9d9fb092be
chore: bump maven-enforcer-plugin from 3.2.1 to 3.3.0 ( #1468 )
...
Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer ) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases )
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.2.1...enforcer-3.3.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com >
2023-06-02 09:01:54 +02:00
4bc53a6666
chore: bump maven-checkstyle-plugin from 3.1.2 to 3.2.1 ( #1472 )
...
Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin ) from 3.1.2 to 3.2.1.
- [Release notes](https://github.com/apache/maven-checkstyle-plugin/releases )
- [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.1.2...maven-checkstyle-plugin-3.2.1 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com >
2023-06-02 08:54:21 +02:00
61d5fb9ece
chore: bump jsoup from 1.15.4 to 1.16.1 ( #1484 )
...
Bumps [jsoup](https://github.com/jhy/jsoup ) from 1.15.4 to 1.16.1.
- [Release notes](https://github.com/jhy/jsoup/releases )
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES )
- [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.15.4...jsoup-1.16.1 )
---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-02 08:43:43 +02:00
6eafa45e4c
chore: bump jacoco-maven-plugin from 0.8.8 to 0.8.10
...
Bumps [jacoco-maven-plugin](https://github.com/jacoco/jacoco ) from 0.8.8 to 0.8.10.
- [Release notes](https://github.com/jacoco/jacoco/releases )
- [Commits](https://github.com/jacoco/jacoco/compare/v0.8.8...v0.8.10 )
---
updated-dependencies:
- dependency-name: org.jacoco:jacoco-maven-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-05-01 23:48:16 +02:00
ac6de9d788
Fix typo of HijackSession_content0.adoc
2023-04-17 09:04:15 +02:00
f6855bf6a5
chore: bump guava from 30.1-jre to 31.1-jre ( #1448 )
...
Bumps [guava](https://github.com/google/guava ) from 30.1-jre to 31.1-jre.
- [Release notes](https://github.com/google/guava/releases )
- [Commits](https://github.com/google/guava/commits )
---
updated-dependencies:
- dependency-name: com.google.guava:guava
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 11:55:22 +02:00
f7b4af5023
chore: bump bootstrap from 3.3.7 to 5.2.3 ( #1441 )
...
Bumps [bootstrap](https://github.com/webjars/bootstrap ) from 3.3.7 to 5.2.3.
- [Release notes](https://github.com/webjars/bootstrap/releases )
- [Commits](https://github.com/webjars/bootstrap/compare/bootstrap-3.3.7...bootstrap-5.2.3 )
---
updated-dependencies:
- dependency-name: org.webjars:bootstrap
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 11:55:08 +02:00
e720eec5f9
chore: bump jruby from 9.3.6.0 to 9.4.2.0 ( #1454 )
...
Bumps jruby from 9.3.6.0 to 9.4.2.0.
---
updated-dependencies:
- dependency-name: org.jruby:jruby
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 11:54:51 +02:00
a43a6125e8
chore: bump actions/cache from 3.2.6 to 3.3.1 ( #1453 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.6 to 3.3.1.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.2.6...v3.3.1 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 11:54:05 +02:00
d3e2164716
chore: bump asm from 9.1 to 9.5 ( #1460 )
...
Bumps asm from 9.1 to 9.5.
---
updated-dependencies:
- dependency-name: org.ow2.asm:asm
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 11:53:50 +02:00
cbf2e153d9
Restrict SSRF Regexes
2023-03-08 23:22:38 +01:00
0795ff0fc5
chore: bump commons-io from 2.6 to 2.11.0
...
Bumps commons-io from 2.6 to 2.11.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-03-01 11:09:19 +01:00
d7cdfeec2a
chore: bump webdrivermanager from 4.3.1 to 5.3.2
...
Bumps [webdrivermanager](https://github.com/bonigarcia/webdrivermanager ) from 4.3.1 to 5.3.2.
- [Release notes](https://github.com/bonigarcia/webdrivermanager/releases )
- [Changelog](https://github.com/bonigarcia/webdrivermanager/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bonigarcia/webdrivermanager/compare/webdrivermanager-4.3.1...webdrivermanager-5.3.2 )
---
updated-dependencies:
- dependency-name: io.github.bonigarcia:webdrivermanager
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-03-01 11:09:08 +01:00
491fe2d84d
chore: bump maven-enforcer-plugin from 3.0.0 to 3.2.1
...
Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer ) from 3.0.0 to 3.2.1.
- [Release notes](https://github.com/apache/maven-enforcer/releases )
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0...enforcer-3.2.1 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-03-01 11:08:28 +01:00
a509e8e24e
chore: bump commons-text from 1.9 to 1.10.0
...
Bumps commons-text from 1.9 to 1.10.0.
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-03-01 11:07:37 +01:00
e50986a098
fix: challenge 7 ( #1433 )
2023-02-22 22:55:48 +01:00
61dac201f0
Add coverage profile
2023-02-22 14:51:55 +01:00
c5629be618
chore: bump spotless-maven-plugin from 2.29.0 to 2.33.0 ( #1426 )
...
Bumps [spotless-maven-plugin](https://github.com/diffplug/spotless ) from 2.29.0 to 2.33.0.
- [Release notes](https://github.com/diffplug/spotless/releases )
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md )
- [Commits](https://github.com/diffplug/spotless/compare/lib/2.29.0...lib/2.33.0 )
---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:36:24 +01:00
df8c83fe74
chore: bump eclipse-temurin from 17-jre-focal to 19-jre-focal ( #1427 )
...
Bumps eclipse-temurin from 17-jre-focal to 19-jre-focal.
---
updated-dependencies:
- dependency-name: eclipse-temurin
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:36:07 +01:00
6d3813c2ce
chore: bump commons-compress from 1.21 to 1.22 ( #1428 )
...
Bumps commons-compress from 1.21 to 1.22.
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-compress
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:35:52 +01:00
ecfa0197af
chore: bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M9 ( #1429 )
...
Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire ) from 3.0.0-M5 to 3.0.0-M9.
- [Release notes](https://github.com/apache/maven-surefire/releases )
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M5...surefire-3.0.0-M9 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:35:36 +01:00
8467ae8a0b
chore: bump jsoup from 1.14.3 to 1.15.4 ( #1430 )
...
Bumps [jsoup](https://github.com/jhy/jsoup ) from 1.14.3 to 1.15.4.
- [Release notes](https://github.com/jhy/jsoup/releases )
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES )
- [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.14.3...jsoup-1.15.4 )
---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:35:20 +01:00
5243fa2bf2
chore: bump jose4j from 0.7.6 to 0.9.3 ( #1431 )
...
Bumps [jose4j](https://bitbucket.org/b_c/jose4j ) from 0.7.6 to 0.9.3.
- [Commits](https://bitbucket.org/b_c/jose4j/branches/compare/jose4j-0.9.3..jose4j-0.7.6 )
---
updated-dependencies:
- dependency-name: org.bitbucket.b_c:jose4j
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:35:01 +01:00
36f99dede8
Bump actions/cache from 3.2.5 to 3.2.6
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.5 to 3.2.6.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.2.5...v3.2.6 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-22 13:34:10 +01:00
5dbe2eaf19
refactor: update challenge code
...
- Flags are now wired through a Spring config
- Introduced Flag class
- Removed Flags from the FlagController
2023-02-22 11:01:34 +01:00
1b49b2fd3b
chore: format markdown file
2023-02-22 11:01:34 +01:00
b49c61636b
ci: add maven and docker to dependabot configuration
2023-02-22 11:01:34 +01:00
8269207d6b
docs: add documentation we start using Conventional Commits.
...
Fixes #1022
2023-02-22 11:01:34 +01:00
de2f568229
chore: back to snapshot version after release
2023-02-22 11:01:34 +01:00
9f6cf39ff2
ci: add distribution in snapshot job
2023-02-22 11:01:34 +01:00
19d54dbe95
chore: release version 2023.4
2023-02-22 11:01:34 +01:00
0f38519ecf
ci: add step for pushing Docker desktop image
2023-02-17 12:56:43 +01:00
4c95c9ec6a
ci: add step to build and verify Docker image
2023-02-17 12:56:43 +01:00
f6c7a54931
docs: add screenshot to README and add Docker WebGoat desktop text
2023-02-17 12:56:43 +01:00
f1012c85d6
feat: add Docker desktop version of WebGoat with all tools installed
...
The new Docker image uses linuxserver/webtop giving users the opportunity
to run a Linux desktop in their browser without installing any tools
on their local machine.
2023-02-17 12:56:43 +01:00
ecfc321f14
feature: Add extra feedback once someone solves JWT refresh lesson differently
...
One can solve this lesson by using `alg:none` instead of using the refresh token flow. Instead of adding a check to force using the refresh token we opt for giving the user extra feedback.
2023-02-16 20:32:27 +00:00
73b8c431fc
chore: use constructor instead of field dependency injection
2023-02-16 20:32:27 +00:00
b68adfbc7c
Bump devops-infra/action-pull-request from 0.5.3 to 0.5.5
...
Bumps [devops-infra/action-pull-request](https://github.com/devops-infra/action-pull-request ) from 0.5.3 to 0.5.5.
- [Release notes](https://github.com/devops-infra/action-pull-request/releases )
- [Commits](https://github.com/devops-infra/action-pull-request/compare/v0.5.3...v0.5.5 )
---
updated-dependencies:
- dependency-name: devops-infra/action-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-16 14:09:05 +00:00
1a2855afcd
chore: set directories explicitly when running IT tests
2023-02-16 12:24:02 +00:00
693771220c
fix: change url in JavaScript for JWT endpoint
...
The JavaScript pointed to the context root /WebWolf/ which is no longer in use.
2023-02-16 12:24:02 +00:00
075b1ab30a
Fix WebWolf JWT tool
2023-02-15 22:40:24 +00:00
390ff39f19
chore: format src/test/it as well
2023-02-15 19:01:06 +00:00
3ec34b0df5
fix: challenge test fails sometimes when calling scoreboard endpoint
2023-02-15 19:01:06 +00:00
eb4c8388f8
Update Dockerfile
2023-02-15 12:11:12 +00:00
ae081ce319
Add fileserver location (test)
2023-02-15 12:00:54 +00:00
bd398e4c09
#1396 Fix templates path for views
2023-02-15 11:58:49 +00:00
c9d1653d4f
Bump docker/build-push-action from 3.2.0 to 4.0.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.2.0 to 4.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v3.2.0...v4.0.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-10 21:39:35 +01:00
77c91b8df8
Bump actions/cache from 3.2.3 to 3.2.5
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.3 to 3.2.5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.2.3...v3.2.5 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-10 21:38:56 +01:00
f9b810c5ee
Fix formatting issue
2023-01-14 18:29:24 +01:00
dc0fc09679
Move to main and skip develop
...
Using main and develop imposes a complicated release process with Gitflow etc. To simplify our release process we move our development to the main branch skipping develop.
2023-01-14 18:24:35 +01:00
