From d89ef676cd8b7a0453447f9440df101ced984fbe Mon Sep 17 00:00:00 2001 From: Jon Gadsden Date: Mon, 17 Nov 2025 22:24:06 +0000 Subject: [PATCH 1/3] update actions in workflows --- .github/workflows/housekeeping.yaml | 4 ++-- .github/workflows/pr.yaml | 6 +++--- README.md | 4 ++-- code_of_conduct.md | 8 ++++---- info.md | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/housekeeping.yaml b/.github/workflows/housekeeping.yaml index 2eb67191..fac0e438 100644 --- a/.github/workflows/housekeeping.yaml +++ b/.github/workflows/housekeeping.yaml @@ -16,7 +16,7 @@ jobs: actions: write steps: - name: Delete stale workflow runs - uses: Mattraks/delete-workflow-runs@v2.0.6 + uses: Mattraks/delete-workflow-runs@v2.1.0 with: token: ${{ github.token }} repository: ${{ github.repository }} @@ -24,7 +24,7 @@ jobs: keep_minimum_runs: 10 - name: Delete unused workflows - uses: otto-de/purge-deprecated-workflow-runs@v3.0.1 + uses: otto-de/purge-deprecated-workflow-runs@v4.0.1 with: token: ${{ github.token }} diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index c53e9371..6caf1642 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -17,7 +17,7 @@ jobs: uses: actions/checkout@v5.0.0 - name: Link Checker - uses: lycheeverse/lychee-action@v2.6.1 + uses: lycheeverse/lychee-action@v2.7.0 with: # skip the jekyll files under '_includes' directory args: >- @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@v5.0.0 - name: Lint markdown - uses: DavidAnson/markdownlint-cli2-action@v20.0.0 + uses: DavidAnson/markdownlint-cli2-action@v21.0.0 with: config: '.markdownlint.yaml' globs: '*.md' @@ -52,7 +52,7 @@ jobs: uses: actions/checkout@v5.0.0 - name: Spell check - uses: rojopolis/spellcheck-github-actions@0.52.0 + uses: rojopolis/spellcheck-github-actions@0.54.0 with: config_path: .spellcheck.yaml diff --git a/README.md b/README.md index 825f1f3a..b736fe71 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ DevGuide logo [![CC BY-SA 4.0 license](https://img.shields.io/github/license/owasp/www-project-developer-guide.svg)](license.txt) -[![OWASP Lab project](https://img.shields.io/badge/owasp-lab%20project-f7b73c.svg)](https://www.owasp.org/projects) -[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9373/badge)](https://www.bestpractices.dev/projects/9373) +[![OWASP Lab project](https://img.shields.io/badge/owasp-lab%20project-f7b73c.svg)](https://owasp.org/projects) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9373/badge)](https://www.bestpractices.dev/en/projects/9373) ## OWASP Foundation Developer Guide project diff --git a/code_of_conduct.md b/code_of_conduct.md index abd05beb..0ba21c82 100644 --- a/code_of_conduct.md +++ b/code_of_conduct.md @@ -122,8 +122,8 @@ Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcem See the [FAQ][faq] for answers to common questions about this code of conduct, and translations are available of this [contributor covenant][translate]. -[cofc]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html -[diversity]: https://github.com/mozilla/diversity -[faq]: https://www.contributor-covenant.org/faq +[cofc]: https://www.contributor-covenant.org/version/2/0/code_of_conduct/ +[diversity]: https://github.com/mozilla/inclusion +[faq]: https://www.contributor-covenant.org/faq/ [homepage]: https://www.contributor-covenant.org -[translate]: https://www.contributor-covenant.org/translations +[translate]: https://www.contributor-covenant.org/translations/ diff --git a/info.md b/info.md index 533fd873..aac97464 100644 --- a/info.md +++ b/info.md @@ -25,7 +25,7 @@ ### Repository * [Markdown source][repo] -* [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9373/badge)](https://www.bestpractices.dev/projects/9373) +* [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9373/badge)](https://www.bestpractices.dev/en/projects/9373) [es]: https://devguide.owasp.org/es/ [pdf]: https://github.com/OWASP/DevGuide/releases From 86d3cdecaf29f47222b7832a2b9af04a387d5f12 Mon Sep 17 00:00:00 2001 From: Jon Gadsden Date: Tue, 18 Nov 2025 11:25:41 +0000 Subject: [PATCH 2/3] fix broken links and redirects --- README.md | 2 +- index.md | 4 ++-- release/14-appendices/00-toc.md | 2 +- release/14-appendices/01-implementation-dos-donts/00-toc.md | 2 +- .../01-implementation-dos-donts/01-container-security.md | 2 +- .../01-implementation-dos-donts/02-secure-coding.md | 2 +- .../01-implementation-dos-donts/03-cryptographic-practices.md | 2 +- .../01-implementation-dos-donts/04-application-spoofing.md | 2 +- .../01-implementation-dos-donts/05-content-security-policy.md | 2 +- .../06-exception-error-handling.md | 2 +- .../01-implementation-dos-donts/07-file-management.md | 2 +- .../01-implementation-dos-donts/08-memory-management.md | 2 +- release/14-appendices/01-implementation-dos-donts/toc.md | 2 +- release/14-appendices/02-verification-dos-donts/00-toc.md | 2 +- .../02-verification-dos-donts/01-secure-environment.md | 2 +- .../02-verification-dos-donts/02-system-hardening.md | 2 +- .../02-verification-dos-donts/03-open-source-software.md | 2 +- release/14-appendices/02-verification-dos-donts/toc.md | 2 +- release/14-appendices/toc.md | 2 +- 19 files changed, 20 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index b736fe71..c8f48abd 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ DevGuide logo [![CC BY-SA 4.0 license](https://img.shields.io/github/license/owasp/www-project-developer-guide.svg)](license.txt) -[![OWASP Lab project](https://img.shields.io/badge/owasp-lab%20project-f7b73c.svg)](https://owasp.org/projects) +[![OWASP Lab project](https://img.shields.io/badge/owasp-lab%20project-f7b73c.svg)](https://owasp.org/projects/) [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9373/badge)](https://www.bestpractices.dev/en/projects/9373) ## OWASP Foundation Developer Guide project diff --git a/index.md b/index.md index 67bacc24..9818b544 100644 --- a/index.md +++ b/index.md @@ -40,7 +40,7 @@ and providing enough detail to get developers started on various OWASP tools and The intended audience of the Developer Guide is application developers working in various domains such as web, desktop, mobile, API and cloud. -### History +## History Along with the OWASP Top Ten, the Developer Guide is one of the original resources published soon after OWASP was formed in 2001. @@ -51,7 +51,7 @@ for the modern security landscape using contributions from the wider application Periodically the Developer Guide is versioned and the contents promoted to the [release area][release] of the repository. -### Contributing +## Contributing Contributions and suggestions are all welcome, we just ask that you follow our [code of conduct][conduct] and read the [contributing guidelines][contribution] which provide style and document structure suggestions. diff --git a/release/14-appendices/00-toc.md b/release/14-appendices/00-toc.md index a4dd4ea3..aad6fe66 100644 --- a/release/14-appendices/00-toc.md +++ b/release/14-appendices/00-toc.md @@ -6,6 +6,6 @@ tags: OWASP Developer Guide contributors: Jon Gadsden document: OWASP Developer Guide order: -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/00-toc.md b/release/14-appendices/01-implementation-dos-donts/00-toc.md index 8445329e..b692453c 100644 --- a/release/14-appendices/01-implementation-dos-donts/00-toc.md +++ b/release/14-appendices/01-implementation-dos-donts/00-toc.md @@ -6,6 +6,6 @@ tags: OWASP Developer Guide contributors: Jon Gadsden document: OWASP Developer Guide order: -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/01-container-security.md b/release/14-appendices/01-implementation-dos-donts/01-container-security.md index a836cace..9b19a891 100644 --- a/release/14-appendices/01-implementation-dos-donts/01-container-security.md +++ b/release/14-appendices/01-implementation-dos-donts/01-container-security.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14110 permalink: /release/appendices/implementation_dos_donts/container_security/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/01-container-security/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/02-secure-coding.md b/release/14-appendices/01-implementation-dos-donts/02-secure-coding.md index 257506a9..52ac504c 100644 --- a/release/14-appendices/01-implementation-dos-donts/02-secure-coding.md +++ b/release/14-appendices/01-implementation-dos-donts/02-secure-coding.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14120 permalink: /release/appendices/implementation_dos_donts/secure_coding/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/02-secure-coding/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/03-cryptographic-practices.md b/release/14-appendices/01-implementation-dos-donts/03-cryptographic-practices.md index 23354d7b..7f10db35 100644 --- a/release/14-appendices/01-implementation-dos-donts/03-cryptographic-practices.md +++ b/release/14-appendices/01-implementation-dos-donts/03-cryptographic-practices.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14130 permalink: /release/appendices/implementation_dos_donts/cryptographic_practices/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/03-cryptographic-practices/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/04-application-spoofing.md b/release/14-appendices/01-implementation-dos-donts/04-application-spoofing.md index 71678c25..16dcd57d 100644 --- a/release/14-appendices/01-implementation-dos-donts/04-application-spoofing.md +++ b/release/14-appendices/01-implementation-dos-donts/04-application-spoofing.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14140 permalink: /release/appendices/implementation_dos_donts/application_spoofing/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/04-application-spoofing/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/05-content-security-policy.md b/release/14-appendices/01-implementation-dos-donts/05-content-security-policy.md index eaea6ebb..07a2d679 100644 --- a/release/14-appendices/01-implementation-dos-donts/05-content-security-policy.md +++ b/release/14-appendices/01-implementation-dos-donts/05-content-security-policy.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14150 permalink: /release/appendices/implementation_dos_donts/content_security_policy/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/05-content-security-policy/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/06-exception-error-handling.md b/release/14-appendices/01-implementation-dos-donts/06-exception-error-handling.md index 4b99de36..b60e42a6 100644 --- a/release/14-appendices/01-implementation-dos-donts/06-exception-error-handling.md +++ b/release/14-appendices/01-implementation-dos-donts/06-exception-error-handling.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14160 permalink: /release/appendices/implementation_dos_donts/exception_error_handling/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/06-exception-error-handling/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/07-file-management.md b/release/14-appendices/01-implementation-dos-donts/07-file-management.md index a88c8e84..569a5b82 100644 --- a/release/14-appendices/01-implementation-dos-donts/07-file-management.md +++ b/release/14-appendices/01-implementation-dos-donts/07-file-management.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14170 permalink: /release/appendices/implementation_dos_donts/file_management/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/07-file-management/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/08-memory-management.md b/release/14-appendices/01-implementation-dos-donts/08-memory-management.md index b1095986..ed28aff7 100644 --- a/release/14-appendices/01-implementation-dos-donts/08-memory-management.md +++ b/release/14-appendices/01-implementation-dos-donts/08-memory-management.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14180 permalink: /release/appendices/implementation_dos_donts/memory_management/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/08-memory-management/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/01-implementation-dos-donts/toc.md b/release/14-appendices/01-implementation-dos-donts/toc.md index 590138d2..abfe7a47 100644 --- a/release/14-appendices/01-implementation-dos-donts/toc.md +++ b/release/14-appendices/01-implementation-dos-donts/toc.md @@ -7,6 +7,6 @@ contributors: Jon Gadsden document: OWASP Developer Guide order: 14100 permalink: /release/appendices/implementation_dos_donts/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/02-verification-dos-donts/00-toc.md b/release/14-appendices/02-verification-dos-donts/00-toc.md index 3720b154..377146db 100644 --- a/release/14-appendices/02-verification-dos-donts/00-toc.md +++ b/release/14-appendices/02-verification-dos-donts/00-toc.md @@ -6,6 +6,6 @@ tags: OWASP Developer Guide contributors: Jon Gadsden document: OWASP Developer Guide order: -redirect_to: https://devguide.owasp.org/en/12-appendices/02-verification-dos-donts/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/02-verification-dos-donts/01-secure-environment.md b/release/14-appendices/02-verification-dos-donts/01-secure-environment.md index d7bbf6b0..00d09fd3 100644 --- a/release/14-appendices/02-verification-dos-donts/01-secure-environment.md +++ b/release/14-appendices/02-verification-dos-donts/01-secure-environment.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14210 permalink: /release/appendices/verification_dos_donts/secure_environment/ -redirect_to: https://devguide.owasp.org/en/12-appendices/02-verification-dos-donts/01-secure-environment/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/02-verification-dos-donts/02-system-hardening.md b/release/14-appendices/02-verification-dos-donts/02-system-hardening.md index ffca55cf..967a8826 100644 --- a/release/14-appendices/02-verification-dos-donts/02-system-hardening.md +++ b/release/14-appendices/02-verification-dos-donts/02-system-hardening.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14220 permalink: /release/appendices/verification_dos_donts/system_hardening/ -redirect_to: https://devguide.owasp.org/en/12-appendices/02-verification-dos-donts/02-system-hardening/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/02-verification-dos-donts/03-open-source-software.md b/release/14-appendices/02-verification-dos-donts/03-open-source-software.md index 183d0751..f341587f 100644 --- a/release/14-appendices/02-verification-dos-donts/03-open-source-software.md +++ b/release/14-appendices/02-verification-dos-donts/03-open-source-software.md @@ -7,6 +7,6 @@ contributors: Shruti Kulkarni document: OWASP Developer Guide order: 14230 permalink: /release/appendices/verification_dos_donts/open_source_software/ -redirect_to: https://devguide.owasp.org/en/12-appendices/02-verification-dos-donts/03-open-source-software/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/02-verification-dos-donts/toc.md b/release/14-appendices/02-verification-dos-donts/toc.md index f5d2b70c..fb0d72c0 100644 --- a/release/14-appendices/02-verification-dos-donts/toc.md +++ b/release/14-appendices/02-verification-dos-donts/toc.md @@ -7,6 +7,6 @@ contributors: Jon Gadsden document: OWASP Developer Guide order: 14200 permalink: /release/appendices/verification_dos_donts/ -redirect_to: https://devguide.owasp.org/en/12-appendices/02-verification-dos-donts/ +redirect_to: https://devguide.owasp.org/ --- diff --git a/release/14-appendices/toc.md b/release/14-appendices/toc.md index bd032ba4..eba07655 100644 --- a/release/14-appendices/toc.md +++ b/release/14-appendices/toc.md @@ -7,6 +7,6 @@ contributors: Jon Gadsden document: OWASP Developer Guide order: 14000 permalink: /release/appendices/ -redirect_to: https://devguide.owasp.org/en/12-appendices/01-implementation-dos-donts/ +redirect_to: https://devguide.owasp.org/ --- From 94553344dd6f64c50e313199c8cc3615ad604927 Mon Sep 17 00:00:00 2001 From: Jon Gadsden Date: Tue, 18 Nov 2025 11:30:53 +0000 Subject: [PATCH 3/3] ignore unused release-es files --- .github/workflows/pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 6caf1642..4c0c8fc5 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -25,7 +25,7 @@ jobs: --max-retries 1 --retry-wait-time 10 --exclude-path './_includes/*.html' - './**/*.md' + './release/**/*.md' '*.md' fail: true env: