Skip to content

Commit 595b1ad

Browse files
committed
docs: Drop self-referencing SHA from ASVS audit-log bootstrap
1 parent 21bd378 commit 595b1ad

2 files changed

Lines changed: 4 additions & 24 deletions

File tree

docs/security/owasp-asvs.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,4 +51,4 @@ publicly-trusted issuance.
5151

5252
## Audit log
5353

54-
- **2026-05-21** — Initial ASVS 5.0 Level 2 mapping for V12 controls (commit `912d410dd0cac911f4ae794d7497c17fac076bab`). All listed controls accepted as Implemented / Delegated / N/A / Future as tabulated above.
54+
- **2026-05-21** — Initial ASVS 5.0 Level 2 mapping for V12 controls. All listed controls accepted as Implemented / Delegated / N/A / Future as tabulated above.

docs/superpowers/plans/2026-05-21-owasp-asvs.md

Lines changed: 3 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -137,7 +137,7 @@ mkdir -p docs/security
137137

138138
- [x] **Step 2: Write the checklist file**
139139

140-
Write `docs/security/owasp-asvs.md` with this exact content. Replace `<TASK-2-COMMIT-SHA>` in the audit-log line with the SHA of the commit you'll make in Step 4 — that means: commit once, copy the SHA, edit the file, amend the commit (allowed for this single bootstrapping case since the audit log must reference itself).
140+
Write `docs/security/owasp-asvs.md` with this exact content. The audit-log line is dated 2026-05-21 with a description — no commit SHA, because a commit can't reference its own SHA (amending to insert the SHA would change the SHA again).
141141

142142
````markdown
143143
# OWASP ASVS 5.0 Level 2 — self-assessment
@@ -193,36 +193,16 @@ publicly-trusted issuance.
193193

194194
## Audit log
195195

196-
- **2026-05-21** — Initial ASVS 5.0 Level 2 mapping for V12 controls (commit `<TASK-2-COMMIT-SHA>`). All listed controls accepted as Implemented / Delegated / N/A / Future as tabulated above.
196+
- **2026-05-21** — Initial ASVS 5.0 Level 2 mapping for V12 controls. All listed controls accepted as Implemented / Delegated / N/A / Future as tabulated above.
197197
````
198198

199-
- [x] **Step 3: Commit (placeholder SHA)**
199+
- [x] **Step 3: Commit**
200200

201201
```bash
202202
git add docs/security/owasp-asvs.md
203203
SKIP=commitlint git commit -m "chore: Add OWASP ASVS 5.0 L2 self-assessment for V12"
204204
```
205205

206-
- [x] **Step 4: Capture the SHA, edit, amend**
207-
208-
```bash
209-
SHA=$(git rev-parse HEAD)
210-
sed -i.bak "s/<TASK-2-COMMIT-SHA>/${SHA}/" docs/security/owasp-asvs.md
211-
rm docs/security/owasp-asvs.md.bak
212-
git add docs/security/owasp-asvs.md
213-
SKIP=commitlint git commit --amend --no-edit
214-
```
215-
216-
The amend rewrites the just-created commit so its referenced SHA matches the commit itself. Verify:
217-
218-
```bash
219-
grep "$(git rev-parse HEAD)" docs/security/owasp-asvs.md
220-
```
221-
222-
Expected: one match in the audit-log line.
223-
224-
(BSD `sed` on macOS needs the `-i.bak` form; the `rm` cleans up the backup file `sed` writes alongside.)
225-
226206
---
227207

228208
## Task 3: Add the CI gate script

0 commit comments

Comments
 (0)