Consider having a PROPOSAL.md file

[DonnieBLT]

It's a good idea to separate detailed funding proposals from the general FUNDING.yml file to keep things organized. A common practice in many open-source projects is to use a FUNDING.yml file for general funding links and a separate PROPOSAL.md (or similar) for detailed funding proposals.

While there are no strict standards for funding proposals, you can create a well-structured PROPOSAL.md file to include detailed information on what the funding will be used for, along with specific financial needs. Here’s how you could approach this:

Example FUNDING.yml:

# FUNDING.yml
github: https://github.com/sponsors/yourname
patreon: https://www.patreon.com/yourname
opencollective: https://opencollective.com/yourname

Example PROPOSAL.md:

# Funding Proposal

## Introduction
We are seeking funding to support the development and maintenance of [Project Name]. Below are the detailed funding requirements and their respective allocations.

## Funding Requirements
- **Developer**: $150,000
  - Responsible for developing new features and maintaining existing codebase.
- **Marketer**: $120,000
  - Focused on increasing the project's visibility and user engagement.
- **Designer**: $80,000
  - Tasked with creating a user-friendly interface and improving UX/UI.

## Use of Funds
The funds will be used to:
- Hire full-time developers and contributors.
- Market the project to reach a wider audience.
- Enhance the project's design and user experience.
- Cover operational costs such as hosting and tools.

## Expected Outcomes
With the funding, we aim to:
- Accelerate the development of new features.
- Increase user adoption and community involvement.
- Improve the overall quality and user experience of the project.

Updated Python Script:

The script can be modified to look for and parse PROPOSAL.md files to extract detailed funding information.

import json
import os
import requests
import yaml

GITHUB_API_URL = "https://api.github.com"
ORG_NAME = "OWASP"
ADDITIONAL_PROJECTS = [
    {"name": "Juice Shop", "repo_url": "https://github.com/juice-shop/juice-shop"},
    {"name": "MAS", "repo_url": "https://github.com/OWASP/owasp-masvs"},
    {"name": "BLT", "repo_url": "https://github.com/OWASP-BLT/BLT"},
    {"name": "SAMM", "repo_url": "https://github.com/OWASP/samm"},
    {"name": "CycloneDX", "repo_url": "https://github.com/CycloneDX/cyclonedx-cli"},
    {"name": "Dependency-Track", "repo_url": "https://github.com/DependencyTrack/dependency-track"},
    {"name": "Wrongsecrets", "repo_url": "https://github.com/OWASP/wrongsecrets"},
    {"name": "ModSecurity Core Rule Set", "repo_url": "https://github.com/coreruleset/coreruleset"},
    {"name": "ASVS", "repo_url": "https://github.com/OWASP/ASVS"},
    {"name": "OpenCRE", "repo_url": "https://github.com/OWASP/OpenCRE"}
]

def get_owasp_repos():
    url = f"{GITHUB_API_URL}/orgs/{ORG_NAME}/repos"
    repos = []
    while url:
        response = requests.get(url)
        response.raise_for_status()
        repos.extend(response.json())
        url = response.links.get('next', {}).get('url')
    return repos

def check_file(repo_url, file_path):
    repo_name = '/'.join(repo_url.split('/')[-2:])
    file_url = f'https://raw.githubusercontent.com/{repo_name}/master/{file_path}'
    response = requests.get(file_url)
    print(f"Checking file URL: {file_url} - Status Code: {response.status_code}")
    if response.status_code == 200:
        return file_url
    return None

def parse_proposal_file(proposal_url):
    response = requests.get(proposal_url)
    if response.status_code == 200:
        lines = response.text.split('\n')
        funding_details = []
        capture = False
        for line in lines:
            if line.startswith("## Funding Requirements"):
                capture = True
                continue
            if capture:
                if line.startswith("##"):
                    break
                funding_details.append(line.strip())
        return ' '.join(funding_details).replace('\n', ', ')
    return ''

# Fetch OWASP repos
owasp_repos = get_owasp_repos()
owasp_repos_data = [
    {"name": repo['name'], "repo_url": repo['html_url']}
    for repo in owasp_repos
]

# Combine OWASP repos and additional projects
data = owasp_repos_data + ADDITIONAL_PROJECTS

# Remove duplicates based on the 'repo_url' key
unique_data = {project['repo_url']: project for project in data}.values()

project_links = []

for project in unique_data:
    project_name = project['name']
    repo_url = project['repo_url']
    
    if project_name.startswith('www-'):
        print(f"Skipping repository: {project_name}")
        continue

    print("project name", project_name)
    funding_url = check_file(repo_url, '.github/FUNDING.yml')
    proposal_url = check_file(repo_url, 'PROPOSAL.md')
    if funding_url:
        funding_details = parse_proposal_file(proposal_url) if proposal_url else ''
        project_links.append({
            'project_name': project_name,
            'repo_url': repo_url,
            'funding_url': funding_url,
            'funding_details': funding_details
        })
        print(f"Added project: {project_name} with funding details: {funding_details}")

# Write the JSON output file
output_file = 'project_repos_links.json'
with open(output_file, 'w') as f:
    json.dump(project_links, f, indent=2)

print(f"Output written to '{output_file}'")

# Generate the index.html file
html_content = """
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>BLT Tomato - OWASP Projects Seeking Funding</title>
    <style>
        body {
            font-family: Arial, sans-serif;
            margin: 0;
            padding: 0;
            background-color: #f4f4f4;
            color: #333;
        }
        header {
            background-color: #d9534f;
            color: white;
            padding: 10px 0;
            text-align: center;
        }
        header img {
            vertical-align: middle;
            margin-right: 10px;
        }
        header h1 {
            display: inline;
            font-size: 24px;
            vertical-align: middle;
        }
        main {
            padding: 20px;
        }
        ul {
            list-style-type: none;
            padding: 0;
        }
        li {
            background-color: white;
            margin: 10px 0;
            padding: 10px;
            border-radius: 5px;
            box-shadow: 0 0 5px rgba(0, 0, 0, 0.1);
        }
        .heart-icon {
            color: red;
            margin-left: 10px;
            text-decoration: none;
        }
        footer {
            text-align: center;
            padding: 20px;
            background-color: #d9534f;
            color: white;
        }
        footer a {
            color: white;
            text-decoration: underline;
        }
    </style>
</head>
<body>
    <header>
        <img src="https://img.icons8.com/color/48/000000/tomato.png" alt="Tomato" width="40" height="40">
        <h1>BLT Tomato - this is an OWASP BLT project created to help other OWASP projects.</h1>
    </header>
    <main>
        <p>The following OWASP projects are seeking funding and have a funding.yml file:</p>
        <ul>
"""

for index, project in enumerate(project_links, start=1):
    html_content += f'<li>{index}. <a href="{project["repo_url"]}">{project["project_name"]}</a> <a href="{project["funding_url"]}" class="heart-icon">&#10084;</a> <span>{project["funding_details"]}</span></li>\n'

html_content += """
        </ul>
    </main>
    <footer>
        <p><a href="https://github.com/OWASP-BLT/BLT-Tomato">View this script on GitHub</a></p>
    </footer>
</body>
</html>
"""

with open('index.html', 'w') as f:
    f.write(html_content)

print("index.html file has been created.")

Key Changes:

1. Separate PROPOSAL.md:

   • Added support for a separate PROPOSAL.md file to contain detailed funding proposals.

2. Check for PROPOSAL.md:

   • Added a check_file function to check for the existence of both .github/FUNDING.yml and PROPOSAL.md.

3. Parse PROPOSAL.md: