Jump to content

Connect SuperML | Leeroopedia MCP: Equip your AI agents with best practices, code verification, and debugging knowledge. Powered by Leeroo — building Organizational Superintelligence. Contact us at founders@leeroo.com.

Implementation:OWASP Www project top 10 for large language model applications TranslationPublisher Publish

From Leeroopedia
Knowledge Sources OWASP/www-project-top-10-for-large-language-model-applications
Domains Localization, Publication, CI/CD, Site Deployment
Last Updated 2026-02-14

Overview

Concrete tool for publishing translations via GitHub PR workflow with Jekyll site rebuild, provided by the OWASP Top 10 for LLM Applications project infrastructure.

Description

TranslationPublisher_Publish is an External Tool Doc that documents the end-to-end publication pipeline for validated translations. The pipeline encompasses creating a GitHub pull request using the project's PR template (.github/PULL_REQUEST_TEMPLATE.md), optionally generating an AI-assisted PR description using .hooks/generate_pr_description.py (which uses the rigging library with GPT-4o-mini to analyze diffs), passing the CI filename validation check (.github/workflows/check-filenames-pr.yml), obtaining maintainer review and merge approval, and triggering the Jekyll site rebuild that publishes translations to genai.owasp.org. The project's Jekyll configuration (_config.yml) uses the OWASP site theme with the jekyll-include-cache plugin. The workflow supports 10 active translation locales.

Usage

Use TranslationPublisher_Publish when:

  • Submitting completed and validated translations for a locale via GitHub PR
  • Auto-generating PR descriptions for translation contributions
  • Verifying that translation files pass CI filename checks
  • Publishing new or updated translations to the genai.owasp.org static site
  • Understanding the full publication pipeline from branch to live site

Code Reference

Source Location: CONTRIBUTING.md (Lines 1-25); .github/PULL_REQUEST_TEMPLATE.md (Lines 1-30); .hooks/generate_pr_description.py (Lines 1-119); _config.yml (Lines 1-3); .github/workflows/check-filenames-pr.yml

Signature: 

TranslationPublisher.publish(
    locale: str,
    validated_files: list[str]
) -> PublicationResult

Import or Command: 

from translation_tools.publisher import TranslationPublisher

result = TranslationPublisher.publish(
    locale="de-DE",
    validated_files=[
        "LLM00_Preface.md",
        "LLM01_PromptInjection.md",
        "LLM02_SensitiveInformationDisclosure.md",
        "LLM03_SupplyChain.md",
        "LLM04_DataModelPoisoning.md",
        "LLM05_ImproperOutputHandling.md",
        "LLM06_ExcessiveAgency.md",
        "LLM07_SystemPromptLeakage.md",
        "LLM08_VectorAndEmbeddingWeaknesses.md",
        "LLM09_Misinformation.md",
        "LLM10_UnboundedConsumption.md",
        "Supplemental_Content.md",
    ]
)

I/O Contract

Inputs:

Parameter Type Description
locale str BCP 47 locale tag for the translation being published (e.g., "de-DE", "el-GR")
validated_files list[str] List of filenames that have passed validation and are ready for publication

Outputs:

Field Type Description
pr_url str URL of the created GitHub pull request
pr_number int Pull request number in the repository
ci_status str Status of the filename validation CI check ("passed", "failed", "pending")
pr_description str Auto-generated or template-based PR description
merge_status str Merge status ("merged", "open", "closed")
site_deploy_status str Jekyll site rebuild status ("deployed", "building", "failed")
site_url str URL where the published translations are accessible (genai.owasp.org)

Pipeline Stages:

Stage Tool/File Description
PR Creation .github/PULL_REQUEST_TEMPLATE.md Structured PR with Key Changes, Added, Changed, Removed sections
Description Generation .hooks/generate_pr_description.py AI-assisted description using rigging + GPT-4o-mini (optional)
Filename Validation .github/workflows/check-filenames-pr.yml CI check ensuring translation files follow naming conventions
Review and Merge GitHub PR review Maintainer approval and merge to main branch
Site Rebuild _config.yml (Jekyll) Static site generation with owasp/www--site-theme@main

Usage Examples

Example 1: Publishing a standard locale translation via PR 

from translation_tools.publisher import TranslationPublisher

# Publish German translation
result = TranslationPublisher.publish(
    locale="de-DE",
    validated_files=[
        "LLM00_Preface.md",
        "LLM01_PromptInjection.md",
        "LLM02_SensitiveInformationDisclosure.md",
        "LLM03_SupplyChain.md",
        "LLM04_DataModelPoisoning.md",
        "LLM05_ImproperOutputHandling.md",
        "LLM06_ExcessiveAgency.md",
        "LLM07_SystemPromptLeakage.md",
        "LLM08_VectorAndEmbeddingWeaknesses.md",
        "LLM09_Misinformation.md",
        "LLM10_UnboundedConsumption.md",
        "Supplemental_Content.md",
    ]
)

print(f"PR created: {result.pr_url}")
print(f"CI status: {result.ci_status}")
print(f"Site URL: {result.site_url}")

Example 2: Using the PR description generator 

# The generate_pr_description.py script can be run standalone:
# python .hooks/generate_pr_description.py \
#     --base-ref origin/main \
#     --source-ref HEAD \
#     --generator-id openai/gpt-4o-mini \
#     --max-diff-lines 1000

# Programmatic equivalent:
import asyncio
from generate_pr_description import get_diff, generate_pr_description

diff = asyncio.run(get_diff("origin/main", "HEAD"))
description = asyncio.run(
    generate_pr_description.bind("openai/gpt-4o-mini")(diff)
)
print(description)

# Output: Bullet-pointed summary of translation changes
# - Added German translations for LLM01-LLM10 vulnerability entries
# - Created de-DE baseline configuration with modern_blue template
# - Translated supplemental content including sponsorship and social media text

Example 3: Publishing an extended locale translation (el-GR) 

from translation_tools.publisher import TranslationPublisher

# Extended locales include ADD files
result = TranslationPublisher.publish(
    locale="el-GR",
    validated_files=[
        "ADD00_Cover.md",
        "ADD01_Table_of_Contents.md",
        "ADD02_Figures.md",
        "ADD04_Supplemental_Content.md",
        "LLM00_Preface.md",
        "LLM01_PromptInjection.md",
        "LLM02_SensitiveInformationDisclosure.md",
        "LLM03_SupplyChain.md",
        "LLM04_DataModelPoisoning.md",
        "LLM05_ImproperOutputHandling.md",
        "LLM06_ExcessiveAgency.md",
        "LLM07_SystemPromptLeakage.md",
        "LLM08_VectorAndEmbeddingWeaknesses.md",
        "LLM09_Misinformation.md",
        "LLM10_UnboundedConsumption.md",
    ]
)

print(f"PR #{result.pr_number}: {result.pr_url}")
print(f"CI filename check: {result.ci_status}")
print(f"Merge status: {result.merge_status}")
print(f"Deployed to: {result.site_url}")

Example 4: PR template structure for a translation submission 

# Add German (de-DE) translations for OWASP Top 10 LLM 2025

**Key Changes:**

- [x] Translated all 11 vulnerability entries (LLM00-LLM10) to German
- [x] Created German supplemental content with localized descriptions
- [x] Added de-DE baseline configuration for PDF generation

**Added:**

- [x] 2_0_vulns/translations/de-DE/LLM00_Preface.md through LLM10_UnboundedConsumption.md
- [x] 2_0_vulns/translations/de-DE/Supplemental_Content.md
- [x] 2_0_vulns/translations/de-DE/baseline/custom_data_LLM_de-DE.json

**Changed:**

- [ ] No changes to existing files

**Removed:**

- [ ] No files removed

Related Pages

Page Connections

Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment
Retrieved from "https://leeroopedia.com/index.php?title=Implementation:OWASP_Www_project_top_10_for_large_language_model_applications_TranslationPublisher_Publish&oldid=8737"