These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'Jamie N Commons - The Preacher Official Video'.

I know, I know... the latest releases of humble seem to have focused too much on docstrings and unit tests: concepts that may seem boring. And I don't blame you :). But thanks to them, this tool has become a little more accurate, honest, and wise: every commit, seriously, was necessary for the maturity of this tool.

I hope, in the short term! ^_^ ... to reach a point where I am happy with these issues and can find the time to add more controls over HTTP response headers and their values!.

Thank you, as always, for reading these lines and for trying out my humble tool.

Fixes

61b1ded - Unit test results format
4b159a5 - Keep the size of the test analysis history file stable over time

Features

8fdac8c - Starting with code coverage tests
fceb435 - Nine new unit tests
09c78bf - Five new unit tests
8b894fb - Optimized unit tests and added their docstrings
5257f11 - Added an important test ('Content-Security-Policy’)
33c0802 - Two new unit tests
ac466d4 - One new unit test
bd4e7a5 - One new unit test and 80% code coverage
9e1a5ef - New unit test on all analyzable headers and 86% code coverage
5e58c16 - Quality revisions
52d5f24 - One new unit test and 87% code coverage

Minor

f52eed7 - Add reference about 'Permissions-Policy'
a3e8b5d - Improve Read the Docs site
98b3c34 - Improve Read the Docs site and docstrings added
d587ad1 - Docstrings improved
fb6630a - Docstrings improved
fd53b72 - Code optimizations
346769d - Improve code coverage and IP check in 'Content-Security-Policy'
5857d1e - New unit test and improved broad check in 'Permissions-Policy'
cb40c21 - Delete temporary files and folders after code coverage generation
0b7713b - Updated header reference URLs
a2dda48 - References reviewed and updated

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'Slash feat. Gary Clark Jr. "Crossroads" - Official Audio'.

Thank you for downloading it, for trying it and for your time!.

Fixes

No changes

Features

75daa5e - Enhance write permission checks for restricted environments
f0088b9 - HTML documentation for classes/functions (WIP)
63fe14f - Class and function documentation via MkDocs and Read the Docs
930f3ac - Add Bandit security scan
f0124db - Add Bandit security scan

Minor

f6da8e8 - First round (Function documentation)
dba5f61 - Second round (Function documentation)
4e35114 - Final round (Function documentation)
f9b846d - Improved generation of class and functions documentation
d89deb3 - Try to fix readthedocs build problems
82cc40a - Try to fix readthedocs build problems
46626e8 - Docstrings added
765ab18 - Docstrings added
bf9731e - Docstrings added
2ddf51a - Docstrings added
faa0565 - Added presentation webpage for ‘humble’ on 'Read the Docs'
9ae3326 - Updated webpage for ‘humble’ on 'Read the Docs'
e571bd2 - Docstrings added
241439a - Add more plugins to Read the Docs site
d0cda3f - Improve Read the Docs site
b843acf - Docstrings added
6750498 - Improve Read the Docs site
668cd9a - Improve Read the Docs site
e309d52 - Improve Read the Docs site
fbc860e - Docstrings added
3fb6038 - Updated 'Permissions-Policy' directives
f352b2f - Improve Read the Docs site
b890dbd - Keeping actions up to date with Dependabot
4b66fef - Improved Docstrings with admonitions
7b0da05 - Docstrings added
c432c10 - Docstrings added
76dbdd7 - Docstrings added
38e418b - Improved docstrings and specific codes defined in sys.exit
0b7802a - Minor: Updated 'Permissions-Policy' directives

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'House of the Rising Sun, if it were covered by Stevie Ray Vaughan'.

Thank you for downloading it, for trying it and for your time!.

Fixes

13b094f - Exclude folders from Dependabot scanning
e9ed696 - Timeout and Warning logic related to requests
a116b85 - Improved ‘Content-Type (Incorrect Value - Response body)’ check

Features

18c7a7b - l10n errors and messages in unit tests
c0115bb - Export detailed analyses to JSON
6294b97 - Greatly improved export detailed analyses to JSON
c668db6 - Greatly improved unit tests
a7837f4 - Export detailed analysis to JSON in Spanish
9766b0b - New param '-H'.
e5f16f5 - Checks on PATHs and restricted environments.

Minor

0799ccb - Improved JSON export
eb0f488 - Improved detailed JSON export
617c54d - Improved detailed JSON export (HTTP response headers)
d47d60c - Improved detailed JSON export (Info and analysis results)
48f39a0 - Improved detailed JSON export (Empty results)
b546e13 - Code optimizations
e7ce1d4 - Code optimizations
7012129 - Updated 'Permissions-Policy' directives
fa42d44 - l10n message and optimizations
085d4bb - Detailed JSON export optimizations
57e95e1 - Code optimizations (JSON insecure checks related)
f813649 - Code optimizations (JSON missing checks related)
eb44bf6 - Code optimizations (JSON format related)

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'Beth Hart - Am I The One Live At Paradiso'.

Thank you for downloading it, for trying it and for your time!.

Fixes

c2e5ea9 - Avoid superfluous blank lines in HTML export.

Features

7f57b3e - Improvements to OWASP Secure Headers project best practices.
1069d1a - New param '-cicd': outputs analysis totals in JSON; suitable for CI/CD pipelines.
d7036e9 - 1 new unit test: verifies that a CI/CD analysis completes successfully.
65c28aa - 1 new insecure check: Mcp-Session-Id - Potentially Unsafe Value.
622c354 - Improved Unit tests.

Minor

1b4261d - Improved XLSX formatting in exported analysis.
2db085e - Updated 'Permissions-Policy' directives.
84dbf9c - Code optimizations: improved '-cicd' parameter logic and output.
79c3fab - Code optimizations.
4fc3451 - Code optimizations: primarily in HTML export.
690e27c - Code optimizations: PDF export.
fb64c87 - Code optimizations: improve line spacing when exporting to PDF.
2e74759 - CODE_OF_CONDUCT updated.

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'The Big Push - Sympathy For The Devil (Live at The Brighton Dome)'.

Thank you for downloading it, for trying it and for your time!.

Fixes

f70c7ea - Compatibility with Python 3.11 (minimum required version)
fc8b359 - Avoid errors in unit tests with Windows
39465b8 - Browser Compatibility for Enabled HTTP Security Headers
b3a982a - CodeQL errors
f45f0ba - Code scanning alert 'Workflow does not contain permissions'
0e6f575 - CodeQL errors

Features

fcf3dc8 - Unit tests (requires pytest)
8918c52 - 1 new missing Header ('Integrity-Policy')
e1bd47a - 1 new insecure check
2f07a6b - 1 new insecure check
bc4e8ed - XLSX (Excel 2007 onwards) export; requires xlsxwriter.
59f0b1f - Refactor remaining export-related code into dedicated functions
1e5d97a - 4 new fingerprint headers
21072f2 - Make HTML sections collapsible in the exported analysis

Minor

47fa967 - Code optimizations (comments, imports, requests and QA checks)
3d89b1d - Code optimizations (related to unit tests)
69bb2a3 - Code optimizations (related to unit tests)
91ed193 - Code optimizations (related to unit tests)
559debc - Code optimizations (xlsx related)
d5b234e - Code optimizations
8232b76 - Code optimizations (constant related)
33f7e2c - Code optimizations (PDF export related)
bc73f03 - Code optimizations (SSL-TLS checks related)
4e627c8 - Updated guidelines for enabling security HTTP response headers
967a45a - Code optimizations (HTML export related)

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'Miles Caton - I Lied to You | Sinners (Original Motion Picture Soundtrack)'.

Thank you for downloading it, for trying it and for your time!.

Fixes

4055310 - Do not duplicate in the output directive names
af40262 - Formatting applied to empty headers when exporting to HTML and PDF
59f9d78 - Properly detect unreachable or invalid URLs

Features

f51d7da - Warn about unreliable results from IP blocking or this tool.
eb9be0f - Display warning when no HTTP response headers are received
24caa07 - 6 new insecure checks
1130596 - 1 new insecure check
9edb72e - 3 new insecure checks
8b40068 - Improved OWASP Secure Headers Project Best Practices check
4fbe1d6 - 1 new insecure check
240608c - Normalize response HTTP header values
f08458a - 1 new fingerprint header
3d58b76 - New param '-p': Use a proxy for the analysis.

Minor

0e5811a - Code optimizations (HTTP request related)
6d96d3d - Improved message during blocked scans
740af56 - Code optimizations (PDF export related)
4455b0b - Updated 'Permissions-Policy' directives
22bf5b8 - Code optimizations
6835262 - Improved 'Content-Security-Policy' checks
2fdc0b1 - Improved the order and sources of references
d4ad457 - Code optimizations (HTTP responses and requests)
ad6b180 - Code optimizations (HTTP errors, requests and responses)
44f524c - Code optimizations (Proxy related)

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'B.B. King - The Thrill Is Gone'.

Thank you for downloading it, for trying it and for your time!.

Fixes

ac92e3f - CSP 'unsafe-inline' check.
8d06a5f - Add to total correctly in case of unsafe cookies
75c6063 - Trying to ensure compatibility with Python 3.11

Features

3b37273 - First incorrect/insecure CSP nonce displayed after analysis
c4ff448 - 1 new fingerprint header
7aa3eec - Significantly improved spacing of content when exporting to PDF
4d7f2de - 6 new fingerprint headers
644a4a3 - Enhance HTML export
b85ffbb - 2 new fingerprint headers
774ad0c - Improved CSP 'unsafe-eval' and 'unsafe-inline' checks.
d080c7e - 1 new insecure check

Minor

a0b37d9 - Code optimizations (Related to OWASP checks)
0d551da - Code optimizations (related to XML output)
dfb01ac - Improved and updated user agents
1cc67c2 - Code optimizations (Related to PDF output)
bacedc2 - Minor: Code optimizations (Related to enabled headers output)
a6e45d8 - Code optimizations (Related to unsafe cookies)
07ce3b0 - Updated list of experimental HTTP headers
c090dc4 - Code optimizations (related to references and no warnings)
d0084f4 - Code optimizations (related to PDF output)
e6a333a - Updated 'Permissions-Policy' directives
c31a7ca - Code optimizations (statistics and HTML export)
9c374bb - Code optimizations (improved messages)
9ea5ff7 - Improved 'Content-Security-Policy' and 'X-XSS-Protection' refs.
46fbac8 - Improved X-Content-Security-Policy' and 'X-Webkit-CSP' refs.
4242d56 - Improved 'unsafe-eval' advices.
db64786 - Improved alignment and logic of analysis totals
3a699fd - Improved skipped headers message
2e7673f - Improve Content-Security-Policy hash checks
e247739 - Updated 'Document-Policy' directives
fc8b7af - Code optimizations

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: 'The Big Push - Wade in the water / Nina simone / Trouble so hard'.

Thank you for downloading it, for trying it and for your time!.

Fixes

04283e5 - Allow analysis to continue in case of TLS/SSL errors
882d9bb - Honor 'brief' mode while checking for unsafe cookies
2a43eed - The generated XML is now well-formed

Features

07f71e9 - 1 new insecure check
056a444 - Improved 'Set-Cookie (Insecure Attributes)' check
a2966f7 - 1 new insecure check
3437c90 - 1 new insecure check
d045343 - Refactored HTML export into dedicated functions.

Minor

c3ed9e0 - Code optimizations (CSP related)
982d926 - Code optimizations (Related to 'Access-Control-Max-Age' checks)
4c5af0e - Improved 'Content-Security-Policy' messages
6fd89ec - Code optimizations
917838c - Improved format of errors in HTML and PDF output
c234440 - Improved OWASP 'Secure Headers Project' Best Practices output
1a22ced - Code optimizations (XML output related)
f46ef07 - CONTRIBUTING file updated
187a35c - Update OWASP 'Secure Headers Project' best practices headers
c33dd2e - Code optimizations (related to CSV and JSON outputs)
1b35e74 - Improved 'X-Content-Type-Options' duplicated Header/Values check
ddfa0d1 - Code optimizations (HTML fingerprint format related)
39e3be2 - Code optimizations (Nonces and deprecated headers related)
f3cd54c - Code optimizations (related to unsafe cookies)
d317236 - Code optimizations (HTML export related)

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Hard to Handle", performed by 'The Black Crowes'.

Thank you for downloading it, for trying it and for your time!.

Fixes

7591162 - Do not assume testssl runs as 'testssl.sh'.
1f50e71 - Recommend 'no-cache' and 'no-store' if the URL has sensitive data

Features

6458fe2 - 1 new insecure check
4ed1603 - Significantly improved nonces checks in Content-Security-Policy
720cce4 - CSP broad and insecure checks show the directives
94f33d1 - 2 new fingerprint headers
3d0fc58 - Improved 'Permissions-Policy' broad checks.
545bdcc - 1 new insecure check (Permissions-Policy - Incorrect Format)
cae6d0b - 1 new fingerprint header and code optimizations
1c609b8 - 1 new insecure check
247bce4 - 1 new insecure check
ea1803d - 8 new fingerprint headers

Minor

1a82eac - Code optimizations (IPs and nonces checks in CSP-related logic)
9bd46cd - Code optimizations (Printing CSP directives with unsafe values)
d8c7382 - Code optimizations (Updated links in the detail files)
582cb6a - Code optimizations (CSP related)
8328bdf - Code optimizations (CSP and Permissions-Policy headers)
ada63a2 - Code optimizations (related to HTML formatting)
7f4ad22 - Updating the criteria for accepting code contributions
daefedc - Code optimizations (related to CSP checks)
acff819 - First iteration to improve OWASP compliance results.
a85e081 - Code optimizations (OWASP compliance checks mainly)

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "On The Road Again", performed by 'Canned Heat'.

Thank you for downloading it, for trying it and for your time!.

Fixes

e48f839 - f-string expression part cannot include a backslash

Features

a2cadad - Bump required python version to 3.9
c821523 - Improved OWASP 'Secure Headers Project Best Practices' analysis
9b9ab57 - Improved version checking
ae600a1 - User-Agent and Kali Linux steps
02196ff - 13 new fingerprint headers
a8eaa0a - The journey to analyze 'Content Security Policy' begins
8fdcc3c - 3 new insecure checks

Minor

91d8d31 - Code optimizations ('get_basic_global_metrics' related)
da1219a - Code optimizations
e8887e0 - Print input filename when '-if' parameter is used
dbe97f3 - Code optimizations
f4fa3ee - Code optimizations (improving missing and skipped header checks)
e88f7b5 - Code optimizations (OWASP best practices checks related)