From 0a8f7a9f9c1bd03e8719fe506974d04c7ed63456 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Thu, 12 Dec 2024 10:18:35 +0100 Subject: [PATCH 01/22] Update README.md --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d7549128..55f1e6acf 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,8 @@ You can install it by doing: docker run -p 8080:8080 jeroenwillemsen/wrongsecrets:latest-no-vault ``` -Now you can try to find the secrets by means of solving the challenge offered at: +
+ Now you can try to find the secrets by means of solving the challenge offered at the links in the block below - [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) - [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) @@ -128,6 +129,7 @@ Now you can try to find the secrets by means of solving the challenge offered at - [localhost:8080/challenge/challenge-49](http://localhost:8080/challenge/challenge-49) - [localhost:8080/challenge/challenge-50](http://localhost:8080/challenge/challenge-50) - [localhost:8080/challenge/challenge-51](http://localhost:8080/challenge/challenge-51) +
Note that these challenges are still very basic, and so are their explanations. Feel free to file a PR to make them look better ;-). From bd90d395fb320f60c1c209fa80f879f01e99365f Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Thu, 12 Dec 2024 10:21:29 +0100 Subject: [PATCH 02/22] Update README.md --- README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 55f1e6acf..152fe46da 100644 --- a/README.md +++ b/README.md @@ -88,11 +88,12 @@ docker run -p 8080:8080 jeroenwillemsen/wrongsecrets:latest-no-vault ```
- Now you can try to find the secrets by means of solving the challenge offered at the links in the block below - -- [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) -- [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) -- [localhost:8080/challenge/challenge-3](http://localhost:8080/challenge/challenge-3) + Now you can try to find the secrets by means of solving the challenge offered at the links in the block below + - [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) + - [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) + - [localhost:8080/challenge/challenge-3](http://localhost:8080/challenge/challenge-3) + (click the triangle to see more) + - [localhost:8080/challenge/challenge-4](http://localhost:8080/challenge/challenge-4) - [localhost:8080/challenge/challenge-8](http://localhost:8080/challenge/challenge-8) - [localhost:8080/challenge/challenge-12](http://localhost:8080/challenge/challenge-12) From 3816820ee450d48a4105b0aed07d87868a3f2b44 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Thu, 12 Dec 2024 10:23:34 +0100 Subject: [PATCH 03/22] Update README.md --- README.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 152fe46da..b9c12a0a9 100644 --- a/README.md +++ b/README.md @@ -86,14 +86,13 @@ You can install it by doing: ```bash docker run -p 8080:8080 jeroenwillemsen/wrongsecrets:latest-no-vault ``` - +Now you can try to find the secrets by means of solving the challenge offered at the links below
- Now you can try to find the secrets by means of solving the challenge offered at the links in the block below - - [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) - - [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) - - [localhost:8080/challenge/challenge-3](http://localhost:8080/challenge/challenge-3) - (click the triangle to see more) + all the links for docker challenges. +- [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) +- [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) +- [localhost:8080/challenge/challenge-3](http://localhost:8080/challenge/challenge-3) - [localhost:8080/challenge/challenge-4](http://localhost:8080/challenge/challenge-4) - [localhost:8080/challenge/challenge-8](http://localhost:8080/challenge/challenge-8) - [localhost:8080/challenge/challenge-12](http://localhost:8080/challenge/challenge-12) From 53425b7485ff99e245522f939c8402d4f44d210e Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Thu, 12 Dec 2024 10:25:46 +0100 Subject: [PATCH 04/22] Update README.md --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b9c12a0a9..d119c8727 100644 --- a/README.md +++ b/README.md @@ -88,8 +88,9 @@ docker run -p 8080:8080 jeroenwillemsen/wrongsecrets:latest-no-vault ``` Now you can try to find the secrets by means of solving the challenge offered at the links below
- all the links for docker challenges. + all the links for docker challenges (click triangle to open the block). + - [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) - [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) - [localhost:8080/challenge/challenge-3](http://localhost:8080/challenge/challenge-3) @@ -129,6 +130,7 @@ Now you can try to find the secrets by means of solving the challenge offered at - [localhost:8080/challenge/challenge-49](http://localhost:8080/challenge/challenge-49) - [localhost:8080/challenge/challenge-50](http://localhost:8080/challenge/challenge-50) - [localhost:8080/challenge/challenge-51](http://localhost:8080/challenge/challenge-51) +
Note that these challenges are still very basic, and so are their explanations. Feel free to file a PR to make them look From 101db44910b15b35516061ca4c3e0631de14e907 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci-lite[bot]" <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 09:27:29 +0000 Subject: [PATCH 05/22] [pre-commit.ci lite] apply automatic fixes --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d119c8727..482034ab7 100644 --- a/README.md +++ b/README.md @@ -90,7 +90,7 @@ Now you can try to find the secrets by means of solving the challenge offered at
all the links for docker challenges (click triangle to open the block). - + - [localhost:8080/challenge/challenge-1](http://localhost:8080/challenge/challenge-1) - [localhost:8080/challenge/challenge-2](http://localhost:8080/challenge/challenge-2) - [localhost:8080/challenge/challenge-3](http://localhost:8080/challenge/challenge-3) From ca97fb3f93dcc75e87206c25f2173c4a02bf15d2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 15 Dec 2024 00:47:27 +0000 Subject: [PATCH 06/22] chore(deps): update dependency go to v1.23.4 --- aws/go.mod | 2 +- azure/go.mod | 2 +- gcp/go.mod | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/go.mod b/aws/go.mod index e974f64f6..d72244f66 100644 --- a/aws/go.mod +++ b/aws/go.mod @@ -2,7 +2,7 @@ module wrongsecrets go 1.22.7 -toolchain go1.23.3 +toolchain go1.23.4 require github.com/gruntwork-io/terratest v0.47.2 diff --git a/azure/go.mod b/azure/go.mod index e974f64f6..d72244f66 100644 --- a/azure/go.mod +++ b/azure/go.mod @@ -2,7 +2,7 @@ module wrongsecrets go 1.22.7 -toolchain go1.23.3 +toolchain go1.23.4 require github.com/gruntwork-io/terratest v0.47.2 diff --git a/gcp/go.mod b/gcp/go.mod index e974f64f6..d72244f66 100644 --- a/gcp/go.mod +++ b/gcp/go.mod @@ -2,7 +2,7 @@ module wrongsecrets go 1.22.7 -toolchain go1.23.3 +toolchain go1.23.4 require github.com/gruntwork-io/terratest v0.47.2 From 14bf6c55f9f2a0c60558eb84c392219f0e553f27 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 05:32:23 +0000 Subject: [PATCH 07/22] chore(deps): update dependency globals to v15.13.0 --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9f4308177..feefed9fc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2625,9 +2625,9 @@ } }, "node_modules/globals": { - "version": "15.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-15.12.0.tgz", - "integrity": "sha512-1+gLErljJFhbOVyaetcwJiJ4+eLe45S2E7P5UiZ9xGfeq3ATQf5DOv9G7MH3gGbKQLkzmNh2DxfZwLdw+j6oTQ==", + "version": "15.13.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-15.13.0.tgz", + "integrity": "sha512-49TewVEz0UxZjr1WYYsWpPrhyC/B/pA8Bq0fUmet2n+eR7yn0IvNzNaoBwnK6mdkzcN+se7Ez9zUgULTz2QH4g==", "dev": true, "license": "MIT", "engines": { From cbd95bc21bfede4d663ddc03a9ea402ef0711994 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 07:33:17 +0000 Subject: [PATCH 08/22] chore(deps): update dependency eslint to v9.17.0 --- package-lock.json | 71 ++++++++++++++++++++++------------------------- 1 file changed, 33 insertions(+), 38 deletions(-) diff --git a/package-lock.json b/package-lock.json index feefed9fc..6b30b21ac 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1594,13 +1594,13 @@ } }, "node_modules/@eslint/config-array": { - "version": "0.18.0", - "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.18.0.tgz", - "integrity": "sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw==", + "version": "0.19.1", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.1.tgz", + "integrity": "sha512-fo6Mtm5mWyKjA/Chy1BYTdn5mGJoDNjC7C64ug20ADsRDGrA85bN3uK3MaKbeRkRuuIEAR5N33Jr1pbm411/PA==", "dev": true, "license": "Apache-2.0", "dependencies": { - "@eslint/object-schema": "^2.1.4", + "@eslint/object-schema": "^2.1.5", "debug": "^4.3.1", "minimatch": "^3.1.2" }, @@ -1609,11 +1609,14 @@ } }, "node_modules/@eslint/core": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.7.0.tgz", - "integrity": "sha512-xp5Jirz5DyPYlPiKat8jaq0EmYvDXKKpzTbxXMpT9eqlRJkRKIz9AGMdlvYjih+im+QlhWrpvVjl8IPC/lHlUw==", + "version": "0.9.1", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.1.tgz", + "integrity": "sha512-GuUdqkyyzQI5RMIWkHhvTWLCyLo1jNK3vzkSyaExH5kHPDHcuL2VOpHjmMY+y3+NC69qAKToBqldTBgYeLSr9Q==", "dev": true, "license": "Apache-2.0", + "dependencies": { + "@types/json-schema": "^7.0.15" + }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } @@ -1656,9 +1659,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.14.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.14.0.tgz", - "integrity": "sha512-pFoEtFWCPyDOl+C6Ift+wC7Ro89otjigCf5vcuWqWgqNSQbRrpjSvdeE6ofLz4dHmyxD5f7gIdGT4+p36L6Twg==", + "version": "9.17.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.17.0.tgz", + "integrity": "sha512-Sxc4hqcs1kTu0iID3kcZDW3JHq2a77HO9P8CP6YEA/FpH3Ll8UXE2r/86Rz9YJLKme39S9vU5OWNjC6Xl0Cr3w==", "dev": true, "license": "MIT", "engines": { @@ -1666,9 +1669,9 @@ } }, "node_modules/@eslint/object-schema": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.4.tgz", - "integrity": "sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ==", + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.5.tgz", + "integrity": "sha512-o0bhxnL89h5Bae5T318nFoFzGy+YE5i/gGkoPAgkmTVdRKTiv3p8JHevPiPaMwoloKfEiiaHlawCqaZMqRm+XQ==", "dev": true, "license": "Apache-2.0", "engines": { @@ -1676,9 +1679,9 @@ } }, "node_modules/@eslint/plugin-kit": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.1.tgz", - "integrity": "sha512-HFZ4Mp26nbWk9d/BpvP0YNL6W4UoZF0VFcTw/aPPA8RpOxeFQgK+ClABGgAUXs9Y/RGX/l1vOmrqz1MQt9MNuw==", + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.4.tgz", + "integrity": "sha512-zSkKow6H5Kdm0ZUQUB2kV5JIXqoG0+uH5YADhaEHswm664N9Db8dXSi0nMJpacpMf+MyyglF1vnZohpEg5yUtg==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -2122,9 +2125,9 @@ } }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "license": "MIT", "dependencies": { @@ -2205,27 +2208,27 @@ } }, "node_modules/eslint": { - "version": "9.14.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.14.0.tgz", - "integrity": "sha512-c2FHsVBr87lnUtjP4Yhvk4yEhKrQavGafRA/Se1ouse8PfbfC/Qh9Mxa00yWsZRlqeUB9raXip0aiiUZkgnr9g==", + "version": "9.17.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.17.0.tgz", + "integrity": "sha512-evtlNcpJg+cZLcnVKwsai8fExnqjGPicK7gnUtlNuzu+Fv9bI0aLpND5T44VLQtoMEnI57LoXO9XAkIXwohKrA==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.12.1", - "@eslint/config-array": "^0.18.0", - "@eslint/core": "^0.7.0", - "@eslint/eslintrc": "^3.1.0", - "@eslint/js": "9.14.0", - "@eslint/plugin-kit": "^0.2.0", + "@eslint/config-array": "^0.19.0", + "@eslint/core": "^0.9.0", + "@eslint/eslintrc": "^3.2.0", + "@eslint/js": "9.17.0", + "@eslint/plugin-kit": "^0.2.3", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", - "@humanwhocodes/retry": "^0.4.0", + "@humanwhocodes/retry": "^0.4.1", "@types/estree": "^1.0.6", "@types/json-schema": "^7.0.15", "ajv": "^6.12.4", "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", + "cross-spawn": "^7.0.6", "debug": "^4.3.2", "escape-string-regexp": "^4.0.0", "eslint-scope": "^8.2.0", @@ -2244,8 +2247,7 @@ "lodash.merge": "^4.6.2", "minimatch": "^3.1.2", "natural-compare": "^1.4.0", - "optionator": "^0.9.3", - "text-table": "^0.2.0" + "optionator": "^0.9.3" }, "bin": { "eslint": "bin/eslint.js" @@ -3215,13 +3217,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==", - "dev": true, - "license": "MIT" - }, "node_modules/type-check": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", From e4d5cc95c52cdd45bf2c87f4286460d0e9ceab55 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 11:47:22 +0000 Subject: [PATCH 09/22] fix(deps): update dependency org.springframework.cloud:spring-cloud-dependencies to v2023.0.4 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 6da3a1400..8e2c1196b 100644 --- a/pom.xml +++ b/pom.xml @@ -63,7 +63,7 @@ 3.13.0 full 23 - 2023.0.3 + 2023.0.4 6.2.3 2.1.7 3.1.2.RELEASE From 76107116c60e893ddc9b920e93ddc7c7754d94d7 Mon Sep 17 00:00:00 2001 From: za Date: Mon, 16 Dec 2024 19:02:35 +0700 Subject: [PATCH 10/22] Replace tfsec with trivy on github workflows and renovate.json because tfsec is no longer updated Issue: https://github.com/OWASP/wrongsecrets/issues/1764 --- .github/workflows/pre-commit.yml | 7 +++---- renovate.json | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 8c6d99136..42e7cf1ab 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -54,11 +54,10 @@ jobs: tar -zxvf terraform_docs.tar.gz terraform-docs chmod +x terraform-docs mv terraform-docs /usr/local/bin/ - - name: Setup tfsec + - name: Setup trivy run: | - curl --output tfsec https://github.com/aquasecurity/tfsec/releases/download/${{env.TFSEC_VERSION}}/tfsec-linux-amd64 - chmod +x tfsec - mv tfsec /usr/local/bin/ + curl --output trivy https://github.com/aquasecurity/trivy/releases/download/v${{env.TRIVY_VERSION}}/trivy_{{env.TRIVY_VERSION}}_Linux-64bit.deb + sudo dpkg -i trivy.deb - name: Pre-commit checks uses: pre-commit/action@v3.0.1 - name: pre-commit-ci-lite diff --git a/renovate.json b/renovate.json index 86c870091..9595b3d2d 100644 --- a/renovate.json +++ b/renovate.json @@ -28,9 +28,9 @@ { "customType": "regex", "fileMatch": ".github/workflows/pre-commit.yml", - "depNameTemplate": "aquasecurity/tfsec", + "depNameTemplate": "aquasecurity/trivy", "matchStrings": [ - "TFSEC_VERSION=\"(?.*?)\"" + "TRIVY_VERSION=\"(?.*?)\"" ], "datasourceTemplate": "github-releases" }, From c88900eaceafe10564e5e5c9027e362c5386b9a2 Mon Sep 17 00:00:00 2001 From: za Date: Tue, 17 Dec 2024 14:28:32 +0700 Subject: [PATCH 11/22] Added $ for trivy version environment variable ERROR: ``` curl: (3) nested brace in URL position 66 https://github.com/aquasecurity/trivy/releases/download/v/trivy_{{env.TRIVY_VERSION}}_Linux-64bit.deb ^ ``` --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 42e7cf1ab..7449d82bf 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -56,7 +56,7 @@ jobs: mv terraform-docs /usr/local/bin/ - name: Setup trivy run: | - curl --output trivy https://github.com/aquasecurity/trivy/releases/download/v${{env.TRIVY_VERSION}}/trivy_{{env.TRIVY_VERSION}}_Linux-64bit.deb + curl --output trivy https://github.com/aquasecurity/trivy/releases/download/v${{env.TRIVY_VERSION}}/trivy_${{env.TRIVY_VERSION}}_Linux-64bit.deb sudo dpkg -i trivy.deb - name: Pre-commit checks uses: pre-commit/action@v3.0.1 From 959cd48c9ebac0086af0a0f184244ac137c88d49 Mon Sep 17 00:00:00 2001 From: za Date: Tue, 17 Dec 2024 15:49:26 +0700 Subject: [PATCH 12/22] Replace TFSEC env variable with TRIVY env variable --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 7449d82bf..b66ffebcd 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -8,8 +8,8 @@ on: env: TF_DOCS_VERSION: v0.19.0 - TFSEC_VERSION: v1.28.11 TFLINT_VERSION: v0.53.0 + TRIVY_VERSION: 0.58.0 permissions: contents: read jobs: From e4d0f55f5b06857282a5dca0283c86f73389ef05 Mon Sep 17 00:00:00 2001 From: za Date: Tue, 17 Dec 2024 15:58:22 +0700 Subject: [PATCH 13/22] Use wget to download trivy --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index b66ffebcd..120effec0 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -56,7 +56,7 @@ jobs: mv terraform-docs /usr/local/bin/ - name: Setup trivy run: | - curl --output trivy https://github.com/aquasecurity/trivy/releases/download/v${{env.TRIVY_VERSION}}/trivy_${{env.TRIVY_VERSION}}_Linux-64bit.deb + wget https://github.com/aquasecurity/trivy/releases/download/v${{env.TRIVY_VERSION}}/trivy_${{env.TRIVY_VERSION}}_Linux-64bit.deb sudo dpkg -i trivy.deb - name: Pre-commit checks uses: pre-commit/action@v3.0.1 From e13053b4a6f8143d2b99010392bd1b637debdecf Mon Sep 17 00:00:00 2001 From: za Date: Tue, 17 Dec 2024 17:16:44 +0700 Subject: [PATCH 14/22] Fix dpkg -i filename Following the filename that we downloaded --- .github/workflows/pre-commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 120effec0..2a0802271 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -57,7 +57,7 @@ jobs: - name: Setup trivy run: | wget https://github.com/aquasecurity/trivy/releases/download/v${{env.TRIVY_VERSION}}/trivy_${{env.TRIVY_VERSION}}_Linux-64bit.deb - sudo dpkg -i trivy.deb + sudo dpkg -i trivy_${{env.TRIVY_VERSION}}_Linux-64bit.deb - name: Pre-commit checks uses: pre-commit/action@v3.0.1 - name: pre-commit-ci-lite From e09e650e62043804c68676c1bf0d4e92a8a58e4b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 06:51:25 +0000 Subject: [PATCH 15/22] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.21.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8e2c1196b..166eb6313 100644 --- a/pom.xml +++ b/pom.xml @@ -323,7 +323,7 @@ com.puppycrawl.tools checkstyle - 10.20.2 + 10.21.0 From ed1fa3e480e670891a034e8639e8c3441baea752 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 08:03:03 +0000 Subject: [PATCH 16/22] fix(deps): update dependency org.thymeleaf.extras:thymeleaf-extras-springsecurity6 to v3.1.3.release --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 166eb6313..3adfe8011 100644 --- a/pom.xml +++ b/pom.xml @@ -66,7 +66,7 @@ 2023.0.4 6.2.3 2.1.7 - 3.1.2.RELEASE + 3.1.3.RELEASE 3.3.0 From f1abc07f7f605a52ccfb78d85caec0ab675ba414 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 22:25:27 +0000 Subject: [PATCH 17/22] chore(deps): update dependency @commitlint/config-conventional to v19.6.0 --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6b30b21ac..c15b7218e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1514,9 +1514,9 @@ } }, "node_modules/@commitlint/config-conventional": { - "version": "19.5.0", - "resolved": "https://registry.npmjs.org/@commitlint/config-conventional/-/config-conventional-19.5.0.tgz", - "integrity": "sha512-OBhdtJyHNPryZKg0fFpZNOBM1ZDbntMvqMuSmpfyP86XSfwzGw4CaoYRG4RutUPg0BTK07VMRIkNJT6wi2zthg==", + "version": "19.6.0", + "resolved": "https://registry.npmjs.org/@commitlint/config-conventional/-/config-conventional-19.6.0.tgz", + "integrity": "sha512-DJT40iMnTYtBtUfw9ApbsLZFke1zKh6llITVJ+x9mtpHD08gsNXaIRqHTmwTZL3dNX5+WoyK7pCN/5zswvkBCQ==", "dev": true, "license": "MIT", "dependencies": { From ee19f214e47f16c6e6416ac7907541152c1b1ddf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 22 Dec 2024 00:39:02 +0000 Subject: [PATCH 18/22] chore(deps): update module golang.org/x/net to v0.33.0 [security] --- aws/go.mod | 2 +- aws/go.sum | 2 ++ azure/go.mod | 2 +- azure/go.sum | 2 ++ gcp/go.mod | 2 +- gcp/go.sum | 2 ++ 6 files changed, 9 insertions(+), 3 deletions(-) diff --git a/aws/go.mod b/aws/go.mod index d72244f66..45bd3a599 100644 --- a/aws/go.mod +++ b/aws/go.mod @@ -74,7 +74,7 @@ require ( go.opentelemetry.io/otel/trace v1.32.0 // indirect golang.org/x/crypto v0.31.0 // indirect golang.org/x/mod v0.22.0 // indirect - golang.org/x/net v0.31.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect diff --git a/aws/go.sum b/aws/go.sum index 6f01fb896..fff377edf 100644 --- a/aws/go.sum +++ b/aws/go.sum @@ -704,6 +704,8 @@ golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= diff --git a/azure/go.mod b/azure/go.mod index d72244f66..45bd3a599 100644 --- a/azure/go.mod +++ b/azure/go.mod @@ -74,7 +74,7 @@ require ( go.opentelemetry.io/otel/trace v1.32.0 // indirect golang.org/x/crypto v0.31.0 // indirect golang.org/x/mod v0.22.0 // indirect - golang.org/x/net v0.31.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect diff --git a/azure/go.sum b/azure/go.sum index 6f01fb896..fff377edf 100644 --- a/azure/go.sum +++ b/azure/go.sum @@ -704,6 +704,8 @@ golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= diff --git a/gcp/go.mod b/gcp/go.mod index d72244f66..45bd3a599 100644 --- a/gcp/go.mod +++ b/gcp/go.mod @@ -74,7 +74,7 @@ require ( go.opentelemetry.io/otel/trace v1.32.0 // indirect golang.org/x/crypto v0.31.0 // indirect golang.org/x/mod v0.22.0 // indirect - golang.org/x/net v0.31.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect diff --git a/gcp/go.sum b/gcp/go.sum index 6f01fb896..fff377edf 100644 --- a/gcp/go.sum +++ b/gcp/go.sum @@ -704,6 +704,8 @@ golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= From 159393cf4a02139ba82a541fa8fa6c2c9a4a1b75 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 22 Dec 2024 06:16:24 +0000 Subject: [PATCH 19/22] fix(deps): update dependency org.owasp:dependency-check-maven to v11.1.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 3adfe8011..494be2b83 100644 --- a/pom.xml +++ b/pom.xml @@ -51,7 +51,7 @@ 5.18.0 9.1.0 2.1.0 - 11.1.0 + 11.1.1 4.10.2 3.13.1 5.8.0 From a2e886c56db60132ca4e5f36108b361e1a5edbbb Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 22 Dec 2024 13:58:52 +0000 Subject: [PATCH 20/22] fix(deps): update aws-java-sdk-v2 monorepo to v2.29.39 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 494be2b83..06d172eac 100644 --- a/pom.xml +++ b/pom.xml @@ -46,7 +46,7 @@ 2.2.2 3.1.1 3.0.0 - 2.29.15 + 2.29.39 5.3.3 5.18.0 9.1.0 From f67362941e241eaa1720c4d4e4c95227e5812d4a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 07:51:03 +0000 Subject: [PATCH 21/22] fix(deps): update dependency org.webjars:datatables to v2.1.8 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 06d172eac..87681c5e5 100644 --- a/pom.xml +++ b/pom.xml @@ -50,7 +50,7 @@ 5.3.3 5.18.0 9.1.0 - 2.1.0 + 2.1.8 11.1.1 4.10.2 3.13.1 From 83454315686faaef583a00cf0301a47dcb7a8496 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 30 Dec 2024 07:33:27 +0100 Subject: [PATCH 22/22] fix FE html versions of datatables --- src/main/resources/templates/index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 3fcfb2bf9..db4f6b7ca 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -5,7 +5,7 @@ OWASP WrongSecrets - + @@ -21,8 +21,8 @@ - - + +