dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,087 Commits 11 Branches 78 Tags
Commit Graph

185 Commits

Author SHA1 Message Date
dependabot[bot]
b5af30c819
chore: bump docker/build-push-action from 6.13.0 to 6.14.0 (#2033) 2025-02-27 18:35:10 +01:00
dependabot[bot]
fadb07d73e
chore: bump devops-infra/action-pull-request from 0.5.5 to 0.6.0 (#2029) 2025-02-22 20:54:44 +01:00
dependabot[bot]
f66126e53d
chore: bump devops-infra/action-commit-push from 0.9.2 to 0.10.0 (#2030) 2025-02-22 20:54:32 +01:00
dependabot[bot]
79ac5b7b99
chore: bump docker/build-push-action from 6.12.0 to 6.13.0 (#2012) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.12.0 to 6.13.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:55:37 +01:00
dependabot[bot]
b940e5ce58
chore: bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#2022) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:54:38 +01:00
dependabot[bot]
2ac50bfbd8
chore: bump docker/build-push-action from 6.11.0 to 6.12.0 (#2005) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.11.0 to 6.12.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-26 19:18:25 +01:00
Nanne Baars
8e45316638
feat: Introduce Playwright for UI testing 
Instead of using Robot Framework which does not run during a `mvn install`. Playwright seems to be the better approach. We can now write them as normal JUnit test and they are executed during a build.

Additionally this PR solves some interesting bugs found during writing Playwright tests:

- A reset of a lesson removes all assignments as a result another user wouldn't see any assignments
- If someone solves an assignment the assignment automatically got solved for a new user since the assignment included the `solved` flag which immediately got copied to new lesson progress.
- Introduction of assignment progress linking a assignment not directly to all users.
 2025-01-26 16:59:59 +01:00
dependabot[bot]
9d5ab5fb21
chore: bump docker/setup-qemu-action from 3.1.0 to 3.3.0 (#2000) 2025-01-14 23:33:20 +01:00
dependabot[bot]
aee7abc6b7
chore: bump docker/build-push-action from 6.10.0 to 6.11.0 (#2001) 2025-01-14 23:32:04 +01:00
Nanne Baars
0244655409
feat: Move to Java 23 
Closes: gh-1990
 2024-12-21 14:16:33 +01:00
dependabot[bot]
f3c7f4588b
chore: bump docker/build-push-action from 6.9.0 to 6.10.0 (#1969) 2024-12-03 22:13:24 +01:00
Nanne Baars
e1e00bca73
fix: JWT kid/jku lessons (#1949) 
* refactor: rewrite hints

Use active voice and fix grammar issues.

* fix: use Thymeleaf `th:action`

* fix: JWT kid/jku lessons

Split the JavaScript into two files they pointed to the same URL

The JWTs are now valid, they parse successfully.

The paths now include `/kid` and `/jku` to make sure the hints match accordingly in the UI. Otherwise `/delete` would pick up both hints from both assignments as the paths overlap.

Closes: #1715

* fix: update to latest pre-commit version

* fix: increase timeouts for server to start during integration tests
 2024-11-07 15:45:33 +01:00
Nanne Baars
3f6a74ad86
chore(gh-actions): update dependency 2024-10-28 22:02:02 +01:00
Nanne Baars
1d37ee0877
ci: run pre-commit checks first 
Create a dependency between the jobs.
 2024-10-28 21:59:10 +01:00
Nanne Baars
4f6ab25ebd
ci: run pre-commit checks first 2024-10-28 21:57:43 +01:00
dependabot[bot]
2177eb663a
chore: bump docker/build-push-action from 6.7.0 to 6.9.0 (#1920) 2024-10-26 16:59:13 +02:00
dependabot[bot]
e2c2d425cb
chore: bump actions/cache from 4.0.2 to 4.1.1 (#1925) 2024-10-26 14:25:04 +02:00
dependabot[bot]
9b68368b23
chore: bump pre-commit-ci/lite-action from 1.0.1 to 1.1.0 (#1926) 
Bumps [pre-commit-ci/lite-action](https://github.com/pre-commit-ci/lite-action) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/pre-commit-ci/lite-action/releases)
- [Commits](https://github.com/pre-commit-ci/lite-action/compare/v1.0.1...v1.1.0)

---
updated-dependencies:
- dependency-name: pre-commit-ci/lite-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-26 10:54:46 +02:00
dependabot[bot]
5fc2666b43
chore: bump docker/build-push-action from 6.5.0 to 6.7.0 (#1877) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.5.0 to 6.7.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.5.0...v6.7.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-04 21:43:46 +02:00
dependabot[bot]
d38ba2a626
chore: bump docker/build-push-action from 6.4.1 to 6.5.0 (#1867) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.4.1 to 6.5.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.4.1...v6.5.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-04 15:56:33 +02:00
dependabot[bot]
85103bbcad
chore: bump docker/login-action from 3.2.0 to 3.3.0 (#1855) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-23 17:36:27 +02:00
dependabot[bot]
b98e1a98e1
chore: bump docker/build-push-action from 6.2.0 to 6.4.1 (#1854) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.2.0 to 6.4.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.2.0...v6.4.1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-22 20:33:06 +02:00
dependabot[bot]
a30fbc223a
chore: bump docker/setup-qemu-action from 2.2.0 to 3.1.0 (#1842) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.2.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.1.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-09 20:52:27 +02:00
Nanne Baars
a0b6decf34
Fix report card (#1845) 
* fix: report card

Fix and simplify calculation of the number of assignments a user solved.
Rename `UserTracker` to `UserProgress`
Rename `LessonTracker` to `LessonProgress`
Rename tables in database
 2024-07-09 20:07:09 +02:00
dependabot[bot]
1531987da5
chore: bump docker/build-push-action from 6.1.0 to 6.2.0 (#1839) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.1.0...v6.2.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-07 12:24:25 +02:00
dependabot[bot]
bec6580c84
chore: bump docker/build-push-action from 5.4.0 to 6.1.0 (#1832) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.4.0 to 6.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.4.0...v6.1.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-29 10:16:10 +02:00
dependabot[bot]
5e5a1363b0
chore: bump docker/build-push-action from 5.3.0 to 5.4.0 (#1824) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-18 08:20:27 +02:00
dependabot[bot]
8f11fb6729
chore: bump docker/login-action from 3.0.0 to 3.2.0 (#1815) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.2.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-08 08:17:41 +02:00
dependabot[bot]
edcce09b5f
chore: bump docker/build-push-action from 5.1.0 to 5.3.0 (#1816) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-08 08:08:14 +02:00
René Zubcevic
508703ffce
update dependencies and version (#1807) 
* update dependencies and version
* debug macos build issue
* update and fix Dockerfile(s)
 2024-05-31 19:39:03 +02:00
Nanne Baars
e308d7cde7
chore: upgrade checkout out to v4 (#1781) 2024-03-25 22:27:56 +01:00
Nanne Baars
4ab820e1d1
feat: move CSRF to A3 (#1776) 
CSRF is part of security misconfiguration in the OWASP Top 10.
 2024-03-21 20:50:37 +01:00
Jason White
1a6a7e0be1
reverting my goofs after launching from wrong browser tab (#1774) 2024-03-19 18:01:30 +01:00
Jason White
b79c83a52e
linty 2024-03-18 19:19:12 +00:00
Jason White
297c6f49b5
Merge branch 'main' into test-semgrep-on-merge 2024-03-18 13:14:39 -06:00
Jason White
24db39eae2
test semgrep 2024-03-18 19:12:13 +00:00
dependabot[bot]
ad0286d5ba
chore: bump actions/cache from 3.3.1 to 4.0.0 (#1729) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.3.1...v4.0.0)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-29 11:03:15 +01:00
dependabot[bot]
84029345b4
chore: bump actions/setup-java from 3 to 4 (#1698) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-06 20:17:13 +01:00
dependabot[bot]
a0ca199cdc chore: bump actions/setup-python from 4 to 5 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-06 19:39:28 +01:00
Nanne Baars
17acef57b4 chore: add pre-commit hooks 
chore: add pre-commit hooks

chore: add pre-commit hooks

chore: add pre-commit hooks

chore: add pre-commit hooks
 2023-12-06 17:16:24 +01:00
Nanne Baars
ac7a9c7863 chore: update GitHub action name 2023-12-05 14:22:19 +01:00
Nanne Baars
d343c60781 chore: do not spend time on building the Docker image 
We can test this ourselves there is no need to run this on every PR towards the repository.
 2023-12-05 11:15:53 +01:00
Nanne Baars
98acc1f55a fix: get the right Github token 2023-12-05 11:15:06 +01:00
Nanne Baars
f99888e61b fix: typo in the step of the name 2023-12-05 11:14:51 +01:00
Nanne Baars
29dda49190 chore: WebWolf bootstrap can now be updated 2023-12-05 11:14:27 +01:00
Nanne Baars
369be6f688 fix: disable extra build file 2023-12-05 11:14:08 +01:00
dependabot[bot]
89ecf1d2ad
chore: bump actions/first-interaction from 1.2.0 to 1.3.0 (#1691) 
Bumps [actions/first-interaction](https://github.com/actions/first-interaction) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/actions/first-interaction/releases)
- [Commits](https://github.com/actions/first-interaction/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: actions/first-interaction
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 22:45:16 +01:00
dependabot[bot]
1b66a742da
chore: bump actions/setup-java from 3 to 4 (#1690) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 22:40:54 +01:00
dependabot[bot]
d6c4e8e454
chore: bump docker/build-push-action from 4.1.1 to 5.1.0 (#1670) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.1.1 to 5.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4.1.1...v5.1.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2023-11-20 15:11:59 +01:00
René Zubcevic
084a105c69
Java 21 initial support (#1622) 
* check java 17 and 21 in build

* build on regular branch push

* build on regular branch push

* build on regular branch push

* update spring boot for Java21 support
 2023-10-23 20:21:00 +02:00