workflow tings

Contrast-Security-OSS · Dec 17, 2024 · 2a97c35 · 2a97c35
1 parent 37554e0
commit 2a97c35
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/docs/actions/security-control.md b/docs/actions/security-control.md
@@ -6,9 +6,9 @@ Used when span name is `security-control`.
 | Attribute                 | Type | Description                                                  | Examples                              | Requirement Level |
 |---------------------------|---|--------------------------------------------------------------|---------------------------------------|-------------------|
 | `security.control.method` | string | The method of the custom security control.                   | `com.Acme.OldSecurity.DoLegacySecurity` | Required          |
-| `security.control.name`   | string | The name of the custom security control.                     | "My Custom Security Control"           | Optional          |
+| `security.control.name`   | string | The name of the custom security control.                     | "My Custom Security Control"           | Recommended       |
 | `security.control.rules`  | string | The rules applicable to the custom security control.         | `reflected-xss`; `path-traversal` | Recommended       |
-| `security.control.type`   | string | The custom security control type.                            | `sanitizer`; `validator`              | Optional          |
+| `security.control.type`   | string | The custom security control type.                            | `sanitizer`; `validator`              | Recommended       |
 
 `security.control.type` MUST be one of the following:
 

diff --git a/model/trace/contrast-actions.yml b/model/trace/contrast-actions.yml
@@ -213,7 +213,7 @@ groups:
       - id: name
         brief: >
           The name of the custom security control.
-        requirement_level: optional
+        requirement_level: recommended
         examples: [ "My Custom Security Control" ]
         type: string
       - id: rules
@@ -225,7 +225,7 @@ groups:
       - id: type
         brief: >
           The custom security control type.
-        requirement_level: optional
+        requirement_level: recommended
         examples: [ sanitizer; input-validator ]
         type:
           allow_custom_values: false