24 Pull requests merged by 3 people

• Move recommendations

  #3148 merged May 22, 2025

• Style/grammar updates for chapter/section text to resolve #3013

  #3146 merged May 22, 2025

• Mark RSA-PKCS#1 v1.5 KEX as disallowed

  #3119 merged May 22, 2025

• Provide numeric illustration of L1 change

  #3147 merged May 22, 2025

• Align list of DH groups with NIST SP 800-57 Part 1 Rev.5 plus Curve448 and Curve25519

  #3051 merged May 22, 2025

• Reformulate key generation requirement (11.6.1)

  #3144 merged May 22, 2025

• bold--

  #3142 merged May 22, 2025

• CORS-related terminology correction, closes #3139

  #3143 merged May 22, 2025

• Rename "using ASVS" to "what is the ASVS"

  #3141 merged May 22, 2025

• new version for "what is ASVS"

  #3134 merged May 22, 2025

• new version for "changes compared to v4.x"

  #3135 merged May 22, 2025

• Create updated export formats

  #3136 merged May 21, 2025

• Remove crypto link and change appendix name

  #3132 merged May 21, 2025

• Remove objectives, we cover this elsewhere

  #3133 merged May 21, 2025

• Clarifications to resolve #3109

  #3126 merged May 21, 2025

• Update preface

  #3129 merged May 21, 2025

• added business logic toctou, closes #3117

  #3131 merged May 21, 2025

• Add clarifications on key sharing to resolve #2310

  #3127 merged May 21, 2025

• referenced chapter title correction

  #3128 merged May 21, 2025

• filenames synced to chapter titles, closes #3123

  #3125 merged May 21, 2025

• Cleanup crypto appendix

  #3124 merged May 20, 2025

• Cleanup list of KDFs and password hashing methods

  #3120 merged May 19, 2025

• follow up mapping fixes for #3116

  #3121 merged May 17, 2025

• Clarify and focus concurrency reqs to resolve #2960

  #3116 merged May 17, 2025

2 Pull requests opened by 2 people

• Tweak wording about mlkem768x25519 and fix broken link (Firefox support)

  #3137 opened May 21, 2025

• Glossary_Suggestions_for_remove_and_update_definition

  #3149 opened May 23, 2025

13 Issues closed by 4 people

• The paragraph is not easily readable.

  #3138 closed May 22, 2025

• Handle spelling and grammar

  #3013 closed May 22, 2025

• Crypto appendix: remove Encrypted key transport with RSA-PKCS#1 v1.5

  #3092 closed May 22, 2025

• Clarifications on section 11.6

  #3061 closed May 22, 2025

• terminology correction CORS-safelisted vs non-CORS-preflighted

  #3139 closed May 22, 2025

• Clarify why 15.3.1/v5.0.be-10.4.5 is not access control

  #3109 closed May 21, 2025

• Create a L2 TOCTOU requirement

  #3117 closed May 21, 2025

• V6 - Proper/safe MAC usage (in contrast to digital signatures)

  #2310 closed May 21, 2025

• "policy" for file names

  #3123 closed May 21, 2025

• Cleanup list of approved Hash Functions for Password Storage

  #2991 closed May 19, 2025

• Clarify list of KDFs in the appendix

  #3021 closed May 19, 2025

• 13.4.6 / v5.0.be-14.3.3 is L3 right level?

  #3118 closed May 18, 2025

• V15.4 "Concurrency" requirements

  #2960 closed May 17, 2025

1 Issue opened by 1 person

• Microsoft 11 rolls out PQC algorithms

  #3140 opened May 22, 2025

7 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• TIP: CSV file in source directory

  #3115 commented on May 21, 2025 • 0 new comments

• Link new requirements to CREs

  #2334 commented on May 21, 2025 • 0 new comments

• Informative list of tasks and dependencies related to mapping and requirement (re)numbering

  #2456 commented on May 21, 2025 • 0 new comments

• texts from 3rd person point of view

  #2802 commented on May 22, 2025 • 0 new comments

• ASVS v5.0 release checklist - rough workings

  #2555 commented on May 22, 2025 • 0 new comments

• lowercase vs uppercase grammar (original: 6.2.1 causes capitalization inconsistency)

  #1875 commented on May 23, 2025 • 0 new comments

• Handle Glossary

  #2201 commented on May 23, 2025 • 0 new comments