Latest pre-release

Commits

• 6594abd: Remove old license text (Johan Sydseter)
• da90a68: Ignore output folder (Johan Sydseter)
• 1a27257: Adding logo (Johan Sydseter)
• 585835a: update leaflet with new logo. (Johan Sydseter)
• c27e4a3: Embed logo. (Johan Sydseter)
• f63b1f0: Add font. (Johan Sydseter)
• 96268ef: Fixup attribution on the case (Johan Sydseter)
• 7e0df84: update logos and logos on leaflets. (Johan Sydseter)
• 8c01a56: Bump lxml from 5.2.1 to 5.2.2 (dependabot[bot])
• 5e1f33b: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• a90e3a9: Bump freezegun from 1.5.0 to 1.5.1 (dependabot[bot])
• 096e22c: Update logo on case. Fix minor issue with gradient and ensure all graphics are vector based. (Johan Sydseter)
• 285c088: Updated the design of the case. (Johan Sydseter)
• 1058608: Bump virtualenv from 20.26.1 to 20.26.2 (dependabot[bot])
• 1269359: Bump freezegun from 1.5.0 to 1.5.1 (dependabot[bot])
• 7d18e6f: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 81c915c: Minor fixes on the paths of the logos. Minor fixes for the case. (Johan Sydseter)
• 8defb5f: Add font listing for the leaflet (Johan Sydseter)
• 1f43de3: Update logo (Johan Sydseter)
• b84e810: Add cross-references note in the readme about mobile references. (Johan Sydseter)
• 4ae9a9c: Bump platformdirs from 4.2.1 to 4.2.2 (dependabot[bot])
• 930d652: Bump hypothesis from 6.100.5 to 6.102.4 (dependabot[bot])
• aeeb6fe: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 88cd968: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 46e4d9b: Update name of Mobile App Edition. (Johan Sydseter)
• 54d36bd: Corrected JokerB to Bob and updated the achnowledgements to exclude Alice for the JokerA. (Grant Ongers)
• a4c45d4: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• ceeee6a: Bump actions/checkout from 4.1.5 to 4.1.6 (dependabot[bot])
• 6c8a5cc: IDs to webapp mappings. (Grant Ongers)
• 7ab378f: IDs to mibileapp mappings. (Grant Ongers)
• 5960860: Bump pytest from 8.2.0 to 8.2.1 (dependabot[bot])
• 6dfa3f4: Bump github/codeql-action from 2.3.6 to 3.25.5 (dependabot[bot])
• 37283e9: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• dd74d23: Prepare for 2.0 release and mobile app release and shorten the build time. (Johan Sydseter)
• 51a0873: Change copi's domain name. (Johan Sydseter)
• f875d58: --- (dependabot[bot])
• 17c2405: --- (dependabot[bot])
• b9006e8: --- (dependabot[bot])
• 178a645: --- (dependabot[bot])
• 718207e: --- (dependabot[bot])
• 4b4020d: update logos. Fix alignment issues. (Johan Sydseter)
• 733feca: Adjust top text (Johan Sydseter)
• 20768bf: --- (dependabot[bot])
• e5f1469: --- (dependabot[bot])
• 23ee7d8: --- (dependabot[bot])
• 96178a1: --- (dependabot[bot])
• ac1eb25: --- (dependabot[bot])
• be5a25d: --- (dependabot[bot])
• 6ac33bd: Replace unsafe pyyaml loader with SafeLoader (pixeebot[bot])
• 40db001: Bump hypothesis from 6.102.4 to 6.102.5 (dependabot[bot])
• 7f64b30: Bump types-requests from 2.32.0.20240521 to 2.32.0.20240523 (dependabot[bot])
• 42c47f4: Bump python from ef09762 to 5365725 (dependabot[bot])
• 01dbc6a: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 283a865: Use defusedxml for Parsing XML (pixeebot[bot])
• a0790fc: Added defusedxml + typing to pipfile (Grant Ongers)
• 0b001a6: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 499f7c2: Bump hypothesis from 6.102.5 to 6.102.6 (dependabot[bot])
• c2c4e41: Add credits to secure delivery (Johan Sydseter)
• a6f6f29: Add credits to secure delivery (Johan Sydseter)
• 483393f: Correct artboard for mobile logo (Johan Sydseter)
• 759e006: Fix logo (Johan Sydseter)
• 81e2cef: Embed (Johan Sydseter)
• 4c1e9f9: Stop defusedxml from breaking the fuzzer. (Johan Sydseter)
• 0b17236: Bump types-requests from 2.32.0.20240521 to 2.32.0.20240523 (dependabot[bot])
• 9a90c52: Bump mvdan/shfmt from 683587f to 4701751 (dependabot[bot])
• 462031e: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 8ea54e1: Bump coverage from 7.5.1 to 7.5.2 (dependabot[bot])
• 86ba7d5: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 7047c48: Adding 3mm slug and blead and a new template for printing 80mm x 120mm (Johan Sydseter)
• d853784: Adjusted the bottom flap. (Johan Sydseter)
• ce55002: Bump coverage from 7.5.1 to 7.5.3 (dependabot[bot])
• 1b7b6df: Bump hypothesis from 6.102.6 to 6.103.0 (dependabot[bot])
• 9a5b1f6: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• ff03052: Dash out where folded, solid where cut. (Johan Sydseter)
• 08bd09a: Adding leaflet for the 80mm x 120mm version (Johan Sydseter)
• 6b3f089: Fix misalignment. (Johan Sydseter)
• 5b402c1: Increased the font size for the mobile and 80x120mm versions to make the description readable. (Johan Sydseter)
• 4afd3b1: Bump coverage from 7.5.1 to 7.5.3 (dependabot[bot])
• 9bbe320: Bump requests from 2.32.2 to 2.32.3 (dependabot[bot])
• 1828548: Adapt the decks to the decks to 2.25 x 3.5 (bridge) (0.300mm paper) and 2.75 x 4.75 (tarrot) (0.350mm paper) (Johan Sydseter)
• 05c3b3c: Add timeout to requests calls (pixeebot[bot])
• d7a0368: Sandbox URL Creation (pixeebot[bot])
• 8624c54: Adjustments to the small box, to make sure all sides are equal. New tuck-in box case (Johan Sydseter)
• 69e361c: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 4fca4f6: resolve conflict (Johan Sydseter)
• 41a1e57: Resolve conflict (Johan Sydseter)
• a7e8187: Resolve conflict (Johan Sydseter)
• 11ad2fb: resolve conflict with master (Johan Sydseter)
• f772cea: Adapt the build job to fit the new options. (Johan Sydseter)
• 8848396: Remove the template option from the help file. (Johan Sydseter)
• ce1b8c9: Convert Eager Logging to Lazy Logging (pixeebot[bot])
• 17fd8b6: Remove Unnecessary F-strings (pixeebot[bot])
• 11731bf: Correct comma (Johan Sydseter)
• 19baa79: Remove output folder from the index (Johan Sydseter)
• 714fe73: Resolve conflict (Johan Sydseter)
• 52feb9d: Adding more validation for the input and meta parameters. Add more tests (Johan Sydseter)
• b0ed3ba: Add import (Johan Sydseter)
• f4b9e92: remove unused imports and ignores. (Johan Sydseter)
• 6062487: Correct template parameter (Johan Sydseter)
• 5745e25: sort file list. (Johan Sydseter)
• 2d6beda: Resolve conflicts. (Johan Sydseter)
• fbac5d5: Resolve conflict (Johan Sydseter)
• 1a36927: Resolve conflict (Johan Sydseter)
• ba757cd: Ensure 80x120mm is test built (Johan Sydseter)
• e87c806: Reconfigure pipeline after the release of 80x120mm disapeared after merge. (Johan Sydseter)
• 9954c51: Resolve conflicts (Johan Sydseter)
• 1841abd: Fix formating (Johan Sydseter)
• c9ae8d6: Change template name to tarot and bridge and add print instructions (Johan Sydseter)
• fe2c773: Renamed template (Johan Sydseter)
• ae92924: Fixed coding style (Johan Sydseter)
• 78029fc: Fix coding style (Johan Sydseter)
• 48b0120: Ensure language is the last parameter to ensure correct sorting. (Johan Sydseter)
• a6af9ca: Correct name of template. (Johan Sydseter)
• 8ce6a12: correct the pull-request test upload (Johan Sydseter)
• c07efbd: Adding fuzzer for fuzzing input. (Johan Sydseter)
• 94617a4: correct coding style (Johan Sydseter)
• b2192a0: Add each language file group into it's own archive and upload them. this to avoid having the list of files grow for each new template. (Johan Sydseter)
• ff3d550: Adding changelog entries. (Johan Sydseter)
• d8d1d21: Add white logo. (Johan Sydseter)
• 06b340c: update logo (Johan Sydseter)
• 7dad19d: Bump requests from 2.32.2 to 2.32.3 (dependabot[bot])
• 75b7678: Cleaned up minor niggles. (Grant Ongers)
• 7efdb73: Bump certifi from 2024.2.2 to 2024.6.2 (dependabot[bot])
• 5a0e2fa: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 02bf460: Bump github/codeql-action from 3.25.6 to 3.25.7 (dependabot[bot])
• a926249: Bump types-requests from 2.32.0.20240523 to 2.32.0.20240602 (dependabot[bot])
• bc6ea31: Adding tarot as a template for the leaflet. (Johan Sydseter)
• 9445b03: Remove Unnecessary F-strings (pixeebot[bot])
• 0f82fe9: In copi the suits need to match to be injectable, change to all caps in order to make it so. (Johan Sydseter)
• 454224b: Make sure the leaflet with the tarot template is build (Johan Sydseter)
• f4c54d2: Fix the font issue for the cases. (Johan Sydseter)
• 9dfeed6: Bump types-requests from 2.32.0.20240523 to 2.32.0.20240602 (dependabot[bot])
• 6263064: Bump pathvalidate from 3.1.0 to 3.2.0 (dependabot[bot])
• c0ee630: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• 461db28: Bump github/codeql-action from 3.25.7 to 3.25.8 (dependabot[bot])
• 698b4be: Bump oss-fuzz-base/base-builder-python in /.clusterfuzzlite (dependabot[bot])
• c14e963: Bump python from 5365725 to 42e1e49 (dependabot[bot])
• c224d9f: Bump pathvalidate from 3.1.0 to 3.2.0 (dependabot[bot])
• 7b12427: Bump pytest from 8.2.1 to 8.2.2 (dependabot[bot])
• 0a71dcb: Convert text to printable outlines (Johan Sydseter)
• 238d94e: Fix the box layout for the tarot deck (Johan Sydseter)
• b249c87: Bump python from 42e1e49 to 32385e6 (dependabot[bot])
• 62040c9: Bump actions/dependency-review-action from 4.3.2 to 4.3.3 (dependabot[bot])
• a5a66f5: Bump hypothesis from 6.103.0 to 6.103.1 (dependabot[bot])
• 0073194: Bump pytest from 8.2.1 to 8.2.2 (dependabot[bot])
• c829819: Hungarian translation - DV (norbert-gaspar)
• 4988e88: Adopt hungarian. (Johan Sydseter)
• c43ea45: Bump pipenv from 2023.12.1 to 2024.0.0 (dependabot[bot])
• 8b8b54f: update case (Johan Sydseter)
• 555b573: Merge branch 'master' of https://github.com/OWASP/cornucopia (Johan Sydseter)
• 1b501d3: update webapp case. (Johan Sydseter)
• 7d661d8: update names on cards (Johan Sydseter)
• d249706: de...

v2.0.0

Description

This release includes the Cornucopia Mobile App edition 1.0 with mapping to MASVS 2.0 and MASTG 1.7. The Ecommerce edition has been renamed Cornucopia Website App Edition 2.0 and the ASVS mapping for this edition has been updated from ASVS 3.0 to 4.0.
The card decks and leaflets now have two templates: bridge and tarot. For more information regarding the dimensions and printing possibilities see: https://github.com/OWASP/cornucopia?tab=readme-ov-file#printing
Finally the filetype and style option has been removed from the converter. Instead layout and template has been included as options. For more information regarding the converter options please read: https://github.com/OWASP/cornucopia?tab=readme-ov-file#building-the-deck.
The new Tarot version of the Website App and Mobile App editions has been printed in time for the OWASP Global AppSec 2024 in Lisbon and the final proofs that were used for printing these decks can be found in this release with "global_appsec_lisbon" included in their name.

Finally we want to thank all contributors, supporters and backers especially OWASPs hardworking employees.

Changelog

• Adding fuzzing
• Adding layouts
• Adding the tarot template
• Renaming static to bridge template
• Adding the mobile app edition.
• Remove styles as an option, use templates and layouts instead.
• Remove filetypes and introduce templates instead.
• Removing old versions prior to 1.22
• Update the ASVS mapping version to ASVS 4.0.3.

What's Changed

• Adding logo by @sydseter in #504
• Add font. by @sydseter in #506
• Update leaflet with new logo by @sydseter in #505
• Fixup attribution on the case by @sydseter in #507
• Pin version. by @sydseter in #494
• update logos and logos on leaflets. by @sydseter in #508
• Update logo on case. Fix minor issue with gradient and ensure all gra… by @sydseter in #513
• Minor fixes on the paths of the logos. Minor fixes for the case. by @sydseter in #519
• Add font listing for the leaflet by @sydseter in #520
• Add cross-references note in the readme about mobile references. by @sydseter in #521
• Update name of Mobile App Edition. by @sydseter in #526
• Adding IDs to the Mappings files by @rewtd in #531
• Corrected JokerB to Bob and updated the acknowledgements to exclude A… by @rewtd in #527
• Prepare for 2.0 release and mobile app release and shorten the build time. by @sydseter in #528
• update logos. Fix alignment issues. by @sydseter in #541
• Replace unsafe pyyaml loader with SafeLoader by @pixeebot in #548
• Use defusedxml for Parsing XML by @pixeebot in #554
• Add credits to secure delivery for copi by @sydseter in #558
• Add 3mm blead and slug to each template and add temp 80mm x 120 mm template by @sydseter in #565
• Adjusted the bottom flap. by @sydseter in #568
• Dash out where folded, solid where cut. by @sydseter in #572
• Adding leaflet for the 80mm x 120mm version by @sydseter in #573
• Increased the font size for the mobile and 80x120mm versions to make the description readable. by @sydseter in #575
• Adapt the decks to the decks to 2.25 x 3.5 (bridge) (0.300mm paper) and 2.75 x 4.75 (tarrot) (0.350mm paper) by @sydseter in #579
• Add timeout to requests calls by @pixeebot in #580
• Sandbox URL Creation by @pixeebot in #581
• Adjustments to the small box, to make sure all sides are equal. New tuck-in box case by @sydseter in #582
• Cornucopia 2.0 by @sydseter in #560
• Hardening suggestions for cornucopia / release-fix by @pixeebot in #590
• Adding tarot as a template for the leaflet. by @sydseter in #589

Full Changelog: v1.22...v2.0.0

v1.22.0

This release adds the ability to build multiple editions, leaflets, guids and languages. The docx guides have been updated to reflect the latest status of OWASP and the OWASP Cornucopia project. Together with numerous language corrections and additions, the v1.22 deck is now built in 6 languages (English, Spanish, French, Dutch, Portuguese, Norwegian). In addition, the project has also got a robust build and release pipeline