gets the top reviews will be selected and published on the official OWASP BLT social media pages! &lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is a fantastic way to build your portfolio, practice your technical writing, and get your work seen by a much wider audience. Keep an eye out for our first topic announcement soon! 🎨💻&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Apply here:&lt;/strong&gt; &lt;a href="https://jobs.owaspblt.org/job.html?id=owasp-blt-content-writer" rel="noopener noreferrer"&gt;https://jobs.owaspblt.org/job.html?id=owasp-blt-content-writer&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Join our slack community today!&lt;/strong&gt;👉&lt;a href="https://join.slack.com/t/owaspblt/shared_invite/zt-3rstz26wj-WtlZFo5RXqT_9UwNYJeycw" rel="noopener noreferrer"&gt;https://join.slack.com/t/owaspblt/shared_invite/zt-3rstz26wj-WtlZFo5RXqT_9UwNYJeycw&lt;/a&gt;&lt;br&gt;
Then join the newsroom channel. &lt;/p&gt;

&lt;p&gt;See you all with your first drafts here! &lt;/p&gt;

</description>
      <category>community</category>
      <category>news</category>
      <category>socialmedia</category>
      <category>writing</category>
    </item>
    <item>
      <title>Accepted into GSoC 2026: From First PR to Official Selection</title>
      <dc:creator>Ananya</dc:creator>
      <pubDate>Thu, 30 Apr 2026 18:17:01 +0000</pubDate>
      <link>https://dev.to/owaspblt/accepted-into-gsoc-2026-from-first-pr-to-official-selection-2hlj</link>
      <guid>https://dev.to/owaspblt/accepted-into-gsoc-2026-from-first-pr-to-official-selection-2hlj</guid>
      <description>&lt;p&gt;If some had told me in my first year of university that I would be writing this post, I wouldn't have believed. &lt;/p&gt;

&lt;p&gt;Today, I finally achieved a dream I have held onto for years: I’ve officially cracked &lt;strong&gt;Google Summer of Code 2026!&lt;/strong&gt; with &lt;a class="mentioned-user" href="https://dev.to/owasp_foundation"&gt;@owasp_foundation&lt;/a&gt; under OWASP BLT✨ It might seem like just another program to some, but for me, this is a dream coming true-a journey of collecting broken pieces, holding them together, and building something completely new. &lt;/p&gt;

&lt;h2&gt;
  
  
  🍂 The Beginning
&lt;/h2&gt;

&lt;p&gt;Coming from a computer science background in high school to an unexpected core engineering major in university was a drastic shift. My first year was spent just trying to heal my lost confidence and survive the transition. I heard about GSoC back then, but since I wasn't involved in the tech community, it felt like a distant, impossible mountain. &lt;/p&gt;

&lt;p&gt;The real struggle hit in my second year. The syllabus was exhausting. By the time my second year rolled around, I started peeking outside my core curriculum. I heard whispers of hackathons, open-source contributions, and got more involved in exploring this "famous" program called GSoC. I made my first attempt at GSoC by looking into organizations. I failed. I didn't have the knowledge of any tech stack, Git, or the skills to write those hundreds of lines of codes. &lt;/p&gt;

&lt;h2&gt;
  
  
  ☕ The Turning Point
&lt;/h2&gt;

&lt;p&gt;That failure was my wake-up call. During the summer break, I made a choice. I grounded myself, cut out the outside world, and sat at my desk for three months straight. I began participating in hackathons, doing LeetCode, and my open-source journey truly took off with GirlScript Summer of Code (GSSoC) 2025. That experience gave me the momentum and belief I needed to aim higher. &lt;/p&gt;

&lt;h2&gt;
  
  
  💻 The GSoC Grind
&lt;/h2&gt;

&lt;p&gt;In October, I changed my strategy, dug through past archives, and found an organization that perfectly matched my new skills: OWASP BLT.&lt;/p&gt;

&lt;p&gt;The struggle didn't end there. For the first few months, I had to work incredibly hard just to understand how a single line of code contributed to the final service on their homepage. But I stayed consistent. I opened my first PR, fixed bugs, and slowly became a constant contributor from October all the way through March, balancing my contributions with my core curriculum.&lt;/p&gt;

&lt;h2&gt;
  
  
  🤍 The Gratitude
&lt;/h2&gt;

&lt;p&gt;This win is not mine alone. It belongs to the incredible people who believed in me:  &lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;To my Father and Mother&lt;/strong&gt;: You are my strength. Your faith in me when I had none is why I am here.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;My Circle&lt;/strong&gt;: To the few friends who stood by me and fueled this journey.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I met incredible people in this organization. To our Lead Project Maintainer, &lt;a class="mentioned-user" href="https://dev.to/donnieblt"&gt;@donnieblt&lt;/a&gt; : Thank you. Every single step I have taken in this organization was only possible because of your support. If you hadn't been there, I wouldn't have reached this level of excellence. &lt;/p&gt;

&lt;p&gt;I am endlessly humbled and grateful to every energy out there that helped make this dream a reality.&lt;/p&gt;

&lt;p&gt;Here is to new beginnings. 🥂&lt;/p&gt;

</description>
      <category>gsoc2026</category>
      <category>summerofcode2026</category>
      <category>owasp</category>
      <category>opensource</category>
    </item>
    <item>
      <title>Breaking Into Open Source This Summer? Start with OWASP BLT</title>
      <dc:creator>saksh</dc:creator>
      <pubDate>Thu, 16 Apr 2026 15:31:47 +0000</pubDate>
      <link>https://dev.to/owaspblt/breaking-into-open-source-this-summer-start-with-owasp-blt-2m9l</link>
      <guid>https://dev.to/owaspblt/breaking-into-open-source-this-summer-start-with-owasp-blt-2m9l</guid>
      <description>&lt;p&gt;As summer approaches, open source sees a steady wave of new contributors.&lt;br&gt;
Each year, developers explore repositories, review issues, and look for meaningful ways to get involved.&lt;/p&gt;

&lt;p&gt;The challenge is rarely writing code. It is understanding the system well enough to contribute effectively.&lt;/p&gt;

&lt;p&gt;This summer, OWASP BLT is participating in the &lt;a href="https://www.socialsummerofcode.com/" rel="noopener noreferrer"&gt;Social Summer of Code (SSOC)&lt;/a&gt;, a three-month program focused on open source contribution, learning, and collaboration. It brings together contributors from diverse backgrounds to work on real-world projects, submit pull requests, and actively engage with the open source ecosystem.&lt;/p&gt;

&lt;h2&gt;
  
  
  About OWASP BLT
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://owaspblt.org/" rel="noopener noreferrer"&gt;OWASP BLT (Bug Logging Tool)&lt;/a&gt; is a community-driven OWASP project developing open source tools for vulnerability reporting, bug tracking, and security automation.&lt;/p&gt;

&lt;p&gt;The project spans APIs, dashboards, applications, bots, and ongoing research under OWASP. This is designed to make security workflows more practical, structured, and accessible for developers and teams.&lt;/p&gt;

&lt;h2&gt;
  
  
  Ongoing Deletion Program
&lt;/h2&gt;

&lt;p&gt;Alongside regular development, OWASP BLT is running an ongoing deletion initiative.&lt;/p&gt;

&lt;p&gt;Contributors review the repository, identify unused or unnecessary files, and remove them. Each valid contribution is rewarded with $1. This campaign will run till 30th April. &lt;/p&gt;

&lt;p&gt;This effort focuses on:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Supporting the ongoing migration to separate and more structured repositories&lt;/li&gt;
&lt;li&gt;Maintaining a clean and efficient codebase&lt;/li&gt;
&lt;li&gt;Improving long-term maintainability&lt;/li&gt;
&lt;li&gt;Helping contributors understand the structure of a real-world project&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;It also provides a simple and practical entry point for those beginning their open source journey.&lt;/p&gt;

&lt;h3&gt;
  
  
  Contribution Opportunities During SSOC
&lt;/h3&gt;

&lt;p&gt;As the program progresses, more areas of the project will be opened for contribution, including:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Clearly defined and beginner-friendly issues&lt;/li&gt;
&lt;li&gt;Opportunities across different parts of the stack&lt;/li&gt;
&lt;li&gt;Active collaboration within the community&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Whether you are exploring open source for the first time or looking to contribute to security-focused tooling, OWASP BLT offers a structured and meaningful way to get involved.&lt;/p&gt;

&lt;h4&gt;
  
  
  Get started 🚀
&lt;/h4&gt;

&lt;p&gt;Explore the repository and start contributing:&lt;br&gt;
&lt;a href="https://github.com/OWASP-BLT/BLT" rel="noopener noreferrer"&gt;https://github.com/OWASP-BLT/BLT&lt;/a&gt;.&lt;/p&gt;

</description>
      <category>opensource</category>
      <category>owasp</category>
      <category>beginners</category>
      <category>github</category>
    </item>
    <item>
      <title>🎉First PR? Get paid for it</title>
      <dc:creator>Ananya</dc:creator>
      <pubDate>Wed, 01 Apr 2026 18:55:05 +0000</pubDate>
      <link>https://dev.to/owaspblt/first-pr-get-paid-for-it-3k3e</link>
      <guid>https://dev.to/owaspblt/first-pr-get-paid-for-it-3k3e</guid>
      <description>&lt;p&gt;Introducing &lt;strong&gt;Dollar Deletions&lt;/strong&gt; — a special campaign only for first-time contributors.&lt;/p&gt;

&lt;p&gt;​We know large codebases can be intimidating, so we are paying you $1 for your first accepted Pull Request where you safely delete unused or legacy code.&lt;/p&gt;

&lt;h2&gt;
  
  
  👉 Why are we doing this?
&lt;/h2&gt;

&lt;p&gt;We are preparing for a major migration! To do this safely, we need to thoroughly clear out the existing repository. Your deletions will help us sweep away all the old files so we can seamlessly move our brand-new system into the clean repo.&lt;/p&gt;

&lt;p&gt;🧹 Clean up real production code&lt;br&gt;
🧠 Learn how large codebases work&lt;br&gt;
🚀 Make your first open-source contribution&lt;br&gt;
💵 Earn your first dollar online&lt;/p&gt;

&lt;h2&gt;
  
  
  How it works
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;Find dead or unnecessary code in our repository.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Submit your first-ever PR to remove it.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Pass the code review (your changes must not break existing functionality).&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Get $1 via GitHub Sponsors!&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  📌 The Rules
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;This campaign is only for first-time contributors to this repo.&lt;/li&gt;
&lt;li&gt;Your PR must include a clear explanation of what you removed and why.&lt;/li&gt;
&lt;li&gt;The code must remain fully functional after your deletion.&lt;/li&gt;
&lt;li&gt;Limited to one reward per contributor.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🏆 Bonus: Referral Leaderboard!
&lt;/h2&gt;

&lt;p&gt;Spread the word and climb the ranks! You can refer others to this initiative. Just have the PR mentioning that you are referring a contributor as &lt;a class="mentioned-user" href="https://dev.to/user1"&gt;@user1&lt;/a&gt; refers @user2 and link that PR to our mega issue. This will track the mention and boost &lt;a class="mentioned-user" href="https://dev.to/user1"&gt;@user1&lt;/a&gt;'s rank on our referral leaderboard.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;💡Not sure where to start? Look for issues labeled &lt;code&gt;good-first-deletion&lt;/code&gt; to get your bearings.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;👉&lt;em&gt;&lt;strong&gt;Start here:&lt;/strong&gt;&lt;/em&gt; &lt;a href="https://github.com/OWASP-BLT/BLT" rel="noopener noreferrer"&gt;&lt;em&gt;&lt;strong&gt;OWASP-BLT/BLT&lt;/strong&gt;&lt;/em&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;​Your first PR shouldn’t be scary—it should be rewarding. We can't wait to review your code!&lt;/p&gt;

</description>
      <category>100daysofcode</category>
      <category>github</category>
      <category>beginners</category>
      <category>opensource</category>
    </item>
    <item>
      <title>A Beginner’s Guide to Open Source Contributions (From My Journey and Mistakes)</title>
      <dc:creator>Jayant Malvi</dc:creator>
      <pubDate>Tue, 31 Mar 2026 21:02:24 +0000</pubDate>
      <link>https://dev.to/owaspblt/a-beginners-guide-to-open-source-contributions-from-my-journey-and-mistakes-adi</link>
      <guid>https://dev.to/owaspblt/a-beginners-guide-to-open-source-contributions-from-my-journey-and-mistakes-adi</guid>
      <description>&lt;p&gt;Hello everyone, I am Jayant Malvi. I am currently in 2nd year of my B.tech Computer Science in IIT Madras.&lt;/p&gt;

&lt;p&gt;So my journey started way before I actually started contributing. I was really intrigued by the open source world and always wanted to contribute to organizations where my work is actually used by real people.&lt;/p&gt;

&lt;p&gt;My first mistake was that I was just looking at how to start contributing—how to do GSoC and all that. I checked various GitHub repos, looked at good-first-issues, and always thought, &lt;em&gt;“nah, I don’t know this, I won’t be able to contribute.”&lt;/em&gt; This was in my first year of college. Around the same time, I was also reading a lot about cybersecurity—networking, vulnerabilities, etc.&lt;/p&gt;

&lt;p&gt;Then in my second year, one day in September, I explored OWASP projects and got introduced to OWASP-BLT. The idea of turning bug hunting and vulnerability findings into a gamified environment—with bounties, bacon—really caught my eye. That day I joined the Slack channel and messaged the maintainer, Donnie, about how I wanted to contribute. Donnie, being a great mentor, replied and helped me get started. That was the all the head start I needed.&lt;/p&gt;

&lt;p&gt;I jumped into the codebase and started looking at pending PRs. My goal was simple: understand how the codebase works and how PRs are actually done. While setting up the project, I noticed tests were failing. I had no idea what those tests meant at first, but after digging into the codebase, I found there were two identical names causing the issue. I discussed it in Slack and raised a PR.&lt;/p&gt;

&lt;p&gt;That’s when I realized—we really overcomplicate open source contributions. It’s honestly just about having the will to contribute and enjoying the process. From that day onwards, I caught momentum and never stopped.&lt;/p&gt;

&lt;p&gt;The biggest advice I can give (it sounds simple, but it works): &lt;strong&gt;stop thinking so much and just jump into the codebase&lt;/strong&gt;. At the start, you’ll feel like you don’t understand anything, but trust me—there will be a point where it just clicks, and after that it almost becomes addictive.&lt;/p&gt;

&lt;p&gt;Another important thing: being involved in discussions. One of my mistakes was being too hesitant to talk or ask questions. I thought people might think I’m dumb or not professional. That mindset held me back for a while. What I later realized is—no one thinks like that. Everyone is learning. You should ask questions freely. The kind of knowledge you get from peers in these communities is something you won’t easily get elsewhere.&lt;/p&gt;

&lt;p&gt;I also really liked how our maintainer, Donnie, introduced initiatives like requiring peer reviews for PRs. We have a strong peer network in BLT where everyone helps each other. A big part of my journey was reviewing PRs—this helped me understand the project better and learn about common mistakes like N+1 queries, deduplication issues, etc. I’d strongly recommend reviewing PRs—it helps others and sharpens your own understanding.&lt;/p&gt;

&lt;p&gt;One of the major things I worked on was BLT-Zero. It’s a core part of OWASP-BLT where anyone can send vulnerabilities report to target organizations through a zero-trust workflow—no plaintext storage, mail with encrypted zips, hashes for decryption. This project is really close to me. I started working on it in November, it grew into a community project(in BLT-Zero repository, feel free to join us), and now we’re really close to sending the first vulnerability mail. I’m genuinely excited about that.&lt;/p&gt;

&lt;p&gt;There are also many other community projects like BLT-Leaf, BLT-SafeCloak, and more across different domains ,you can contribute to domains that interests you and learn a lot. We’ve also started an initiative for new contributors to help reduce technical debt by making deletion PRs. It’s a great way to get started and understand the project better.&lt;/p&gt;

&lt;p&gt;Today the GSoC proposal deadline ended. What I really liked is how my perspective has changed. Around 6 months ago, GSoC felt like just a program to get into. But now, it felt like I’m actually building my own project from scratch and trying to make it as good as possible in the organization which is really close to me. The time I spent researching and writing my proposal was quite a lot, but I enjoyed the whole process more than I expected.&lt;/p&gt;

&lt;p&gt;Looking back, I’ve really enjoyed these last 6 months of contributing. I just wish I had joined in the fun earlier. The peer group I found here is one of the most supportive I’ve seen. I’ll keep contributing and see BLT grow into one of the biggest security projects out there.&lt;/p&gt;

&lt;p&gt;And finally, a special thanks to our maintainer, Donnie for the constant guidance and for helping me grow as a contributor. The discussions we had around new ideas and improvements—and the way you always encouraged them—were easily the best part.&lt;/p&gt;

&lt;p&gt;If you’re someone thinking about starting open source—just start. That’s it. You are always welcome at OWASP-BLT.&lt;/p&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>github</category>
      <category>opensource</category>
    </item>
    <item>
      <title>Designing the Face of OWASP BLT: Three New Creative Challenges 🎨✨</title>
      <dc:creator>Ananya</dc:creator>
      <pubDate>Fri, 20 Mar 2026 15:33:34 +0000</pubDate>
      <link>https://dev.to/owaspblt/designing-the-face-of-owasp-blt-three-new-creative-challenges-8kn</link>
      <guid>https://dev.to/owaspblt/designing-the-face-of-owasp-blt-three-new-creative-challenges-8kn</guid>
      <description>&lt;p&gt;If you’ve been following our journey, you know that OWASP BLT is evolving. We’re streamlining our mission and modularizing our code, but a project is only as strong as its identity. We want the "front door" of our project to reflect the innovation happening behind the scenes.&lt;/p&gt;

&lt;p&gt;We are officially inviting the creative community to help us redefine our look and community interaction through these design contests:&lt;/p&gt;

&lt;h3&gt;
  
  
  1. The Video Meme Contest 🎬
&lt;/h3&gt;

&lt;p&gt;Who says security has to be serious all the time? We’re looking for the most creative, relatable, or just plain hilarious video memes that capture the "bug hunting" struggle or the spirit of the OWASP community.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Prize: $10&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Deadline: April 15, 2026&lt;/strong&gt; &lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 &lt;a href="https://contest.owaspblt.org/blt-video-meme.html" rel="noopener noreferrer"&gt;&lt;strong&gt;View Video Meme Contest Details&lt;/strong&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  2. The Logo Design Contest 🕵️
&lt;/h3&gt;

&lt;p&gt;The OWASP BLT logo is more than just an icon; it’s a symbol of security and community accountability. We’re looking for a fresh, modern take on our visual identity. Whether you’re a minimalist or a fan of bold, "hacker-y" aesthetics, we want to see your vision.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Prize: $25&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Deadline: April 15, 2026&lt;/strong&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 &lt;a href="https://contest.owaspblt.org/blt-logo.html" rel="noopener noreferrer"&gt;&lt;strong&gt;View Logo Contest Details&lt;/strong&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  3. The Homepage Redesign Contest 💻
&lt;/h3&gt;

&lt;p&gt;We want our landing page to be as intuitive and high-performance as the tools we build. This is a challenge for the UI/UX enthusiasts—how would you structure the first experience a researcher or contributor has with BLT? Show us your layouts, your transitions, and your vision for a better user experience.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Prize: $25&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Deadline: April 15, 2026&lt;/strong&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 &lt;a href="https://contest.owaspblt.org/blt-homepage.html" rel="noopener noreferrer"&gt;&lt;strong&gt;View Homepage Contest Details&lt;/strong&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why get involved?
&lt;/h2&gt;

&lt;p&gt;Open source isn’t a gated club for "genius coders." It’s a space for anyone who wants to build something that matters. By participating in these contests, you’re not just submitting a file; you’re interacting with the OWASP BLT repository, getting your name on the contributor list, and helping us shape the future of the project.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;Start small, design bold, and let’s see what you can create.&lt;/strong&gt;&lt;/p&gt;
&lt;/blockquote&gt;

</description>
      <category>owaspblt</category>
      <category>logodesigncontest</category>
      <category>homepagedesigncontest</category>
      <category>videomemedesigncontest</category>
    </item>
    <item>
      <title>The Great OWASP BLT Cleanup: Delete a File, Join Open Source</title>
      <dc:creator>Donnie Brown</dc:creator>
      <pubDate>Mon, 16 Mar 2026 23:16:25 +0000</pubDate>
      <link>https://dev.to/owaspblt/the-great-owasp-blt-cleanup-delete-a-file-join-open-source-2hi1</link>
      <guid>https://dev.to/owaspblt/the-great-owasp-blt-cleanup-delete-a-file-join-open-source-2hi1</guid>
      <description>&lt;p&gt;The &lt;strong&gt;OWASP BLT project&lt;/strong&gt; is entering a new phase.&lt;/p&gt;

&lt;p&gt;Over time, the main repository grew into a large monolith containing many different components. To make the project easier to maintain and contribute to, we’re migrating from a single repository into &lt;strong&gt;multiple focused repositories&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;During this transition, we’ve paused new additions to the main repo while we move components into their own homes.&lt;/p&gt;

&lt;p&gt;But instead of doing the cleanup alone, we decided to turn it into a &lt;strong&gt;community challenge&lt;/strong&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  🧹 The Great OWASP BLT Cleanup
&lt;/h2&gt;

&lt;p&gt;Want to contribute to open source in the easiest possible way?&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Delete a file.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Each contributor can submit &lt;strong&gt;one pull request that removes a single file&lt;/strong&gt; from the repository. That’s it.&lt;/p&gt;

&lt;p&gt;As components move to their new repositories, the community will help gradually bring the original repo down to &lt;strong&gt;zero files&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Think of it like a collaborative game where every PR moves the project one step closer to its next chapter.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why We’re Doing This
&lt;/h2&gt;

&lt;p&gt;This campaign helps us:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Trim down the original repository during the migration&lt;/li&gt;
&lt;li&gt;Give &lt;strong&gt;first-time contributors&lt;/strong&gt; an easy entry point to open source&lt;/li&gt;
&lt;li&gt;Teach the basics of &lt;strong&gt;forking, branching, and pull requests&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Create a fun community moment around the transition&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Once the repository is empty, we’ll replace it with a lightweight version that reflects the project’s new structure.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Rules
&lt;/h2&gt;

&lt;p&gt;To keep things fair:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;🗑 &lt;strong&gt;One file deleted per contributor&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;🔁 No multiple deletion PRs from the same person&lt;/li&gt;
&lt;li&gt;🧩 Only &lt;strong&gt;one file per pull request&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;🌱 Contributors are encouraged to join the new repositories afterward&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This ensures more people can participate.&lt;/p&gt;

&lt;h2&gt;
  
  
  Perfect for First-Time Contributors
&lt;/h2&gt;

&lt;p&gt;If you’ve ever wanted to contribute to open source but didn’t know where to start, this is a great opportunity.&lt;/p&gt;

&lt;p&gt;You’ll learn how to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Fork a repository&lt;/li&gt;
&lt;li&gt;Create a branch&lt;/li&gt;
&lt;li&gt;Commit a change&lt;/li&gt;
&lt;li&gt;Open a pull request&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;All with &lt;strong&gt;almost zero technical complexity&lt;/strong&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Want to Do More?
&lt;/h2&gt;

&lt;p&gt;After submitting your deletion PR, feel free to jump into the new BLT repositories and contribute real features, fixes, or improvements.&lt;/p&gt;

&lt;p&gt;This campaign is just the &lt;strong&gt;first step into the community&lt;/strong&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Let’s Clean It Up Together
&lt;/h2&gt;

&lt;p&gt;Every deleted file means:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;one step closer to the new architecture&lt;/li&gt;
&lt;li&gt;one new contributor joining the project&lt;/li&gt;
&lt;li&gt;one small win for open source collaboration&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Find a file. Delete it. Submit your PR. 🚀&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Welcome to the cleanup crew.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://github.com/OWASP-BLT/BLT" rel="noopener noreferrer"&gt;OWASP BLT Github Repo&lt;/a&gt;&lt;/p&gt;

</description>
      <category>opensource</category>
      <category>owasp</category>
      <category>code</category>
      <category>cleanup</category>
    </item>
    <item>
      <title>The Transition: From Intent to Integration</title>
      <dc:creator>Ananya</dc:creator>
      <pubDate>Wed, 11 Mar 2026 18:15:45 +0000</pubDate>
      <link>https://dev.to/owaspblt/the-transition-from-intent-to-integration-467</link>
      <guid>https://dev.to/owaspblt/the-transition-from-intent-to-integration-467</guid>
      <description>&lt;p&gt;I had defined my "why" and mapped out a vision for GSoC 2026. However, the last few weeks have shifted my focus from the abstract goal to the granular reality of open-source contribution. The momentum I gained from the past few months of contributions, has evolved into a disciplined daily rhythm.&lt;/p&gt;

&lt;p&gt;The gap between planning and execution is where the most significant learning occurs. In my previous update, I spoke about the "Plan." Since then, I have moved past simply archiving organizations to actively living within the repositories of &lt;strong&gt;OWASP BLT&lt;/strong&gt;. I will share more insights on those in the upcoming posts.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Recent Progress
&lt;/h2&gt;

&lt;p&gt;A major technical highlight of these past two weeks was my deep dive into HTMX. While my foundation in the MERN stack is solid, exploring HTMX allowed me to view web development through a different lens—focusing on simplicity and high-performance transitions without the overhead of heavy JavaScript frameworks. &lt;/p&gt;

&lt;p&gt;I successfully implemented a project using HTMX, which served as a practical laboratory for my learning. This experience taught me that being an engineer isn't just about sticking to what you know; it’s about the agility to adopt the right tool for the specific problem at hand. Integrating this into my workflow has made my contributions more versatile and informed.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Momentum of the Merge
&lt;/h2&gt;

&lt;p&gt;The most rewarding aspect of this period has been the "merged" status on my Pull Requests. There is a specific kind of validation that comes from having code reviewed by experienced maintainers and then integrated into a real-world repository. Each merged PR represented a hurdle cleared—whether it was navigating a complex file structure, adhering to strict coding standards, or resolving merge conflicts that initially seemed daunting.&lt;/p&gt;

&lt;p&gt;Through this process, I have begun to overcome the hesitation I previously mentioned. Being active on GitHub and participating in PR discussions has forced me to communicate my logic clearly and accept feedback professionally. I am no longer just a spectator in these communities; &lt;strong&gt;I am a contributor&lt;/strong&gt;, or better say an "&lt;strong&gt;Active Contributor&lt;/strong&gt;"&lt;/p&gt;

&lt;h2&gt;
  
  
  Revamp of the main BLT home page as BLT Pages
&lt;/h2&gt;

&lt;p&gt;Being involved in the launch of the new BLT Pages home page from both a development and a strategic perspective provided a holistic view of software delivery. It taught me that a successful launch requires more than just clean code; it requires a narrative that connects the technology to the user. This experience has been pivotal in addressing my previous goal of improving proactive communication and overcoming my hesitation in professional settings.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical and Community Growth
&lt;/h2&gt;

&lt;p&gt;My commitment to upskilling remains a constant. While I work on the frontend and strategy for BLT, I continue to strengthen my backend capabilities and practice Data Structures and Algorithms in C++. My roles in GDG on Campus and the FLUX Society continue to provide a necessary balance, reminding me that while coding is often a solitary act, building great software is a communal effort.&lt;/p&gt;

&lt;h2&gt;
  
  
  Looking Ahead
&lt;/h2&gt;

&lt;p&gt;The next few weeks will be about sustaining this velocity. The momentum from the last fourteen days has replaced the "magic" of open source with something more sustainable: the confidence that comes from consistent, meaningful work. &lt;/p&gt;

&lt;p&gt;I will continue to deepen my involvement with the BLT core team, ensuring the momentum of the new home page launch is maintained. I am also beginning to translate these practical experiences into the initial framework of my formal GSoC proposal, using my recent contributions as a proof of concept for my potential as a long-term contributor.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;See you in the next post. Let's make it happen!&lt;/em&gt;&lt;/p&gt;

</description>
      <category>opensource</category>
      <category>gsoc2026</category>
      <category>googlesummerofcode2026</category>
      <category>programming</category>
    </item>
    <item>
      <title>Next Week Is Going to Be Pure Chaos!!</title>
      <dc:creator>rp_dex</dc:creator>
      <pubDate>Sat, 07 Mar 2026 16:40:41 +0000</pubDate>
      <link>https://dev.to/owaspblt/next-week-is-going-to-be-pure-chaos-1kg0</link>
      <guid>https://dev.to/owaspblt/next-week-is-going-to-be-pure-chaos-1kg0</guid>
      <description>&lt;p&gt;Next week my life will become a distributed system under heavy load.&lt;/p&gt;

&lt;p&gt;Why??&lt;/p&gt;

&lt;p&gt;Because three things are happening at the same time:&lt;/p&gt;

&lt;p&gt;College midsems starts Monday&lt;/p&gt;

&lt;p&gt;GSOC proposal writing&lt;/p&gt;

&lt;p&gt;Trying to push open source PRs before deadlines&lt;/p&gt;

&lt;p&gt;Which means my schedule next week looks something like this:&lt;/p&gt;

&lt;p&gt;9:00 AM  -&amp;gt; Study for midsem&lt;br&gt;
11:00 AM -&amp;gt; Panic&lt;br&gt;
12:00 PM -&amp;gt; Debug failing PR&lt;br&gt;
2:00 PM  -&amp;gt; Realize I studied the wrong subject&lt;br&gt;
4:00 PM  -&amp;gt; Write proposal draft&lt;br&gt;
6:00 PM  -&amp;gt; Coffee&lt;br&gt;
7:00 PM  -&amp;gt; Another PR review request appears&lt;br&gt;
9:00 PM  -&amp;gt; Existential crisis&lt;br&gt;
2:00 AM  -&amp;gt; Finally understand the code&lt;br&gt;
2:05 AM  -&amp;gt; Maintainer asks for rebase&lt;/p&gt;

&lt;h2&gt;
  
  
  The Academic vs Open Source Conflict
&lt;/h2&gt;

&lt;p&gt;Professors expect to focus on my exams..&lt;br&gt;
Maintainers expect “Can you update the PR with the latest changes?”&lt;br&gt;
My brain expects Sleep &lt;/p&gt;

&lt;p&gt;&lt;strong&gt;None of these expectations are being met.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Midsem Preparation Strategy
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;Open the syllabus.&lt;/li&gt;
&lt;li&gt;Realise I should've started earlier. &lt;/li&gt;
&lt;li&gt;Open GitHub instead.&lt;/li&gt;
&lt;li&gt;Convince myself fixing a bug is “productive studying”..&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Proposal Writing Mode
&lt;/h2&gt;

&lt;p&gt;Writing proposals is a special experience.&lt;/p&gt;

&lt;p&gt;You start confident&lt;/p&gt;

&lt;p&gt;“This project idea is brilliant.”&lt;/p&gt;

&lt;p&gt;Two hours later&lt;/p&gt;

&lt;p&gt;“Do I even understand my own architecture?”&lt;/p&gt;

&lt;p&gt;Four hours later&lt;/p&gt;

&lt;p&gt;“Maybe I should become a farmer.”&lt;/p&gt;

&lt;h2&gt;
  
  
  Reality of the Week
&lt;/h2&gt;

&lt;p&gt;By Thursday the system will degrade into:&lt;/p&gt;

&lt;p&gt;caffeine driven coding&lt;/p&gt;

&lt;p&gt;last minute studying&lt;/p&gt;

&lt;p&gt;refreshing GitHub notifications&lt;/p&gt;

&lt;p&gt;pretending everything is under control&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Spoiler: it will not be under control.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Final Thoughts&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Next week is either going to be:&lt;/p&gt;

&lt;p&gt;extremely productive&lt;/p&gt;

&lt;p&gt;or&lt;/p&gt;

&lt;p&gt;an absolute disaster&lt;/p&gt;

&lt;p&gt;But either way…&lt;/p&gt;

&lt;p&gt;there will be commits..&lt;/p&gt;

</description>
      <category>webdev</category>
      <category>ai</category>
      <category>programming</category>
      <category>beginners</category>
    </item>
  </channel>
</rss>
