Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Keycloak #32

Merged
merged 30 commits into from
Sep 17, 2024
Merged

Update Keycloak #32

merged 30 commits into from
Sep 17, 2024

Conversation

ramueSVA
Copy link
Contributor

No description provided.

Daniela Tomoiaga and others added 29 commits December 6, 2021 15:06
feat(NUM-1909): Extends email domain validation at register
254e389
@alexkarle
Merge pull request #11 from NUM-Forschungsdatenplattform/feature/NUM-…
d9d1b0a 
…1909

feat(NUM-1909): Extends email domain validation at register

- As a super admin I want to allow all wildcards in domains for an organization, so that I don't need to enter all subdomains
@crisdelta
use keycloack 21.0.1
56ec70b
@crisdelta
Merge pull request #12 from NUM-Forschungsdatenplattform/feature/NUM-…
0daa508 
…2131-upgrade-plugin-to-keycloack-21.0.1

use keycloack 21.0.1
@crisdelta
NUM-2182 custom validator for field length
b266f55
@crisdelta
code format
a788aa8
@crisdelta
update README
d2a3350
@crisdelta
Merge pull request #13 from NUM-Forschungsdatenplattform/bugfix/NUM-2…
ed573db 
…182-limit-registration-input

NUM-2182 custom validator for registration page field length
@crisdelta
update keycloak version for custom plugin
a44ffe7
@crisdelta
Merge pull request #14 from NUM-Forschungsdatenplattform/bugfix/NUM-2…
ded94e8 
…191-keycloak-version-update

NUM-2191-update keycloak version for custom plugin to 21.1.1
@mafasva
add github pipeline (#15)
253f926
@ramueSVA
add release pipeline
b83c9a2
@ramueSVA
11 -> 17
53067c3
@dependabot
build(deps): Bump org.apache.maven.plugins:maven-assembly-plugin
dd1729d 
Bumps [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 3.3.0 to 3.7.1.
- [Release notes](https://github.com/apache/maven-assembly-plugin/releases)
- [Commits](apache/maven-assembly-plugin@maven-assembly-plugin-3.3.0...maven-assembly-plugin-3.7.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-assembly-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@ramueSVA
Update release.yml
40d2088
@romanschneidersva
Merge pull request #18 from NUM-Forschungsdatenplattform/feature/add-…
0fff790 
…release-pipeline

add release pipeline
@ramueSVA
changed package structure and groupid in pom.xml
da85315
@ramueSVA
Feature/remove vitagroup signature (#23)
fbfe3b9 
* changed package structure and groupid in pom.xml
@ramueSVA
new tagging pipeline (#22)
8bbce54
@mafasva
remove docker from CI
ba5f481
@ramueSVA
Merge pull request #24 from NUM-Forschungsdatenplattform/feature/with…
fbe615f 
…out-docker

remove docker from CI
@ramueSVA
fix mailwhitelisting in package structure and change license (#25)
b67bd9a 
fix mailwhitelisting in package structure and change license to HiGHmed
@ramueSVA
changed release trigger (#26)
6b6e010
@askask
Update to Keycloak 24
7596dbb 
`RegistrationProfile` was removed in Keycloak 23
@askask
Update README for Keycloak 24
5c69358
@ramueSVA
Merge pull request #29 from askask/develop
0041896 
Update for Keycloak 24
@dependabot
Bump keycloak.version from 24.0.4 to 25.0.5
7e99e67 
Bumps `keycloak.version` from 24.0.4 to 25.0.5.

Updates `org.keycloak:keycloak-core` from 24.0.4 to 25.0.5
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@24.0.4...25.0.5)

Updates `org.keycloak:keycloak-services` from 24.0.4 to 25.0.5
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@24.0.4...25.0.5)

Updates `org.keycloak:keycloak-server-spi` from 24.0.4 to 25.0.5
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@24.0.4...25.0.5)

Updates `org.keycloak:keycloak-server-spi-private` from 24.0.4 to 25.0.5
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@24.0.4...25.0.5)

---
updated-dependencies:
- dependency-name: org.keycloak:keycloak-core
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.keycloak:keycloak-services
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.keycloak:keycloak-server-spi
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.keycloak:keycloak-server-spi-private
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@ramueSVA
Merge pull request #20 from NUM-Forschungsdatenplattform/dependabot/m…
21aa194 
…aven/org.apache.maven.plugins-maven-assembly-plugin-3.7.1

build(deps): Bump org.apache.maven.plugins:maven-assembly-plugin from 3.3.0 to 3.7.1
@ramueSVA
Merge pull request #31 from NUM-Forschungsdatenplattform/dependabot/m…
d4ac6c5 
…aven/keycloak.version-25.0.5

Bump keycloak.version from 24.0.4 to 25.0.5
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 17, 2024
View reviewed changes
src/main/java/org/highmed/mailwhitelisting/RegistrationProfileWithMailDomainCheck.java
for (String domain : domains) {
if (email.endsWith(String.format("@%s", domain))) {
if (Pattern.matches(domainToRegex(domain), emailDomain)) {

Check failure

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a
user-provided value
Loading
.
@ramueSVA ramueSVA merged commit 71e5f31 into main Sep 17, 2024
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ramueSVA @alexkarle @crisdelta @mafasva @romanschneidersva @askask