You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Originally posted by fujiokayu March 6, 2022
since V1.4.0, the OWASP Mobile App Security Checklists have been renewed and changed to be automatically generated.
thanks for the great works.
However, the Test Case links are fewer and noticeably blank compared to past versions.
Those already familiar with this project will have no problem.
But those who are trying to use checklist for the first time, or clients who are given a checklist as evidence of testing, may be a bit confused.
One major reason is that the Python program does not target the "0x04" document.
Fixing this will fill in most of the holes in V4 and V5, and a few in V2, V3, and V6.
if you would like to include this fix, I will send a PR soon.
tools/scripts/mstg_to_html.sh
- for filename in Document/0x05*.md Document/0x06*.md; do+ for filename in Document/0x04*.md Document/0x05*.md Document/0x06*.md; do
tools/scripts/yaml_to_excel.py
# We only get the first link because there should be actually only one per platform.
link_android = get_link_for(req["links"], "0x05")
link_ios = get_link_for(req["links"], "0x06")
+ link_common = get_link_for(req["links"], "0x04")
if link_android:
ws.cell(row=row, column=col_link_android).value = f'=HYPERLINK("{link_android}", "Test Case")'
ws.cell(row=row, column=col_link_ios).value = "N/A"
ws.cell(row=row, column=col_link_ios).style = "gray_header"
+ # If a cell is null or "N/A", and a 0x04 link exists, write it in the test case.+ if link_common:+ if ws.cell(row=row, column=col_link_android).value is None or ws.cell(row=row, column=col_link_android).value == "N/A": + ws.cell(row=row, column=col_link_android).value = f'=HYPERLINK("{link_common}", "Test Case")'+ ws.cell(row=row, column=col_link_android).style = "Hyperlink"+ ws.cell(row=row, column=col_link_android).alignment = excel_styles_and_validation.align_center+ if ws.cell(row=row, column=col_link_ios).value is None or ws.cell(row=row, column=col_link_ios).value == "N/A": + ws.cell(row=row, column=col_link_ios).value = f'=HYPERLINK("{link_common}", "Test Case")'+ ws.cell(row=row, column=col_link_ios).style = "Hyperlink"+ ws.cell(row=row, column=col_link_ios).alignment = excel_styles_and_validation.align_center
Hi @fujiokayu, here's the issue, could you please open a PR including your changes? Please write Closes #2084 in the description so that it is linked to this issue.
Once it is created we can take a look at the generated files and see it it need some more fixes.
I've sent you an invitation to join our project on GitHub, once you accept it I'll assign this issue to you.
Discussed in #2082
Originally posted by fujiokayu March 6, 2022
since V1.4.0, the OWASP Mobile App Security Checklists have been renewed and changed to be automatically generated.
thanks for the great works.
However, the Test Case links are fewer and noticeably blank compared to past versions.
Those already familiar with this project will have no problem.
But those who are trying to use checklist for the first time, or clients who are given a checklist as evidence of testing, may be a bit confused.
One major reason is that the Python program does not target the "0x04" document.
Fixing this will fill in most of the holes in V4 and V5, and a few in V2, V3, and V6.
if you would like to include this fix, I will send a PR soon.
tools/scripts/mstg_to_html.sh
tools/scripts/yaml_to_excel.py
As a sample, share the checklist that generated with this modification applied.
https://drive.google.com/drive/folders/1FI8VHUO_MJVfcwbRFUffZAI7zlxbFpGD?usp=sharing
But this is not a perfect fix, so I'd be happy to hear everyone's opinions.
The text was updated successfully, but these errors were encountered: