WebGoat

Author	SHA1	Message	Date
dependabot[bot]	6eafa45e4c	chore: bump jacoco-maven-plugin from 0.8.8 to 0.8.10 Bumps [jacoco-maven-plugin](https://github.com/jacoco/jacoco) from 0.8.8 to 0.8.10. - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](https://github.com/jacoco/jacoco/compare/v0.8.8...v0.8.10) --- updated-dependencies: - dependency-name: org.jacoco:jacoco-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-05-01 23:48:16 +02:00
caputdraconis	ac6de9d788	Fix typo of HijackSession_content0.adoc	2023-04-17 09:04:15 +02:00
dependabot[bot]	f6855bf6a5	chore: bump guava from 30.1-jre to 31.1-jre (#1448 ) Bumps [guava](https://github.com/google/guava) from 30.1-jre to 31.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-06 11:55:22 +02:00
dependabot[bot]	f7b4af5023	chore: bump bootstrap from 3.3.7 to 5.2.3 (#1441 ) Bumps [bootstrap](https://github.com/webjars/bootstrap) from 3.3.7 to 5.2.3. - [Release notes](https://github.com/webjars/bootstrap/releases) - [Commits](https://github.com/webjars/bootstrap/compare/bootstrap-3.3.7...bootstrap-5.2.3) --- updated-dependencies: - dependency-name: org.webjars:bootstrap dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-06 11:55:08 +02:00
dependabot[bot]	e720eec5f9	chore: bump jruby from 9.3.6.0 to 9.4.2.0 (#1454 ) Bumps jruby from 9.3.6.0 to 9.4.2.0. --- updated-dependencies: - dependency-name: org.jruby:jruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-06 11:54:51 +02:00
dependabot[bot]	a43a6125e8	chore: bump actions/cache from 3.2.6 to 3.3.1 (#1453 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.2.6 to 3.3.1. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.6...v3.3.1) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-06 11:54:05 +02:00
dependabot[bot]	d3e2164716	chore: bump asm from 9.1 to 9.5 (#1460 ) Bumps asm from 9.1 to 9.5. --- updated-dependencies: - dependency-name: org.ow2.asm:asm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-06 11:53:50 +02:00
Loris Sierra	cbf2e153d9	Restrict SSRF Regexes	2023-03-08 23:22:38 +01:00
dependabot[bot]	0795ff0fc5	chore: bump commons-io from 2.6 to 2.11.0 Bumps commons-io from 2.6 to 2.11.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-01 11:09:19 +01:00
dependabot[bot]	d7cdfeec2a	chore: bump webdrivermanager from 4.3.1 to 5.3.2 Bumps [webdrivermanager](https://github.com/bonigarcia/webdrivermanager) from 4.3.1 to 5.3.2. - [Release notes](https://github.com/bonigarcia/webdrivermanager/releases) - [Changelog](https://github.com/bonigarcia/webdrivermanager/blob/master/CHANGELOG.md) - [Commits](https://github.com/bonigarcia/webdrivermanager/compare/webdrivermanager-4.3.1...webdrivermanager-5.3.2) --- updated-dependencies: - dependency-name: io.github.bonigarcia:webdrivermanager dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-01 11:09:08 +01:00
dependabot[bot]	491fe2d84d	chore: bump maven-enforcer-plugin from 3.0.0 to 3.2.1 Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.0.0 to 3.2.1. - [Release notes](https://github.com/apache/maven-enforcer/releases) - [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0...enforcer-3.2.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-enforcer-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-01 11:08:28 +01:00
dependabot[bot]	a509e8e24e	chore: bump commons-text from 1.9 to 1.10.0 Bumps commons-text from 1.9 to 1.10.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-01 11:07:37 +01:00
Nanne Baars	e50986a098	fix: challenge 7 (#1433 )	2023-02-22 22:55:48 +01:00
Àngel Ollé Blázquez	61dac201f0	Add coverage profile	2023-02-22 14:51:55 +01:00
dependabot[bot]	c5629be618	chore: bump spotless-maven-plugin from 2.29.0 to 2.33.0 (#1426 ) Bumps [spotless-maven-plugin](https://github.com/diffplug/spotless) from 2.29.0 to 2.33.0. - [Release notes](https://github.com/diffplug/spotless/releases) - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](https://github.com/diffplug/spotless/compare/lib/2.29.0...lib/2.33.0) --- updated-dependencies: - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 13:36:24 +01:00
dependabot[bot]	df8c83fe74	chore: bump eclipse-temurin from 17-jre-focal to 19-jre-focal (#1427 ) Bumps eclipse-temurin from 17-jre-focal to 19-jre-focal. --- updated-dependencies: - dependency-name: eclipse-temurin dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 13:36:07 +01:00
dependabot[bot]	6d3813c2ce	chore: bump commons-compress from 1.21 to 1.22 (#1428 ) Bumps commons-compress from 1.21 to 1.22. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 13:35:52 +01:00
dependabot[bot]	ecfa0197af	chore: bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M9 (#1429 ) Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.0.0-M5 to 3.0.0-M9. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M5...surefire-3.0.0-M9) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 13:35:36 +01:00
dependabot[bot]	8467ae8a0b	chore: bump jsoup from 1.14.3 to 1.15.4 (#1430 ) Bumps [jsoup](https://github.com/jhy/jsoup) from 1.14.3 to 1.15.4. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES) - [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.14.3...jsoup-1.15.4) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 13:35:20 +01:00
dependabot[bot]	5243fa2bf2	chore: bump jose4j from 0.7.6 to 0.9.3 (#1431 ) Bumps [jose4j](https://bitbucket.org/b_c/jose4j) from 0.7.6 to 0.9.3. - [Commits](https://bitbucket.org/b_c/jose4j/branches/compare/jose4j-0.9.3..jose4j-0.7.6) --- updated-dependencies: - dependency-name: org.bitbucket.b_c:jose4j dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 13:35:01 +01:00
dependabot[bot]	36f99dede8	Bump actions/cache from 3.2.5 to 3.2.6 Bumps [actions/cache](https://github.com/actions/cache) from 3.2.5 to 3.2.6. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.5...v3.2.6) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-02-22 13:34:10 +01:00
Nanne Baars	5dbe2eaf19	refactor: update challenge code - Flags are now wired through a Spring config - Introduced Flag class - Removed Flags from the FlagController	2023-02-22 11:01:34 +01:00
Nanne Baars	1b49b2fd3b	chore: format markdown file	2023-02-22 11:01:34 +01:00
Nanne Baars	b49c61636b	ci: add maven and docker to dependabot configuration	2023-02-22 11:01:34 +01:00
Nanne Baars	8269207d6b	docs: add documentation we start using Conventional Commits. Fixes #1022	2023-02-22 11:01:34 +01:00
Nanne Baars	de2f568229	chore: back to snapshot version after release	2023-02-22 11:01:34 +01:00
Nanne Baars	9f6cf39ff2	ci: add distribution in snapshot job	2023-02-22 11:01:34 +01:00
Nanne Baars	19d54dbe95	chore: release version 2023.4	2023-02-22 11:01:34 +01:00
Nanne Baars	0f38519ecf	ci: add step for pushing Docker desktop image	2023-02-17 12:56:43 +01:00
Nanne Baars	4c95c9ec6a	ci: add step to build and verify Docker image	2023-02-17 12:56:43 +01:00
Nanne Baars	f6c7a54931	docs: add screenshot to README and add Docker WebGoat desktop text	2023-02-17 12:56:43 +01:00
Nanne Baars	f1012c85d6	feat: add Docker desktop version of WebGoat with all tools installed The new Docker image uses linuxserver/webtop giving users the opportunity to run a Linux desktop in their browser without installing any tools on their local machine.	2023-02-17 12:56:43 +01:00
Nanne Baars	ecfc321f14	feature: Add extra feedback once someone solves JWT refresh lesson differently One can solve this lesson by using `alg:none` instead of using the refresh token flow. Instead of adding a check to force using the refresh token we opt for giving the user extra feedback.	2023-02-16 20:32:27 +00:00
Nanne Baars	73b8c431fc	chore: use constructor instead of field dependency injection	2023-02-16 20:32:27 +00:00
dependabot[bot]	b68adfbc7c	Bump devops-infra/action-pull-request from 0.5.3 to 0.5.5 Bumps [devops-infra/action-pull-request](https://github.com/devops-infra/action-pull-request) from 0.5.3 to 0.5.5. - [Release notes](https://github.com/devops-infra/action-pull-request/releases) - [Commits](https://github.com/devops-infra/action-pull-request/compare/v0.5.3...v0.5.5) --- updated-dependencies: - dependency-name: devops-infra/action-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-02-16 14:09:05 +00:00
Nanne Baars	1a2855afcd	chore: set directories explicitly when running IT tests	2023-02-16 12:24:02 +00:00
Nanne Baars	693771220c	fix: change url in JavaScript for JWT endpoint The JavaScript pointed to the context root /WebWolf/ which is no longer in use.	2023-02-16 12:24:02 +00:00
Àngel Ollé Blázquez	075b1ab30a	Fix WebWolf JWT tool	2023-02-15 22:40:24 +00:00
Nanne Baars	390ff39f19	chore: format src/test/it as well	2023-02-15 19:01:06 +00:00
Nanne Baars	3ec34b0df5	fix: challenge test fails sometimes when calling scoreboard endpoint	2023-02-15 19:01:06 +00:00
Nanne Baars	eb4c8388f8	Update Dockerfile	2023-02-15 12:11:12 +00:00
Àngel Ollé Blázquez	ae081ce319	Add fileserver location (test)	2023-02-15 12:00:54 +00:00
Nanne Baars	bd398e4c09	#1396 Fix templates path for views	2023-02-15 11:58:49 +00:00
dependabot[bot]	c9d1653d4f	Bump docker/build-push-action from 3.2.0 to 4.0.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.2.0 to 4.0.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3.2.0...v4.0.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-02-10 21:39:35 +01:00
dependabot[bot]	77c91b8df8	Bump actions/cache from 3.2.3 to 3.2.5 Bumps [actions/cache](https://github.com/actions/cache) from 3.2.3 to 3.2.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.3...v3.2.5) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-02-10 21:38:56 +01:00
Nanne Baars	f9b810c5ee	Fix formatting issue	2023-01-14 18:29:24 +01:00
Nanne Baars	dc0fc09679	Move to main and skip develop Using main and develop imposes a complicated release process with Gitflow etc. To simplify our release process we move our development to the main branch skipping develop.	2023-01-14 18:24:35 +01:00
Nanne Baars	a0173fd8f8	Merge branch 'develop'	2023-01-14 17:07:37 +01:00
dependabot[bot]	58e7e9d4ef	Bump actions/cache from 3.2.2 to 3.2.3 Bumps [actions/cache](https://github.com/actions/cache) from 3.2.2 to 3.2.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.2...v3.2.3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-01-11 20:59:09 +01:00
Nanne Baars	c7a41d1b17	Merge branch 'release/v2023.3' into develop	2023-01-05 21:59:37 +01:00

... 3 4 5 6 7 ...

3053 Commits