Skip to content

Commit 0530202

Browse files
PauloASilvaPauloASilva
committed
chore: repository bootstrap
1 parent d62849d commit 0530202

File tree

3 files changed

+116
-1
lines changed

3 files changed

+116
-1
lines changed

.editorconfig

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
# top-most EditorConfig file
2+
root = true
3+
4+
# Unix-style newlines with a newline ending every file
5+
[*]
6+
end_of_line = lf
7+
insert_final_newline = true
8+
charset = utf-8
9+
indent_style = space
10+
indent_size = 4
11+
trim_trailing_whitespace = true
12+
max_line_length = 80
13+

CONTRIBUTING.md

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
How to Contribute
2+
=================
3+
4+
When contributing to this repository, please first discuss the change you wish
5+
to make via issue with the owners of this repository before making a change.
6+
Fixing typos or rephrasing for better understanding DO NOT require discussion.
7+
8+
## Branching Model
9+
10+
This repository holds two main branches with an infinite lifetime:
11+
* `master` is the default branch which always reflects the latest release.
12+
* `develop` is the main branch reflecting the latest delivered changes for the
13+
next release. When the `develop` branch reaches a stable point and is ready to
14+
be released, then all changes should be merged back into `master`.
15+
16+
A variety of supporting branches are used to aid parallel development. These
17+
branches have a limited life time, since they will be removed eventually.
18+
19+
## Contributing
20+
21+
Contributions to this repository are welcome. For ease of managing, please
22+
follow the steps below:
23+
24+
1. Fork this repository to your account
25+
2. Clone your copy of this repository, locally
26+
```
27+
git clone [email protected]:YOU/API-Security-Top-10.git
28+
```
29+
3. Create a new branch based on `develop` (e.g. `fix/foreword-section`)
30+
```
31+
git checkout develop && git checkout -b fix/foreword-section
32+
```
33+
4. Apply your changes.
34+
35+
Please always follow our style conventions.
36+
37+
Although there's an [`.editorconfig` file][1] on repository's root, your
38+
editor may not support it. To know more about [EditorConfig][2] and text
39+
editors/IDEs support check the website: https://editorconfig.org/
40+
5. Commit your changes
41+
1. Check modified files and add only required ones (e.g. build artifacts
42+
SHOULD NOT be tracked)
43+
2. Commit message first line should provide a brief description of your
44+
changes. You can go into details on the optional commit message body.
45+
6. Push changes to your public repository
46+
```
47+
git push origin fix/foreword-section
48+
```
49+
7. Open a Pull Request from your `fix/foreword-section` to the upstream
50+
repository `develop` branch.
51+
52+
[1]: .editorconfig
53+
[2]: https://editorconfig.org/

README.md

Lines changed: 50 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,50 @@
1-
# API-Security-Top-10
1+
OWASP API Security Top 10
2+
=========================
3+
4+
This project is designed to address the ever-increasing number of organizations
5+
that are deploying potentially sensitive APIs as part of their software
6+
offerings. These APIs are used for internal tasks and to interface with third
7+
parties. Unfortunately, many APIs do not undergo the rigorous security testing
8+
that would render them secure from attack.
9+
10+
The OWASP API Security Project seeks to provide value to software developers and
11+
security assessors by underscoring the potential risks in insecure APIs and
12+
illustrating how these risks may be mitigated. In order to facilitate this goal,
13+
the OWASP API Security Project will create and maintain a Top 10 API Security
14+
Risks document, as well as a documentation portal for best practices when
15+
creating or assessing APIs.
16+
17+
## Description
18+
19+
While working as developers or information security consultants, many people
20+
have encountered APIs as part of a project. While there are some resources to
21+
help create and evaluate these projects (such as the OWASP REST Security Cheat
22+
Sheet), there has not be a comprehensive security project designed to assist
23+
builders, breakers, and defenders in the community.
24+
25+
This project aims to create:
26+
27+
* The OWASP Top Ten API Security Risks document, which can easily underscore the
28+
most common risks in the area.
29+
* Create a documentation portal for developers to build APIs in a secure manner.
30+
* Work with the security community to maintain living documents that evolve with
31+
security trends.
32+
33+
## Project Leaders
34+
35+
* [Erez Yalon][0]
36+
* Inon Shkedy
37+
38+
## Licensing
39+
40+
**The OWASP API Security Project documents are free to use!**
41+
42+
The OWASP API Security Project is licensed under the [Creative Commons
43+
Attribution-ShareAlike 3.0 license][1], so you can copy, distribute and transmit
44+
the work, and you can adapt it, and use it commercially, but all provided that
45+
you attribute the work and if you alter, transform, or build upon this work, you
46+
may distribute the resulting work only under the same or similar license to this
47+
one.
48+
49+
[0]: https://www.owasp.org/index.php/User:ErezYalon
50+
[1]: http://creativecommons.org/licenses/by-sa/3.0/

0 commit comments

Comments
 (0)