Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve #1324 #1343

Merged
merged 7 commits into from
Oct 1, 2023
Merged

Resolve #1324 #1343

merged 7 commits into from
Oct 1, 2023

Conversation

tghosth
Copy link
Collaborator

@tghosth tghosth commented Aug 24, 2022

This Pull Request relates to issue #1324

Note CWE change.

@tghosth tghosth requested a review from elarlang August 24, 2022 14:45
@tghosth tghosth added 6) PR awaiting review _5.0 - prep This needs to be addressed to prepare 5.0 labels Aug 24, 2022
@tghosth tghosth mentioned this pull request Aug 24, 2022
Closed
@elarlang
Copy link
Collaborator

I can not see, how this requirement fits to category "V14.1 Build and Deploy"

@tghosth
Copy link
Collaborator Author

tghosth commented Aug 30, 2022

It is the closest configuration sub-section, I don't think it is ideal but I am not sure there is any better option...

@elarlang
Copy link
Collaborator

elarlang commented Oct 8, 2022

Can we implement just change for CWE?

I can not see how we can improve current situation with category change. The current one suites better. If we have separate (sub)category for configuration hardening, then it can go there.

@tghosth
Copy link
Collaborator Author

tghosth commented Oct 21, 2022

@elarlang I don't think having an SSRF category makes sense, especially with just one requirement which is pretty general anyway. Would you prefer that we start a configuration hardening section in V14?

@elarlang elarlang mentioned this pull request Dec 22, 2022
Open
@tghosth
Copy link
Collaborator Author

tghosth commented Jul 11, 2023

@elarlang I think I made the changes you wanted here.

@tghosth tghosth assigned jmanico and elarlang and unassigned elarlang and jmanico Jul 11, 2023
elarlang
elarlang requested changes Jul 16, 2023
View reviewed changes
Copy link
Collaborator

@elarlang elarlang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we not use / instead of "or"? see #1491

Both, in the subcategory title and in the requirement text

@tghosth tghosth marked this pull request as draft July 20, 2023 16:23
@tghosth
Copy link
Collaborator Author

tghosth commented Jul 20, 2023

Waiting for: #1491

@tghosth tghosth marked this pull request as ready for review September 28, 2023 12:11
@tghosth
Copy link
Collaborator Author

tghosth commented Sep 28, 2023

Do we think this can be merged now @elarlang

@elarlang
Copy link
Collaborator

Can we not have "/" in the subcategory title?

Double . at the end of requirement text (14.7.1), double space after moved label (12.6.1)

@elarlang elarlang mentioned this pull request Sep 28, 2023
Closed
@tghosth
Copy link
Collaborator Author

tghosth commented Sep 28, 2023

@elarlang is that better?

@elarlang
Copy link
Collaborator

approved, I leave the merge process for you (as there are some conflicts to solve)

@tghosth tghosth merged commit 60f563d into master Oct 1, 2023
2 checks passed
@tghosth tghosth deleted the tghosth-1324 branch October 1, 2023 09:15
elarlang pushed a commit to elarlang/ASVS that referenced this pull request Nov 9, 2023
@tghosth @elarlang
Resolve OWASP#1324 (OWASP#1343)
036d638 
* Move 12.6.1 to 14.1.8

* Change CWE on 14.1.8

* Update 0x20-V12-Files-Resources.md

* Update 0x22-V14-Config.md

* Fix syntax issues
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elarlang elarlang elarlang approved these changes

Assignees

@elarlang elarlang

Labels
6) PR awaiting review josh/elar _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tghosth @elarlang @jmanico