Category:OWASP ModSecurity Core Rule Set Project - ModSecurity 2.0.4 - Notes

Hello Ryan:

Please replace all this text by filling in as you find best. Please see below the guidance produced by the OWASP Global Committee. Thanks, Paulo Coimbra.

* "Release Notes – this is to provide both reviewers and users an idea ‘what they are getting’ in the new release. It could double as (or be sourced from) the change log. Particularly for reviewers, this helps them focus their efforts on the new parts of the project. That should help project leads get eyeballs and feedback on their new code. Especially for large projects that have made previous releases, this is very useful. Think about the difference in effort between reviewing the Testing Guide as a whole vs looking at the 2 new chapters and 20 minor additions.

How big to either of these have to be? As big as the project lead feels they need to be to meet the purpose of them. Maybe 10 bullets, maybe 10 pages – its really the project leads choice. Also, project leads are in the best position to know how much effort this should take."