release candidate version 4.1.5-RC1

Author: jgadsden

.github/workflows/release.yaml

@@ -120,7 +120,7 @@ jobs:
     name: Create pull request
     runs-on: ubuntu-24.04
     needs: create_artifacts
-    if: contains( ${{ github.ref_name }}, 'RC' ) == 'false'
+    if: ${{ !contains( github.ref_name, 'RC' ) }}
 
     steps:
       - name: Checkout markdown
@@ -209,6 +209,11 @@ jobs:
           find release -name "*.md" -exec sed -i ':a; /^\n*$/{ s/\n//; N;  ba};' {} +
           find release -name "*.md" -exec sed -i '${/^$/d;}' {} +
 
+      - name: Fix up ToC sidebar
+        run: |
+          cp  _data/draft.yaml _data/release.yaml
+          sed -i "s/^docs_list_title.*/docs_list_title: Developer Guide/" _data/release.yaml
+
       - name: Retrieve pdfs and epubs
         uses: actions/[email protected]
         with:

assets/exports/OWASP_Developer_Guide.epub

@@ -5,8 +5,8 @@ layout: col-document
 tags: OWASP Developer Guide
 contributors: Johan Sydseter, Jon Gadsden
 document: OWASP Developer Guide
-order: 8210
-permalink: /release/verification/tools/dast/
+order: 821
+permalink: /draft/verification/tools/dast/
 
 ---
 

assets/exports/OWASP_Developer_Guide.pdf

@@ -18,4 +18,4 @@ permalink:
 
 #### A Guide to Building Secure Web Applications and Web Services
 
-### Release version 4.1.4
+### Release version 4.1.5-RC1

draft/08-verification/02-tools/01-dast.md

@@ -73,7 +73,7 @@ permalink:
 6.1.2 [MAS Testing Guide](#mas-testing-guide)  
 6.1.3 [Application Security Verification Standard](#application-security-verification-standard)  
 6.2 [Tools](#verification-tools)  
-6.2.1 [Zed Attack Proxy](#zed-attack-proxy)  
+6.2.1 [DAST tools](#dast-tools)  
 6.2.2 [Amass](#amass)  
 6.2.3 [Offensive Web Testing Framework](#offensive-web-testing-framework)  
 6.2.4 [Nettacker](#nettacker)  

release/01-front.md

@@ -165,7 +165,6 @@ There are many OWASP tools and resources to help build security into the SDLC.
 * [Nettacker][net]
 * [Offensive Web Testing Framework][owtf] (OWTF)
 * [Web Security Testing Guide][wstg] (WSTG)
-* [Zed Attack Proxy][zap] (ZAP)
 
 #### OWASP training projects
 
@@ -237,4 +236,3 @@ then [submit an issue][issue0402] or [edit on GitHub][edit0402].
 [intstand]: https://owasp.org/www-project-integration-standards/
 [webgoat]: https://owasp.org/www-project-webgoat/
 [wstg]: https://owasp.org/www-project-web-security-testing-guide/
-[zap]: https://www.zaproxy.org/

release/02-toc.md

@@ -48,7 +48,7 @@ This provides an overview of tools and techniques used for most SDLCs.
 * OWASP [Proactive Controls][proactiveocre]
 * OWASP [Cheat Sheets][csocre]
 * OWASP [WSTG][wstgocre]
-* [ZAP][zapocre] from [Crash Override][crash]
+* [ZAP][zapocre]
 
 The aim of this project is to 'Link all the things with OpenCRE' which will:
 
@@ -105,7 +105,6 @@ then [submit an issue][issue0503] or [edit on GitHub][edit0503].
 
 [asvs]: https://owasp.org/www-project-application-security-verification-standard/
 [capecocre]: https://opencre.org/search/CAPEC
-[crash]: https://crashoverride.com/
 [csocre]: https://opencre.org/search/OWASP%20Cheat%20Sheets
 [cweocre]: https://opencre.org/search/CWE
 [cwe]: https://cwe.mitre.org/

release/04-foundations/02-secure-development.md

@@ -44,7 +44,7 @@ Sections:
 6.1.2 [MAS Testing Guide](#mas-testing-guide)  
 6.1.3 [Application Security Verification Standard](#application-security-verification-standard)  
 6.2 [Tools](#verification-tools)  
-6.2.1 [Zed Attack Proxy](#zed-attack-proxy)  
+6.2.1 [DAST tools](#dast-tools)  
 6.2.2 [Amass](#amass)  
 6.2.3 [Offensive Web Testing Framework](#offensive-web-testing-framework)  
 6.2.4 [Nettacker](#nettacker)  

release/05-requirements/03-opencre.md

@@ -27,7 +27,7 @@ whereas manual security testing of high-risk components requires good knowledge
 
 Sections:
 
-6.2.1 [Zed Attack Proxy](#zed-attack-proxy)  
+6.2.1 [DAST tools](#dast-tools)  
 6.2.2 [Amass](#amass)  
 6.2.3 [Offensive Web Testing Framework](#offensive-web-testing-framework)  
 6.2.4 [Nettacker](#nettacker)