diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..8f35efd --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,7 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + time: '00:45' diff --git a/.github/workflows/validate-owasp-metadata.yaml b/.github/workflows/validate-owasp-metadata.yaml new file mode 100644 index 0000000..3c148ca --- /dev/null +++ b/.github/workflows/validate-owasp-metadata.yaml @@ -0,0 +1,27 @@ +name: Validate OWASP entity metadata + +on: + pull_request: + paths: + - '*.owasp.yaml' + push: + paths: + - '*.owasp.yaml' + +permissions: + contents: read + +concurrency: + cancel-in-progress: true + group: ${{ github.repository }}-${{ github.workflow }}-${{ github.ref }} + +jobs: + validate-metadata: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v5 + + - name: Validate metadata file + uses: owasp/nest-schema/.github/actions/validate@a733198b4a942eb12d3ee8629cd9e0d409b1b2b9 diff --git a/project.owasp.yaml b/project.owasp.yaml new file mode 100644 index 0000000..5c31d31 --- /dev/null +++ b/project.owasp.yaml @@ -0,0 +1,35 @@ +audience: + - breaker + - builder +leaders: + - name: Anil Yelken +level: 2 +name: OWASP Vulnerable Flask App +pitch: A very brief, one-line description of your project +repositories: + - name: www-project-vulnerable-flask-app + url: https://github.com/OWASP/www-project-vulnerable-flask-app + description: OWASP Foundation Web Repository +tags: + - vulnerable + - vulnerable-flask-app + - vulnerable-web-app + - vulnerable-flask + - vulnerable-web + - rest + - vulnerable-rest-api + - sqli + - xss + - ssti + - deserialization + - dos + - file-upload + - cyber-security + - owasp-top-10 + - owasp + - html-injection + - information-disclosure + - command-injection + - Broken-Authentication +type: documentation +website: https://owasp.org/www-project-vulnerable-flask-app