Merge branch 'master' into update-github-actions

Document/11-MASVS-RESILIENCE.md

@@ -9,4 +9,4 @@ Defense-in-depth measures such as code obfuscation, anti-debugging, anti-tamperi
 
 The controls in this category aim to ensure that the app is running on a trusted platform, prevent tampering at runtime and ensure the integrity of the app's intended functionality. Additionally, the controls impede comprehension by making it difficult to figure out how the app works using static analysis and prevent dynamic analysis and instrumentation that could allow an attacker to modify the code at runtime.
 
-However, note that the lack of any of these measures does not necessarily cause vulnerabilities - instead, they add threat-specific additional protection to apps which must also fulfil the rest of the OWASP MASVS security controls according to their specific threat models.
+Note, however, that **the absence of any of these measures does not necessarily cause vulnerabilities** - instead, they provide additional threat-specific protection. **All apps must also fulfill the rest of the OWASP MASVS** security controls according to their specific threat models.

README.md

@@ -9,12 +9,6 @@
 [![Markdown Linter](https://github.com/OWASP/owasp-masvs/workflows/Markdown%20Linter/badge.svg)](https://github.com/OWASP/owasp-masvs/actions/workflows/markdown-linter.yml)
 [![URL Checker](https://github.com/OWASP/owasp-masvs/workflows/URL%20Checker/badge.svg)](https://github.com/OWASP/owasp-masvs/actions/workflows/url-checker.yml)
 
-**NEW❗ The MASVS 2.0.0 is already available as a spreadsheet. We're currently working on updating this page and the related documents. Learn more about the refactoring process [here](https://github.com/OWASP/owasp-masvs/discussions/categories/big-masvs-refactoring).**
-
-**[Access the MASVS v2.0.0](https://docs.google.com/spreadsheets/d/1MZIvJ5Aze-zpyzLvQZVwyzF0bKWRPfnEd7nqFeH2PfA/edit?usp=sharing)**
-
-<br>
-
 This is the official Github Repository of the OWASP Mobile Application Security Verification Standard (MASVS). The MASVS establishes baseline security requirements for mobile apps that are useful in many scenarios. You can use it:
 
 - As a metric - To provide a security standard against which existing mobile apps can be compared by developers and application owners.

tools/docker/pandoc_makedocs.sh

@@ -9,7 +9,7 @@ MASTG_VERSION=${3:-SNAPSHOT}
 
 # You can also use the environment variables below to adapt the build process
 IMG=${IMG:-dalibo/pandocker}
-TAG=${TAG:-stable} # /!\ use stable-full for non-european languages
+TAG=${TAG:-23.03} # /!\ use stable-full for non-european languages
 LATEX_TEMPLATE=${LATEX_TEMPLATE:-eisvogel}
 TITLE=${TITLE:-OWASP Mobile Application Security Verification Standard ${MASVS_VERSION}}
 

tools/populate_masvs_categories_md.py

@@ -30,15 +30,14 @@ def yaml_to_md(input_dir, input_file, for_website):
 
                 if group_id_in_file == group_id:
                     with open(os.path.join(input_dir, file), "a") as f:
-                        if for_website == False:
-                            f.write('\n## Controls\n\n')
-                        else:
+                        f.write('\n## Controls\n\n')
+                        if for_website == True:
                             f.write('\n<style> table { width: 100%; } </style>\n\n')
                         f.write('| ID | Control |\n')
                         f.write('|----|-----------|\n')
                         for control in controls:
                             if for_website == True:
-                                control_id = f'[{control["id"]}](/MASVS/Controls/{control["id"]})'
+                                control_id = f'[{control["id"]}](/MASVS/controls/{control["id"]})'
                             else:
                                 control_id = control["id"]