We are proud to announce the introduction of a new document build pipeline, which is a major milestone for our project. The build pipeline is based on Pandocker and Github Actions.
This significantly reduces the time spent on creating new releases and will also be the foundation for the OWASP MSTG and will be made available for the OWASP ASVS project.
- 4 more translations are available, which are Hindi, Farsi, Portuguese and Brazilian Portuguese
- Added requirement MSTG-PLATFORM-11
- Jeroen Willemsen for kick-starting this initiative last year!
- Damien Clochard and Dalibo for supporting and professionalizing the build pipeline.
- All our Hindi, Farsi, Portuguese and Brazilian Portuguese collaborators for the excellent translation work.
V1.2 International Release
With a little bit of delay we are happy to present version 1.2 of the MASVS!
- Created international version of V1.2: the MASVS is now translated into German, Spanish, French, Japanese, Korean, Russian, Simplified Chinese, and Traditional Chinese.
- New build and release systems based on Github Actions and Docker containers resulting in better looking PDF, Mobi, Epub and Docx documents.
This is the very first release of the MASVS in Russian!
Thanks Maxim Gall for the initiative to translate the English version into Russian and thanks to Oprya Egor, Chelnokov Vladislav, Tereshin Dmitrii, Bachevsky Artem, Mesheryakov Aleksey, Ratchenko Denis who supported in this project.
The following changes are part of release 1.1:
- Requirement 2.6 "The clipboard is deactivated on text fields that may contain sensitive data." was removed. See also Issue #117.
- Requirement 2.2 "No sensitive data should be stored outside of the app container or system credential storage facilities." was added.
- Requirement 2.1 was reworded to "System credential storage facilities are used appropriately to store sensitive data, such as PII, user credentials or cryptographic keys.".