[Owasp-topten] Top 10 2017 RC2 released
Andrew van der Stock
vanderaj at owasp.org
Sun Oct 22 03:53:46 UTC 2017
The OWASP Top 10 2017 is ready to start being translated into as many
languages as possible.
If you can help us, we have a deadline of November 20 for the English
version, with a golden master coming out November 13. You don't need to hit
this deadline, but it would be awesome if you could.
We are working at GitHub, and I suggest you do as well, so you can track
our changes and avoid complications from sending around zillions of
PowerPoint files to each other, and trying to work out what changed. We
have a Markdown (text) version of the PowerPoint you can use as the basis
for translation. Every time we change it, you can see exactly what changed
to the character.
Open your browser here - this is the Golden Master branch, and it's where
we will be working
These steps should work
- Fork the OWASP Top 10 into your a repo in one of your GitHub accounts
(it helps if you can agree if there's only one!). Add all your
collaborators to the fork.
- Change the branch to the "golden-master" branch. This is the post-RC2
branch we will be working from in English, and it's the easiest way to find
out exactly which words or sentences or punctuation changed so you can keep
up with us and the QA process.
- Regularly pull from us so you keep up with our changes. I tagged
"2017-RC2" as the tag you can diff from so you can see *all* the changes
between RC2 and wherever we're up to.
- Create an "pt" or "pt-br" folder (this is what the
generate_document.sh script expects)
- Copy all the English markdown from "en" to "<iso>" (i.e. fr, jp, en,
- Please translate the Markdown in the "<iso>" folder
- Once you're done with Markdown, you will want to create a PowerPoint.
This takes about a day. Please copy the English version and save it in the
same place but call it "OWASP Top 10 2017 GM (<iso>).pptx" or similar
- Converting to PowerPoint is a good validation step to make sure you
fit into a single page. It's HARD to make everything fit. Make the changes
you need to make it work. We know English can be a compact language, so
we're not precious about precise translations as long as the meaning is
preserved and folks can understand what they need to do with your text.
- When you're ready for us to consume your translation, please create a
pull request, and we'll merge your changes. We can do this as many times as
Please avoid changing any of the existing files so your merges will be
clean and conflict free. You are more than welcome to create or enable the "
<iso>" line in the generate_document.sh script. That script generates a
Word document, which is can be very handy for spell checking, and fast at
copying text and already linked URLs to PowerPoint.
I'd like to have space for your credits somewhere. Have a think about the
best location to put in your details within the document, because that will
become the template for all the other languages, too.
On Fri, Oct 20, 2017 at 5:17 PM, 박형근 <mirrk1 at gmail.com> wrote:
> Hello, Team.
> Great Gob!!!
> Korean translation team will compare between RC 1 and RC 2.
> And we wait final release.
> What's the changed final release's schedule?
> Thanks a lot.
> Best regards.
> 2017-10-21 6:17 GMT+09:00 Neil Smithline <neil.smithline at owasp.org>:
>> We have just released RC2 at https://github.com/OWASP/Top10
>> We have worked extensively to validate the methodology, obtained a great
>> deal of data on over 114,000 apps, and obtained qualitative data via survey
>> by 550 community members on the two new categories – insecure
>> deserialization and insufficient logging and monitoring.
>> We strongly urge for any corrections or issues to be logged at GitHub -
>> Through public transparency, we provide traceability and ensure that all
>> voices are heard during this final month before publication.
>> (We will be reaching out to translators shortly.)
>> Andrew van der Stock
>> Brian Glas
>> Neil Smithline
>> Torsten Gigler
>> Neil Smithline
>> OWASP Top-10 Co-Leader
>> @neil_smithline <https://twitter.com/neil_smithline>
>> Owasp-topten mailing list
>> Owasp-topten at lists.owasp.org
> Park, Hyungkeun, CGEIT, CISSP, CISA, IBM Security Technical Leader, SWG,
> IBM Korea.
> TEL. 82-2-3781-7963, FAX. 82-31-213-8283, HP 010-4995-7963, E-mail :
> phk at kr.ibm.com
> Office Address : 16th Fl., Military Mutual Aid Association Bldg 467-12,
> Dogok-dong, Gangnam-gu, Seoul, Korea (Zip Code : 135-270)
> Twitter: http://twitter.com/securityinsight
> Facebook: http://www.facebook.com/hyungkeun.park
> Web Site: http://www.securityplus.or.kr
> Owasp-topten mailing list
> Owasp-topten at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-topten