Add Risk and Test - Sensitive Data Hardcoded in the App Package [data-hardcoded-app-package] #2565
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thanks for opening the PR @juanmanuelmartinez-dekra. Please remember to link PRs to Issues using "Closes #xxxx". In this case, simply add "Closes #2543" to the description. (I've added it for you) |
ZabGo
reviewed
Feb 26, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
ZabGo
reviewed
Feb 26, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
ZabGo
reviewed
Feb 26, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
cpholguera
requested changes
Mar 15, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
cpholguera
reviewed
Mar 15, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
|
@ZabGo I've answered to your comments and also added new suggestions, would you mind reviewing please? |
@cpholguera so sorry completely missed you comment here. I apologise if it's blocked you @juanmanuelmartinez-dekra. I'll review that asap! |
|
No problem. Thank you, @ZabGo! |
cpholguera
changed the title
ZabGo
reviewed
Apr 4, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Outdated
Show resolved
Hide resolved
…kage/risk.md Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
…kage/risk.md Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
…kage/risk.md Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
…kage/risk.md Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
…kage/risk.md Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
…kage/risk.md Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
…kage/risk.md Co-authored-by: Xavier Godard <42573001+ZabGo@users.noreply.github.com>
cpholguera
reviewed
Apr 27, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Show resolved
Hide resolved
cpholguera
reviewed
Apr 27, 2024
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/risk.md
Show resolved
Hide resolved
cpholguera
reviewed
Apr 27, 2024
There was a problem hiding this comment.
@juanmanuelmartinez-dekra the risk file is ready to go. Would you mind continuing now with the rest so we can cover for the original issue? That'd include:
- adding at least one test folder with a test.md file
- if you want to do Android, that'd be
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/android-data-hardcoded-app-package/test.md
- if you want to do Android, that'd be
- add at least one demo (and the corresponding files such as snippers and run.sh)
risks/MASVS-STORAGE/1-prevent-hardcoded/data-hardcoded-app-package/android-data-hardcoded-app-package/demo-1/demo.md
In our guidelines you can find links to 3 existing risks that include tests and demos as well as the "how to write" sections.
You can also see Jan's PR here: https://github.com/OWASP/owasp-mastg/pull/2594/files
If you have any questions please let me know! Thanks so much!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Thank you for submitting a Pull Request to the OWASP MASTG. Please make sure that:
This PR closes #2543.