Skip to content

v2.0.0
Compare
Choose a tag to compare
@github-actions github-actions released this 05 Mar 11:06
· 4 commits to main since this release
v2.0.0
d233da8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

2.0.0 (2024-03-05)

Features

  • Removes duplicated test case

  • Moves API3 rules that focused on defining 400, 401, 500 responses out into API8.

  • Adds unevaluatedproperties rule for OAS 3.1

  • Adds owasp-api3-2023-constrained-additional/unevaluated tests

  • Updates year on api1 and api2 unchanged

  • Renames api4:2019 to api4:2023 only

  • Adds owasp:api2:2023-write-restricted and owasp:api2:2023-read-restricted

  • Fixes #25: adds owasp:api5:2023-admin-security-unique

  • Fixes #21 and makes no-nimeric-ids support any string

  • Adds support for no-server-http to use relative path.

  • Partially fixes #52: Require servers use x-internal true/false to explicitly explain what is public or internal for documentation tools

  • Fixes #52: Servers, define which environment is the API running in

BREAKING CHANGES

  • Adds/Removes rule to cater for OWASP 2023 top 10 list
Assets 2
Loading