dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,137 Commits 11 Branches 78 Tags
db7daa227f64d9cf27a330932c88a3d4b7e2c7d5
Commit Graph

3137 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
8c890b090c chore: bump io.github.bonigarcia:webdrivermanager from 5.6.3 to 5.8.0 (#1826) 
Bumps [io.github.bonigarcia:webdrivermanager](https://github.com/bonigarcia/webdrivermanager) from 5.6.3 to 5.8.0.
- [Release notes](https://github.com/bonigarcia/webdrivermanager/releases)
- [Changelog](https://github.com/bonigarcia/webdrivermanager/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bonigarcia/webdrivermanager/compare/webdrivermanager-5.6.3...webdrivermanager-5.8.0)

---
updated-dependencies:
- dependency-name: io.github.bonigarcia:webdrivermanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-18 10:38:31 +02:00
dependabot[bot]
630c1e1afd chore: bump org.ow2.asm:asm from 9.5 to 9.7 (#1829) 
Bumps org.ow2.asm:asm from 9.5 to 9.7.

---
updated-dependencies:
- dependency-name: org.ow2.asm:asm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-18 09:11:59 +02:00
dependabot[bot]
061c75a05f chore: bump org.apache.commons:commons-compress from 1.26.0 to 1.26.2 (#1825) 
Bumps org.apache.commons:commons-compress from 1.26.0 to 1.26.2.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-18 08:28:49 +02:00
dependabot[bot]
5e5a1363b0 chore: bump docker/build-push-action from 5.3.0 to 5.4.0 (#1824) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-18 08:20:27 +02:00
dependabot[bot]
47df923c8c chore: bump org.apache.maven.plugins:maven-enforcer-plugin (#1823) 
Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.3.0 to 3.5.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.3.0...enforcer-3.5.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-16 08:20:29 +02:00
dependabot[bot]
5dbc642264 chore: bump com.nulab-inc:zxcvbn from 1.8.0 to 1.9.0 (#1822) 
Bumps [com.nulab-inc:zxcvbn](https://github.com/nulab/zxcvbn4j) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/nulab/zxcvbn4j/releases)
- [Changelog](https://github.com/nulab/zxcvbn4j/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nulab/zxcvbn4j/compare/1.8.0...1.9.0)

---
updated-dependencies:
- dependency-name: com.nulab-inc:zxcvbn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-16 08:14:48 +02:00
dependabot[bot]
96bc6fa608 chore: bump org.apache.maven.plugins:maven-checkstyle-plugin (#1821) 
Bumps [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.3.1 to 3.4.0.
- [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.3.1...maven-checkstyle-plugin-3.4.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-16 08:09:49 +02:00
dependabot[bot]
1d5a2bb6a2 chore: bump org.eclipse.jetty.ee10:jetty-ee10-bom from 12.0.3 to 12.0.10 (#1820) 
Bumps [org.eclipse.jetty.ee10:jetty-ee10-bom](https://github.com/jetty/jetty.project) from 12.0.3 to 12.0.10.
- [Release notes](https://github.com/jetty/jetty.project/releases)
- [Commits](https://github.com/jetty/jetty.project/compare/jetty-12.0.3...jetty-12.0.10)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty.ee10:jetty-ee10-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-16 07:55:02 +02:00
dependabot[bot]
8b37bd58d7 chore: bump commons-io:commons-io from 2.15.1 to 2.16.1 (#1819) 
Bumps commons-io:commons-io from 2.15.1 to 2.16.1.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-14 17:41:45 +02:00
dependabot[bot]
6545e2a066 chore: bump com.github.tomakehurst:wiremock (#1810) 
Bumps [com.github.tomakehurst:wiremock](https://github.com/wiremock/wiremock) from 3.0.0-beta-2 to 3.0.0-beta-10.
- [Release notes](https://github.com/wiremock/wiremock/releases)
- [Commits](https://github.com/wiremock/wiremock/compare/3.0.0-beta-2...3.0.0-beta-10)

---
updated-dependencies:
- dependency-name: com.github.tomakehurst:wiremock
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-08 21:15:53 +02:00
dependabot[bot]
9573b30667 chore: bump org.asciidoctor:asciidoctorj from 2.5.10 to 2.5.13 (#1811) 
Bumps [org.asciidoctor:asciidoctorj](https://github.com/asciidoctor/asciidoctorj) from 2.5.10 to 2.5.13.
- [Release notes](https://github.com/asciidoctor/asciidoctorj/releases)
- [Changelog](https://github.com/asciidoctor/asciidoctorj/blob/v2.5.13/CHANGELOG.adoc)
- [Commits](https://github.com/asciidoctor/asciidoctorj/compare/v2.5.10...v2.5.13)

---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-08 21:09:45 +02:00
dependabot[bot]
30e40f2e59 chore: bump org.jruby:jruby from 9.4.3.0 to 9.4.7.0 (#1813) 
Bumps org.jruby:jruby from 9.4.3.0 to 9.4.7.0.

---
updated-dependencies:
- dependency-name: org.jruby:jruby
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-08 08:23:28 +02:00
dependabot[bot]
8f11fb6729 chore: bump docker/login-action from 3.0.0 to 3.2.0 (#1815) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.2.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-08 08:17:41 +02:00
dependabot[bot]
10e36c203f chore: bump com.google.guava:guava from 32.1.3-jre to 33.2.1-jre (#1814) 
Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.1.3-jre to 33.2.1-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-08 08:13:01 +02:00
dependabot[bot]
edcce09b5f chore: bump docker/build-push-action from 5.1.0 to 5.3.0 (#1816) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-08 08:08:14 +02:00
François Capon
3134f18066 fix: Success if only Smith earn most salary (#1744) 
* Update labels

* Update Java

* Update Test

---------

Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-01 10:50:38 +02:00
Vandeputte Brice
e219887f14 docs: Update HttpBasics_plan.adoc - fix broken link to https://www.zaproxy.org/ (#1803) 
fix broken link OWASP ZAP -  https://www.zaproxy.org/

Co-authored-by: René Zubcevic <rene@zubcevic.com>
 2024-06-01 10:45:12 +02:00
René Zubcevic
508703ffce update dependencies and version (#1807) 
* update dependencies and version
* debug macos build issue
* update and fix Dockerfile(s)
 2024-05-31 19:39:03 +02:00
Nanne Baars
e308d7cde7 chore: upgrade checkout out to v4 (#1781) 2024-03-25 22:27:56 +01:00
Nanne Baars
4ab820e1d1 feat: move CSRF to A3 (#1776) 
CSRF is part of security misconfiguration in the OWASP Top 10.
 2024-03-21 20:50:37 +01:00
Jason White
1a6a7e0be1 reverting my goofs after launching from wrong browser tab (#1774) 2024-03-19 18:01:30 +01:00
Jason White
2e9140ab64 Merge pull request #1773 from misfir3/test-semgrep-on-merge 
Test semgrep on merge
 2024-03-18 13:21:21 -06:00
Jason White
b79c83a52e linty 2024-03-18 19:19:12 +00:00
Jason White
297c6f49b5 Merge branch 'main' into test-semgrep-on-merge 2024-03-18 13:14:39 -06:00
Jason White
d2049a8fcc updating for testing 2024-03-18 19:13:50 +00:00
Jason White
24db39eae2 test semgrep 2024-03-18 19:12:13 +00:00
Jason White
98443184e9 Merge pull request #1 from WebGoat/develop 
updating from main branch to test semgrep
 2024-03-18 13:05:23 -06:00
Nanne Baars
62931a1836 feature: enable CORS configuration (#1771) 2024-03-17 10:55:27 +01:00
cap-dev0x
c18430752a build(Dockerfile): replace deprecated MAINTAINER tag with label of the same 
Current syntax now used to denote the "WebGoat team" as maintainer

Link: https://docs.docker.com/reference/dockerfile/#label

Signed-off-by: cap-dev0x <158111888+cap-dev0x@users.noreply.github.com>
 2024-02-25 23:20:23 +01:00
François Capon
57d5b313b9 Fix typo in SQLi blind case 2024-02-10 16:02:35 +01:00
cap-dev0x
dd0f135088 fix(quiz): use $ instead of jQuery which is undefined (#1736) 
Fixes: #1703

Signed-off-by: cap-dev0x <158111888+cap-dev0x@users.noreply.github.com>
 2024-02-05 14:30:01 +01:00
dependabot[bot]
ad0286d5ba chore: bump actions/cache from 3.3.1 to 4.0.0 (#1729) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.3.1...v4.0.0)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-29 11:03:15 +01:00
dependabot[bot]
b67eb44142 chore: bump io.github.bonigarcia:webdrivermanager from 5.3.3 to 5.6.3 (#1716) 
Bumps [io.github.bonigarcia:webdrivermanager](https://github.com/bonigarcia/webdrivermanager) from 5.3.3 to 5.6.3.
- [Release notes](https://github.com/bonigarcia/webdrivermanager/releases)
- [Changelog](https://github.com/bonigarcia/webdrivermanager/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bonigarcia/webdrivermanager/compare/webdrivermanager-5.3.3...webdrivermanager-5.6.3)

---
updated-dependencies:
- dependency-name: io.github.bonigarcia:webdrivermanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-09 15:10:16 +01:00
dependabot[bot]
7e75e9b8fc chore: bump org.apache.commons:commons-exec from 1.3 to 1.4.0 (#1721) 
Bumps org.apache.commons:commons-exec from 1.3 to 1.4.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-exec
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-09 14:59:40 +01:00
dependabot[bot]
40c679ec5a chore: bump org.jsoup:jsoup from 1.16.1 to 1.17.2 (#1717) 
Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.16.1 to 1.17.2.
- [Release notes](https://github.com/jhy/jsoup/releases)
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md)
- [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.16.1...jsoup-1.17.2)

---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-09 14:51:32 +01:00
Peter Potrowl
4ebb869f5d Fix hidden links in MissingFunctionAC.html. (#1710) 2023-12-29 15:01:35 +01:00
Peter Potrowl
6bb7a182dc Fix typos in texts. 2023-12-14 23:00:59 +01:00
Peter Potrowl
cb2c99d38d Improve texts to avoid confusion. 2023-12-14 22:54:20 +01:00
dependabot[bot]
84029345b4 chore: bump actions/setup-java from 3 to 4 (#1698) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-06 20:17:13 +01:00
dependabot[bot]
a0ca199cdc chore: bump actions/setup-python from 4 to 5 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-06 19:39:28 +01:00
Nanne Baars
2058298e2d chore: move to SNAPSHOT 2023-12-06 17:35:12 +01:00
Nanne Baars
17acef57b4 chore: add pre-commit hooks 
chore: add pre-commit hooks

chore: add pre-commit hooks

chore: add pre-commit hooks

chore: add pre-commit hooks
 2023-12-06 17:16:24 +01:00
Nanne Baars
d913967ec5 refactor: remove usage of RequestMapping 2023-12-06 17:16:24 +01:00
Nanne Baars
87edc7d1db refactor: use AssertJ for testing 
Majority of our test cases use AssertJ
 2023-12-06 17:16:24 +01:00
Nanne Baars
ac7a9c7863 chore: update GitHub action name 2023-12-05 14:22:19 +01:00
dependabot[bot]
2803ef45e4 chore: bump org.webjars:bootstrap from 5.3.1 to 5.3.2 (#1693) 
Bumps [org.webjars:bootstrap](https://github.com/webjars/bootstrap) from 5.3.1 to 5.3.2.
- [Commits](https://github.com/webjars/bootstrap/compare/bootstrap-5.3.1...bootstrap-5.3.2)

---
updated-dependencies:
- dependency-name: org.webjars:bootstrap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 14:04:09 +01:00
Nanne Baars
5357a65e05 chore: release 2023.8 v2023.8 2023-12-05 11:21:15 +01:00
Nanne Baars
d343c60781 chore: do not spend time on building the Docker image 
We can test this ourselves there is no need to run this on every PR towards the repository.
 2023-12-05 11:15:53 +01:00
Nanne Baars
98acc1f55a fix: get the right Github token 2023-12-05 11:15:06 +01:00
Nanne Baars
f99888e61b fix: typo in the step of the name 2023-12-05 11:14:51 +01:00