From ac6819eba2ba2b6b69c58e249c37ceac14e629b9 Mon Sep 17 00:00:00 2001 From: Jinson Varghese Behanan <33680980+jinsonvarghese@users.noreply.github.com> Date: Sun, 3 May 2026 14:49:48 +0530 Subject: [PATCH 1/3] Update ACKNOWLEDGEMENTS.md --- ACKNOWLEDGEMENTS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ACKNOWLEDGEMENTS.md b/ACKNOWLEDGEMENTS.md index 1a29c5d..b302882 100644 --- a/ACKNOWLEDGEMENTS.md +++ b/ACKNOWLEDGEMENTS.md @@ -40,7 +40,7 @@ The following standards and frameworks directly informed the development of APTS - [OWASP ASVS](https://owasp.org/www-project-application-security-verification-standard/) (Application Security Verification Standard) - [OSSTMM](https://www.isecom.org/OSSTMM.3.pdf) (Open Source Security Testing Methodology Manual) - [OWASP Top 10 for Agentic Applications](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/) (Agentic AI Security Risks) -- [NIST AI RMF](https://www.nist.gov/artificial-intelligence/risk-management-framework) (AI Risk Management Framework) +- [NIST AI RMF](https://www.nist.gov/itl/ai-risk-management-framework) (AI Risk Management Framework) - [EU AI Act](https://artificialintelligenceact.eu/) (Regulation (EU) 2024/1689) ## How to Get Listed From b54fd0cc49c423cdc2441ae1f4f29a21dee1e3ba Mon Sep 17 00:00:00 2001 From: Jinson Varghese Behanan <33680980+jinsonvarghese@users.noreply.github.com> Date: Sun, 3 May 2026 14:51:20 +0530 Subject: [PATCH 2/3] Update LICENSE.md --- LICENSE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE.md b/LICENSE.md index ca04c0a..95d1c10 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -193,4 +193,4 @@ Original work licensed under CC BY-SA 4.0: https://github.com/OWASP/APTS ## OWASP Trademark -The OWASP name and logos are trademarks of The OWASP Foundation. You may refer to the standard as "OWASP Autonomous Penetration Testing Standard" for editorial purposes without permission. Commercial use of OWASP trademarks requires approval. Contact [trademarks@owasp.org](mailto:trademarks@owasp.org). See the [OWASP Trademark Policy](https://owasp.org/www-policy/operational/trademark) for details. +The OWASP name and logos are trademarks of The OWASP Foundation. You may refer to the standard as "OWASP Autonomous Penetration Testing Standard" for editorial purposes without permission. Commercial use of OWASP trademarks requires approval. Contact [trademarks@owasp.org](mailto:trademarks@owasp.org). See the [OWASP Trademark Policy](https://owasp.org/www-policy/operational/mark-usage-guidelines) for details. From c327f3ee8938cdf3c16c1050cd889e8b307d4b29 Mon Sep 17 00:00:00 2001 From: Jinson Varghese Behanan <33680980+jinsonvarghese@users.noreply.github.com> Date: Sun, 3 May 2026 14:55:18 +0530 Subject: [PATCH 3/3] Update ci.yml --- .github/workflows/ci.yml | 56 ++++++---------------------------------- 1 file changed, 8 insertions(+), 48 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index af54a3c..a4262c3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,21 +16,17 @@ jobs: defaults: run: shell: bash - steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Set up Python uses: actions/setup-python@v5 with: python-version: "3.11" - - name: Set up Node.js uses: actions/setup-node@v4 with: node-version: "20" - - name: Cache npm package cache uses: actions/cache@v4 with: @@ -38,92 +34,69 @@ jobs: key: npm-markdown-tools-${{ runner.os }}-markdownlint-cli2-0.22.1-markdown-link-check-3 restore-keys: | npm-markdown-tools-${{ runner.os }}- - - name: Install validation tools run: | set -euo pipefail - python -m pip install --upgrade pip python -m pip install "PyYAML==6.0.2" "ruff==0.8.6" - sudo apt-get update sudo apt-get install -y shellcheck - npm install --global markdownlint-cli2@0.22.1 markdown-link-check@3 - - name: Validate Python syntax in scripts run: | set -euo pipefail - if [[ -d "scripts" ]]; then python -m compileall scripts else echo "No scripts directory found. Skipping Python syntax validation." fi - - name: Run Python lint with ruff continue-on-error: true run: | set -euo pipefail - if [[ -d "scripts" ]]; then ruff check scripts --output-format=github else echo "No scripts directory found. Skipping ruff." fi - - name: Validate YAML files run: | set -euo pipefail - python scripts/validate_yaml.py - - name: Validate shell scripts run: | set -euo pipefail - mapfile -d '' shell_files < <( git ls-files -z -- '*.sh' '*.bash' ) - if (( ${#shell_files[@]} == 0 )); then echo "No shell scripts found. Skipping shellcheck." exit 0 fi - failed=0 - for file in "${shell_files[@]}"; do echo "Running shellcheck on ${file}" if ! shellcheck "${file}"; then failed=1 fi done - exit "$failed" - - name: Validate JSON files run: | set -euo pipefail failed=0 - while IFS= read -r -d '' file; do echo "Validating JSON: ${file}" - if ! python -m json.tool "${file}" > /dev/null 2>&1; then echo "FAILED: Invalid JSON in ${file}" failed=1 fi done < <(git ls-files -z -- '*.json') - exit "$failed" - - name: Validate Markdown structure run: | set -euo pipefail - config_file="${RUNNER_TEMP}/markdownlint-cli2.jsonc" - cat > "${config_file}" <<'EOF' { "config": { @@ -135,72 +108,60 @@ jobs: } } EOF - mapfile -d '' markdown_files < <(git ls-files -z -- '*.md') - if (( ${#markdown_files[@]} == 0 )); then echo "No Markdown files found. Skipping markdownlint." exit 0 fi - markdownlint-cli2 --config "${config_file}" "${markdown_files[@]}" - - name: Validate Markdown tables run: | set -euo pipefail - python scripts/validate_markdown_tables.py - - name: Check internal Markdown links run: | set -euo pipefail - python scripts/check_internal_markdown_links.py - - name: Check external Markdown links continue-on-error: true run: | set -euo pipefail - config_file="${RUNNER_TEMP}/markdown-link-check-external.json" - cat > "${config_file}" <<'EOF' { "ignorePatterns": [ { "pattern": "^(?!https?:\\/\\/)" + }, + { + "pattern": "^https?://www\\.linkedin\\.com" + }, + { + "pattern": "^https?://owasp\\.slack\\.com" } ], "timeout": "10s", "retryOn429": true, - "retryCount": 2 + "retryCount": 2, + "aliveStatusCodes": [200, 403] } EOF - failed=0 - while IFS= read -r -d '' file; do echo "Checking external links in ${file}" - if ! markdown-link-check "${file}" --quiet --config "${config_file}"; then failed=1 fi done < <(git ls-files -z -- '*.md') - exit "$failed" - - name: Check generated artifacts are up to date run: | set -euo pipefail - python scripts/check_generated_artifacts.py - - name: Check for temporary or debug files run: | set -euo pipefail - failed=0 - while IFS= read -r -d '' file; do case "${file}" in *.tmp|*.bak|*.log|*.swp|*.swo|*.orig|.DS_Store) @@ -209,5 +170,4 @@ jobs: ;; esac done < <(git ls-files -z) - exit "$failed"