Skip to content

docs: add machine-readable Rules of Engagement template appendix#9

Merged
jinsonvarghese merged 4 commits intoOWASP:mainfrom
Hinotoi-agent:docs/rules-of-engagement-template
Apr 19, 2026
Merged

docs: add machine-readable Rules of Engagement template appendix#9
jinsonvarghese merged 4 commits intoOWASP:mainfrom
Hinotoi-agent:docs/rules-of-engagement-template

Conversation

@Hinotoi-agent
Copy link
Copy Markdown
Contributor

@Hinotoi-agent Hinotoi-agent commented Apr 18, 2026
edited
Loading

Summary

  • add a non-normative Rules of Engagement template appendix with YAML/JSON examples
  • link the appendix from the standard README and the Scope Enforcement implementation guide
  • extend the Vendor Evaluation Guide with a concrete RoE artifact review prompt

Why

Issue #7 asks for a practical machine-readable Rules of Engagement starter template that customers, implementers, and reviewers can use consistently without turning one file format into a mandatory requirement.

Affected sections

  • standard/appendix/Rules_of_Engagement_Template.md
  • standard/README.md
  • standard/1_Scope_Enforcement/Implementation_Guide.md
  • standard/appendix/Vendor_Evaluation_Guide.md

Contributing.md checklist

  • describe what changed and why: included above
  • link related issue: Closes Proposal: add a machine-readable Rules of Engagement template #7
  • list affected sections: included above
  • formatting and links: checked locally for the touched Markdown files
  • AI assistance disclosure: drafted with AI assistance and reviewed by the submitting human

Notes

  • informative appendix only; no new normative requirements added
  • writing kept vendor-neutral and organization-neutral
  • terminology follows the existing style guide

Closes #7

@Hinotoi-agent Hinotoi-agent mentioned this pull request Apr 18, 2026
Closed
@jinsonvarghese
Copy link
Copy Markdown
Member

jinsonvarghese commented Apr 19, 2026

@Hinotoi-agent Thank you. It directly supports APTS-SE-001 and the field mappings to requirement IDs are a good addition.

However, there are two changes needed before a merge:

  1. A row needs to be added for the new appendix in standard/Getting_Started.md under the Document Map table
  2. Consider adding an XML example alongside YAML and JSON, since APTS-SE-001 verification references all three formats

This was referenced Apr 19, 2026
Merged
Merged
Merged
@Hinotoi-agent
Copy link
Copy Markdown
Contributor Author

Hinotoi-agent commented Apr 19, 2026

Thanks — I addressed both requested changes:

  • added a Document Map row for the new appendix in standard/Getting_Started.md
  • added an XML example alongside the YAML and JSON examples

I also removed the cross-cutting standard/README.md and Vendor_Evaluation_Guide.md edits from this branch to reduce merge conflicts with the other appendix PRs.

Updated on commit 2ff72c6.

@jinsonvarghese jinsonvarghese merged commit 7118352 into OWASP:main Apr 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Proposal: add a machine-readable Rules of Engagement template

2 participants

@Hinotoi-agent @jinsonvarghese