Skip to content

Latest commit

 

History

History
72 lines (46 loc) · 4.29 KB

changes.md

File metadata and controls

72 lines (46 loc) · 4.29 KB
Raw

Change Log

All notable changes to the OWASP Top 10 for LLM Applications project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[1.0.1] - 2023-08-26

v1.1 Instructions for the Expert Group reference

Fixed

  • Spelling, grammer, formatting clean ups via an agreed IDE code linter for Vulnerability Entry Leads to prevent future errors and standard conformity throughout the repo.
  • Enhancements, updates and recommendations to each vulnerability entry via community-raised GitHub issues within the repo which were then triaged to the corresponding vulnerability entry lead for triage and resolution through Pull Requests to the repo v1.1 directory.

Added

  • Architected a CODEOWNERS file and branch protection rules in aid to audit and control CI/CD workflow and updates of the repo against the default branch.
  • Redesign of the repo style and layout guidelines for vulnerability entries
  • Inclusion of artifacts (visual diagrams) which maps the Top 10 entries against a typical LLM application and client/server interaction
  • Translations in Chinese, Hindi and Portugese (01-03-2024)

Other Additions

  • We added an automated meeting for our biweekly schedule here:
    • 👉 Download the official .ical here to import into your calendar application.
  • We also introduced an OWASP Top 10 for Large Language Model Applications Newsletter for signup of notifications about the project.
    • 👀 The November 2023 newsletter will include a call for opportunity to participate in an open-source project with Ads to create a DV-LLMA (Damn Vulnerable LLM Application) to test and hone your skills as well as a fun learning and development experience for LLM application vulnerabilities.
  • The OWASP LLM Top 10 continues to translate the list into different languages! This is done by multilingual members (humans)
    • If you're fluent in another language and willing to help, email us at: [email protected]

[1.0] - 2023-08-01

Added

  • Initial official release of the OWASP Top 10 for LLM Applications based on two months of working group efforts.
  • Engagement from over 485 experts and contributions from over 130 experts in the field of AI and application security.

[0.9] - 2023-07-18

Added

  • Second draft of the OWASP Top 10 for LLM Applications based on working group input.

[0.5] - 2023-07-01

Added

  • Initial draft of the OWASP Top 10 for LLM Applications based on working group input.

[0.1] - 2023-05-23

Added

  • Version 0.1 "straw man" list published
  • Project inception and approval by the OWASP board.
  • Project homepage created on the OWASP website.
  • GitHub repository for direct participation and contributions.
  • OWASP Slack Workspace channel for discussions.

Legend

  • Added: for new features.
  • Changed: for changes in existing functionality.
  • Deprecated: for soon-to-be removed features.
  • Removed: for now removed features.
  • Fixed: for any bug fixes.
  • Security: in case of vulnerabilities.