Friends, Romans, Countrymen - Lend me your ears!
It is my pleasure to announce the official release of ESAPI 2.0GA!
This release features some key enhancements over ESAPI 1.4.x including, but not limited to:
- Upgrade baseline to use Java5
- Completely redesigned and rewrote Encryptor
- New and Improved Validation and Encoding Methods
- Complete redesign of the ESAPI Locator and ObjectFactory
- More unit tests
- ESAPI Jar is now Signed with an OWASP Code Signing Certificate
- ESAPI Jar is Sealed
- And much, much more
- Peer review of the ESAPI Codebase
- Code and Architecture Review of new Encryption
- Adding and fixing unit tests
- Tons of discussion and interaction with the OWASP Community and ESAPI Users
We are currently in the process of getting a whole new suite of documentation, with a focus on integration tasks and actually using ESAPI in real applications - look for those documents over the next couple monthes, as well as a whole new contribs section in our repository aimed at providing turnkey components and solutions to some of the more commonly encountered integration points for ESAPI.
You can download the full distribution of ESAPI 2.0GA from our home on Google Code at: http://code.google.com/p/owasp-esapi-java/downloads/list
The latest API Docs can always be found at:
Within the next 24-48 hours the distribution to Maven Central should be updated as well and you should be able to start using 2.0GA in your Maven projects as soon as that happens. Maven dependency will be:
As always, we would love to hear your feedback on the release and if you have any questions at all, you can join the ESAPI-User Mailing List here: https://lists.owasp.org/mailman/listinfo/esapi-user
Thanks again to the OWASP and ESAPI Community for helping us build and release the tools that help make the internet just a little bit more sane!
The ESAPI Development and Management Teams
P.S. Please forward this along to any colleagues or distribution lists that may be interested.