WebGoat

Author	SHA1	Message	Date
dependabot[bot]	9573b30667	chore: bump org.asciidoctor:asciidoctorj from 2.5.10 to 2.5.13 (#1811 ) Bumps [org.asciidoctor:asciidoctorj](https://github.com/asciidoctor/asciidoctorj) from 2.5.10 to 2.5.13. - [Release notes](https://github.com/asciidoctor/asciidoctorj/releases) - [Changelog](https://github.com/asciidoctor/asciidoctorj/blob/v2.5.13/CHANGELOG.adoc) - [Commits](https://github.com/asciidoctor/asciidoctorj/compare/v2.5.10...v2.5.13) --- updated-dependencies: - dependency-name: org.asciidoctor:asciidoctorj dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2024-06-08 21:09:45 +02:00
dependabot[bot]	30e40f2e59	chore: bump org.jruby:jruby from 9.4.3.0 to 9.4.7.0 (#1813 ) Bumps org.jruby:jruby from 9.4.3.0 to 9.4.7.0. --- updated-dependencies: - dependency-name: org.jruby:jruby dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2024-06-08 08:23:28 +02:00
dependabot[bot]	8f11fb6729	chore: bump docker/login-action from 3.0.0 to 3.2.0 (#1815 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.2.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.2.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2024-06-08 08:17:41 +02:00
dependabot[bot]	10e36c203f	chore: bump com.google.guava:guava from 32.1.3-jre to 33.2.1-jre (#1814 ) Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.1.3-jre to 33.2.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2024-06-08 08:13:01 +02:00
dependabot[bot]	edcce09b5f	chore: bump docker/build-push-action from 5.1.0 to 5.3.0 (#1816 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.3.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.3.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-06-08 08:08:14 +02:00
François Capon	3134f18066	fix: Success if only Smith earn most salary (#1744 ) * Update labels * Update Java * Update Test --------- Co-authored-by: René Zubcevic <rene@zubcevic.com>	2024-06-01 10:50:38 +02:00
Vandeputte Brice	e219887f14	docs: Update HttpBasics_plan.adoc - fix broken link to https://www.zaproxy.org/ (#1803 ) fix broken link OWASP ZAP - https://www.zaproxy.org/ Co-authored-by: René Zubcevic <rene@zubcevic.com>	2024-06-01 10:45:12 +02:00
René Zubcevic	508703ffce	update dependencies and version (#1807 ) * update dependencies and version * debug macos build issue * update and fix Dockerfile(s)	2024-05-31 19:39:03 +02:00
Nanne Baars	e308d7cde7	chore: upgrade checkout out to v4 (#1781 )	2024-03-25 22:27:56 +01:00
Nanne Baars	4ab820e1d1	feat: move CSRF to A3 (#1776 ) CSRF is part of security misconfiguration in the OWASP Top 10.	2024-03-21 20:50:37 +01:00
Jason White	1a6a7e0be1	reverting my goofs after launching from wrong browser tab (#1774 )	2024-03-19 18:01:30 +01:00
Jason White	2e9140ab64	Merge pull request #1773 from misfir3/test-semgrep-on-merge Test semgrep on merge	2024-03-18 13:21:21 -06:00
Jason White	b79c83a52e	linty	2024-03-18 19:19:12 +00:00
Jason White	297c6f49b5	Merge branch 'main' into test-semgrep-on-merge	2024-03-18 13:14:39 -06:00
Jason White	d2049a8fcc	updating for testing	2024-03-18 19:13:50 +00:00
Jason White	24db39eae2	test semgrep	2024-03-18 19:12:13 +00:00
Jason White	98443184e9	Merge pull request #1 from WebGoat/develop updating from main branch to test semgrep	2024-03-18 13:05:23 -06:00
Nanne Baars	62931a1836	feature: enable CORS configuration (#1771 )	2024-03-17 10:55:27 +01:00
cap-dev0x	c18430752a	build(Dockerfile): replace deprecated MAINTAINER tag with label of the same Current syntax now used to denote the "WebGoat team" as maintainer Link: https://docs.docker.com/reference/dockerfile/#label Signed-off-by: cap-dev0x <158111888+cap-dev0x@users.noreply.github.com>	2024-02-25 23:20:23 +01:00
François Capon	57d5b313b9	Fix typo in SQLi blind case	2024-02-10 16:02:35 +01:00
cap-dev0x	dd0f135088	fix(quiz): use $ instead of jQuery which is undefined (#1736 ) Fixes: #1703 Signed-off-by: cap-dev0x <158111888+cap-dev0x@users.noreply.github.com>	2024-02-05 14:30:01 +01:00
dependabot[bot]	ad0286d5ba	chore: bump actions/cache from 3.3.1 to 4.0.0 (#1729 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 4.0.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.3.1...v4.0.0) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-29 11:03:15 +01:00
dependabot[bot]	b67eb44142	chore: bump io.github.bonigarcia:webdrivermanager from 5.3.3 to 5.6.3 (#1716 ) Bumps [io.github.bonigarcia:webdrivermanager](https://github.com/bonigarcia/webdrivermanager) from 5.3.3 to 5.6.3. - [Release notes](https://github.com/bonigarcia/webdrivermanager/releases) - [Changelog](https://github.com/bonigarcia/webdrivermanager/blob/master/CHANGELOG.md) - [Commits](https://github.com/bonigarcia/webdrivermanager/compare/webdrivermanager-5.3.3...webdrivermanager-5.6.3) --- updated-dependencies: - dependency-name: io.github.bonigarcia:webdrivermanager dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-09 15:10:16 +01:00
dependabot[bot]	7e75e9b8fc	chore: bump org.apache.commons:commons-exec from 1.3 to 1.4.0 (#1721 ) Bumps org.apache.commons:commons-exec from 1.3 to 1.4.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-exec dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-09 14:59:40 +01:00
dependabot[bot]	40c679ec5a	chore: bump org.jsoup:jsoup from 1.16.1 to 1.17.2 (#1717 ) Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.16.1 to 1.17.2. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md) - [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.16.1...jsoup-1.17.2) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-09 14:51:32 +01:00
Peter Potrowl	4ebb869f5d	Fix hidden links in MissingFunctionAC.html. (#1710 )	2023-12-29 15:01:35 +01:00
Peter Potrowl	6bb7a182dc	Fix typos in texts.	2023-12-14 23:00:59 +01:00
Peter Potrowl	cb2c99d38d	Improve texts to avoid confusion.	2023-12-14 22:54:20 +01:00
dependabot[bot]	84029345b4	chore: bump actions/setup-java from 3 to 4 (#1698 ) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-06 20:17:13 +01:00
dependabot[bot]	a0ca199cdc	chore: bump actions/setup-python from 4 to 5 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-06 19:39:28 +01:00
Nanne Baars	2058298e2d	chore: move to SNAPSHOT	2023-12-06 17:35:12 +01:00
Nanne Baars	17acef57b4	chore: add pre-commit hooks chore: add pre-commit hooks chore: add pre-commit hooks chore: add pre-commit hooks chore: add pre-commit hooks	2023-12-06 17:16:24 +01:00
Nanne Baars	d913967ec5	refactor: remove usage of `RequestMapping`	2023-12-06 17:16:24 +01:00
Nanne Baars	87edc7d1db	refactor: use AssertJ for testing Majority of our test cases use AssertJ	2023-12-06 17:16:24 +01:00
Nanne Baars	ac7a9c7863	chore: update GitHub action name	2023-12-05 14:22:19 +01:00
dependabot[bot]	2803ef45e4	chore: bump org.webjars:bootstrap from 5.3.1 to 5.3.2 (#1693 ) Bumps [org.webjars:bootstrap](https://github.com/webjars/bootstrap) from 5.3.1 to 5.3.2. - [Commits](https://github.com/webjars/bootstrap/compare/bootstrap-5.3.1...bootstrap-5.3.2) --- updated-dependencies: - dependency-name: org.webjars:bootstrap dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-05 14:04:09 +01:00
Nanne Baars	5357a65e05	chore: release 2023.8 v2023.8	2023-12-05 11:21:15 +01:00
Nanne Baars	d343c60781	chore: do not spend time on building the Docker image We can test this ourselves there is no need to run this on every PR towards the repository.	2023-12-05 11:15:53 +01:00
Nanne Baars	98acc1f55a	fix: get the right Github token	2023-12-05 11:15:06 +01:00
Nanne Baars	f99888e61b	fix: typo in the step of the name	2023-12-05 11:14:51 +01:00
Nanne Baars	29dda49190	chore: WebWolf bootstrap can now be updated	2023-12-05 11:14:27 +01:00
Nanne Baars	369be6f688	fix: disable extra build file	2023-12-05 11:14:08 +01:00
Nanne Baars	d5f869c006	chore: release version 2023.7 v2023.7	2023-12-04 23:10:52 +01:00
Nanne Baars	a9caaabb47	fix: wrong Docker image	2023-12-04 23:09:51 +01:00
Nanne Baars	fb2ff01775	chore: release 2023.6 v2023.6	2023-12-04 22:56:58 +01:00
dependabot[bot]	89ecf1d2ad	chore: bump actions/first-interaction from 1.2.0 to 1.3.0 (#1691 ) Bumps [actions/first-interaction](https://github.com/actions/first-interaction) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/actions/first-interaction/releases) - [Commits](https://github.com/actions/first-interaction/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: actions/first-interaction dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-04 22:45:16 +01:00
dependabot[bot]	1b66a742da	chore: bump actions/setup-java from 3 to 4 (#1690 ) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-04 22:40:54 +01:00
dependabot[bot]	a831da5886	chore: bump commons-io:commons-io from 2.14.0 to 2.15.1 (#1689 ) Bumps commons-io:commons-io from 2.14.0 to 2.15.1. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-04 22:33:27 +01:00
dependabot[bot]	fd5189c102	chore: bump com.diffplug.spotless:spotless-maven-plugin (#1688 ) Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 2.38.0 to 2.41.1. - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](https://github.com/diffplug/spotless/compare/lib/2.38.0...maven/2.41.1) --- updated-dependencies: - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-04 22:24:53 +01:00
Nanne Baars	ae261f201a	feat: show directly requested file in requests overview When a call directly hits a file it is now show up in the requests overview. This helps the user whether an attack from WebGoat actually requested the uploaded file. Closes: gh-1551	2023-12-04 21:34:16 +01:00

1 2 3 4 5 ...

3027 Commits