search

OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
https://owasp.org/www-project-web-security-testing-guide/
Creative Commons Attribution Share Alike 4.0 International
7.35k stars 1.33k forks source link

checklist.json deserves an update #1163

Closed cydave closed 2 weeks ago

cydave commented 3 weeks ago

What's the issue? WSTG-INPV-13 exists twice in checklist.json:

Would it maybe make sense to rework the checklist.json generator? :)

How do we solve it? Consider using python to generate an up-to-date checklist.json file instead of using bash magic. Also, consider excluding removed (or merged) entries from the list.

Would you like to be assigned to this issue? Check the box if you will submit a PR to fix this issue. Please read CONTRIBUTING.md.

kingthorin commented 3 weeks ago

That's a known and accepted issue. Things won't be re-numbered until 5.0 because it's technically a breaking change. That's why there are placeholders.

I guess I could look at inserting a fake "Objective" explaining the discrepancy so that it'd show-up in the checklists.

cydave commented 3 weeks ago

Gotcha! Wouldn't it make sense to have separate branches for latest and stable tho? Maybe that's too big of a restructure, but might be worth considering?