WebGoat

Author	SHA1	Message	Date
dependabot[bot]	b940e5ce58	chore: bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#2022 ) Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-15 18:54:38 +01:00
Nanne Baars	9c90a24cc0	docs(CSRFFeedback.java): fixed one invalid solution about CSRF attack (#2010 ) Co-authored-by: HackHuang <GoogTech@outlook.com> Co-authored-by: HackHuang <hi@goog.tech>	2025-01-26 20:23:40 +01:00
dependabot[bot]	2ac50bfbd8	chore: bump docker/build-push-action from 6.11.0 to 6.12.0 (#2005 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.11.0 to 6.12.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-26 19:18:25 +01:00
Nanne Baars	d96dbe2edf	fix: build failure	2025-01-26 18:47:10 +01:00
Nanne Baars	8e45316638	feat: Introduce Playwright for UI testing Instead of using Robot Framework which does not run during a `mvn install`. Playwright seems to be the better approach. We can now write them as normal JUnit test and they are executed during a build. Additionally this PR solves some interesting bugs found during writing Playwright tests: - A reset of a lesson removes all assignments as a result another user wouldn't see any assignments - If someone solves an assignment the assignment automatically got solved for a new user since the assignment included the `solved` flag which immediately got copied to new lesson progress. - Introduction of assignment progress linking a assignment not directly to all users.	2025-01-26 16:59:59 +01:00
dependabot[bot]	9d5ab5fb21	chore: bump docker/setup-qemu-action from 3.1.0 to 3.3.0 (#2000 )	2025-01-14 23:33:20 +01:00
dependabot[bot]	aee7abc6b7	chore: bump docker/build-push-action from 6.10.0 to 6.11.0 (#2001 )	2025-01-14 23:32:04 +01:00
Nanne Baars	06e2fdbd33	refactor: use symbolic link for Java (#1996 )	2025-01-12 16:17:45 +01:00
dependabot[bot]	02f43c54d0	chore: bump org.springframework.boot:spring-boot-starter-parent (#1994 )	2024-12-25 11:00:53 +01:00
dependabot[bot]	19f4f8dc46	chore: bump com.google.guava:guava from 33.3.1-jre to 33.4.0-jre (#1995 )	2024-12-25 11:00:37 +01:00
Nanne Baars	112ca3ab22	fix: enable resource patterns again (#1993 ) `LessonScanner.java` got removed by mistake. Closes: gh-1992	2024-12-21 18:47:30 +01:00
Nanne Baars	0244655409	feat: Move to Java 23 Closes: gh-1990	2024-12-21 14:16:33 +01:00
dependabot[bot]	a95213757d	chore: bump org.springframework.boot:spring-boot-starter-parent from 3.3.5 to 3.4.0 (#1962 )	2024-12-16 20:16:10 +01:00
dependabot[bot]	6d90852c1f	chore: bump org.apache.commons:commons-text from 1.12.0 to 1.13.0 (#1986 )	2024-12-16 20:15:53 +01:00
Nanne Baars	4f8652758c	refactor: remove unused code (#1985 )	2024-12-15 13:06:49 +01:00
Nanne Baars	5fc2e0602c	refactor: move plugin messages (#1968 )	2024-12-03 22:13:44 +01:00
dependabot[bot]	f3c7f4588b	chore: bump docker/build-push-action from 6.9.0 to 6.10.0 (#1969 )	2024-12-03 22:13:24 +01:00
dependabot[bot]	119b84d034	chore: bump org.wiremock:wiremock-standalone from 3.9.2 to 3.10.0 (#1970 )	2024-12-03 22:13:11 +01:00
dependabot[bot]	afd951228d	chore: bump org.jsoup:jsoup from 1.18.1 to 1.18.3 (#1971 )	2024-12-03 22:13:00 +01:00
Jeong Rok Suh	51e3f59054	fix: Hint labels showing default text regardless of localization (#1965 )	2024-11-26 23:34:09 +01:00
dependabot[bot]	cc0efd8600	chore: bump commons-io:commons-io from 2.17.0 to 2.18.0 (#1961 )	2024-11-26 23:21:10 +01:00
dependabot[bot]	e29dccf3c9	chore: bump org.testcontainers:junit-jupiter from 1.20.3 to 1.20.4 (#1963 )	2024-11-26 23:20:25 +01:00
dependabot[bot]	0cf861fb3c	chore: bump org.testcontainers:testcontainers from 1.20.3 to 1.20.4 (#1964 )	2024-11-26 23:20:11 +01:00
Nanne Baars	d8100385b6	fix: automatically solve XSS mitigation (#1957 ) This PR moves the mitigation Java class into the correct package. The lesson was automatically solved because no assignments were found. Closes: #1943	2024-11-14 08:42:55 +01:00
Nanne Baars	4880afa0e3	fix: remove implicit context path guessing (#1956 ) Pass the context-path in the assignment overview so the frontend can easily match an assignment.	2024-11-13 21:32:28 +01:00
dependabot[bot]	e60ca6ce72	chore: bump org.jruby:jruby from 9.4.8.0 to 9.4.9.0 (#1954 )	2024-11-11 13:46:45 +01:00
dependabot[bot]	88a763f513	chore: bump org.testcontainers:junit-jupiter from 1.20.1 to 1.20.3 (#1946 ) Bumps [org.testcontainers:junit-jupiter](https://github.com/testcontainers/testcontainers-java) from 1.20.1 to 1.20.3. - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.20.1...1.20.3) --- updated-dependencies: - dependency-name: org.testcontainers:junit-jupiter dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-11-07 16:13:27 +01:00
dependabot[bot]	7f33d3609f	chore: bump org.apache.maven.plugins:maven-surefire-plugin (#1948 ) Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.5.1 to 3.5.2. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.1...surefire-3.5.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-11-07 16:13:10 +01:00
dependabot[bot]	bf02077427	chore: bump org.wiremock:wiremock-standalone from 3.9.1 to 3.9.2 (#1947 ) Bumps [org.wiremock:wiremock-standalone](https://github.com/wiremock/wiremock) from 3.9.1 to 3.9.2. - [Release notes](https://github.com/wiremock/wiremock/releases) - [Commits](https://github.com/wiremock/wiremock/compare/3.9.1...3.9.2) --- updated-dependencies: - dependency-name: org.wiremock:wiremock-standalone dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-11-07 15:46:43 +01:00
Nanne Baars	e1e00bca73	fix: JWT kid/jku lessons (#1949 ) * refactor: rewrite hints Use active voice and fix grammar issues. * fix: use Thymeleaf `th:action` * fix: JWT kid/jku lessons Split the JavaScript into two files they pointed to the same URL The JWTs are now valid, they parse successfully. The paths now include `/kid` and `/jku` to make sure the hints match accordingly in the UI. Otherwise `/delete` would pick up both hints from both assignments as the paths overlap. Closes: #1715 * fix: update to latest pre-commit version * fix: increase timeouts for server to start during integration tests	2024-11-07 15:45:33 +01:00
Nanne Baars	d59153d6d7	Fix password reset lesson (#1941 ) * docs: improve text * fix: use correct POST url	2024-10-29 17:32:51 +01:00
dependabot[bot]	87fae00f03	chore: bump commons-io:commons-io from 2.16.1 to 2.17.0 (#1937 ) Bumps commons-io:commons-io from 2.16.1 to 2.17.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-10-29 16:30:32 +01:00
Nanne Baars	3f6a74ad86	chore(gh-actions): update dependency	2024-10-28 22:02:02 +01:00
Nanne Baars	1d37ee0877	ci: run pre-commit checks first Create a dependency between the jobs.	2024-10-28 21:59:10 +01:00
Nanne Baars	4f6ab25ebd	ci: run pre-commit checks first	2024-10-28 21:57:43 +01:00
dependabot[bot]	af687e71fe	chore: bump com.google.guava:guava from 33.3.0-jre to 33.3.1-jre (#1939 )	2024-10-28 20:02:09 +01:00
dependabot[bot]	83ed4c3d5c	chore: bump org.testcontainers:testcontainers from 1.20.1 to 1.20.3 (#1935 )	2024-10-28 15:05:33 +01:00
dependabot[bot]	62cdfd0824	chore: bump com.github.terma:javaniotcpproxy from 1.5 to 1.6 (#1936 )	2024-10-28 15:04:15 +01:00
dependabot[bot]	e7457f4821	chore: bump org.apache.maven.plugins:maven-checkstyle-plugin (#1938 )	2024-10-28 15:04:01 +01:00
Nanne Baars	4efaf87c7e	Fix passing command line arguments (#1933 ) * fix: use banners correctly * fix: passing command line arguments Since we already have `webwolf.port` it makes sense to also define `webwolf.port` explicitly and not rely on `server.port` Closes: #1910	2024-10-27 08:39:02 +01:00
dependabot[bot]	cf5101a633	chore: bump org.asciidoctor:asciidoctorj from 2.5.13 to 3.0.0 (#1897 )	2024-10-26 22:53:43 +02:00
Nanne Baars	3f049ba53a	Nbaars/1886 (#1932 ) * improved code readbility * chore: format code --------- Co-authored-by: guilherme peixoto <peixoto-guilherme7@hotmail.com>	2024-10-26 22:18:28 +02:00
dependabot[bot]	7e294fbdb5	chore: bump org.apache.commons:commons-compress from 1.26.2 to 1.27.1 (#1884 )	2024-10-26 19:27:07 +02:00
dependabot[bot]	2177eb663a	chore: bump docker/build-push-action from 6.7.0 to 6.9.0 (#1920 )	2024-10-26 16:59:13 +02:00
François Capon	50692300eb	docs: Show boolean operators priority on `where` (#1902 )	2024-10-26 14:48:50 +02:00
dependabot[bot]	e2c2d425cb	chore: bump actions/cache from 4.0.2 to 4.1.1 (#1925 )	2024-10-26 14:25:04 +02:00
dependabot[bot]	6bbd3cb66b	chore: bump org.springframework.boot:spring-boot-starter-parent (#1931 )	2024-10-26 14:20:14 +02:00
Nanne Baars	d08a56d351	chore: add test for solving same lesson as different user. (#1930 ) We removed the constraint but did not add an extra testcase to cover this bug. Closes: #1890	2024-10-26 12:06:30 +02:00
dependabot[bot]	ec97568ec2	chore: bump org.apache.maven.plugins:maven-surefire-plugin (#1922 ) Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.3.1 to 3.5.1. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.3.1...surefire-3.5.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-10-26 10:55:02 +02:00
dependabot[bot]	9b68368b23	chore: bump pre-commit-ci/lite-action from 1.0.1 to 1.1.0 (#1926 ) Bumps [pre-commit-ci/lite-action](https://github.com/pre-commit-ci/lite-action) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/pre-commit-ci/lite-action/releases) - [Commits](https://github.com/pre-commit-ci/lite-action/compare/v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: pre-commit-ci/lite-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-10-26 10:54:46 +02:00

1 2 3 4 5 ...

3114 Commits