dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,148 Commits 11 Branches 78 Tags
f263888c032b1cb76d311e592b59487e1ee60b74
Commit Graph

179 Commits

Author SHA1 Message Date
dependabot[bot]
bc91ca86e8 Bump actions/cache from 2.1.7 to 3.0.2 (#1239) 
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.0.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v2.1.7...v3.0.2)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-11 18:14:54 +02:00
dependabot[bot]
1dadf20ee0 Bump actions/checkout from 2 to 3 (#1240) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-11 18:14:42 +02:00
dependabot[bot]
4ff41299e3 Bump actions/setup-java from 2 to 3 (#1241) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-11 18:14:28 +02:00
Nanne Baars
711649924b Refactoring (#1201) 
* Some initial refactoring

* Make it one application

* Got it working

* Fix problem on Windows

* Move WebWolf

* Move first lesson

* Moved all lessons

* Fix pom.xml

* Fix tests

* Add option to initialize a lesson

This way we can create content for each user inside a lesson. The initialize method will be called when a new user is created or when a lesson reset happens

* Clean up pom.xml files

* Remove fetching labels based on language.

We only support English at the moment, all the lesson explanations are written in English which makes it very difficult to translate. If we only had labels it would make sense to support multiple languages

* Fix SonarLint issues

* And move it all to the main project

* Fix for documentation paths

* Fix pom warnings

* Remove PMD as it does not work

* Update release notes about refactoring

Update release notes about refactoring

Update release notes about refactoring

* Fix lesson template

* Update release notes

* Keep it in the same repo in Dockerhub

* Update documentation to show how the connection is obtained.

Resolves: #1180

* Rename all integration tests

* Remove command from Dockerfile

* Simplify GitHub actions

Currently, we use a separate actions for pull-requests and branch build.
This is now consolidated in one action.
The PR action triggers always, it now only trigger when the PR is
opened and not in draft.
Running all platforms on a branch build is a bit too much, it is better
 to only run all platforms when someone opens a PR.

* Remove duplicate entry from release notes

* Add explicit registry for base image

* Lesson scanner not working when fat jar

When running the fat jar we have to take into account we
are reading from the jar file and not the filesystem. In
this case you cannot use `getFile` for example.

* added info in README and fixed release docker

* changed base image and added ignore file

Co-authored-by: Zubcevic.com <rene@zubcevic.com>
 2022-04-09 14:56:12 +02:00
neilnaveen
f3d8206a07 Set permissions for GitHub actions (#1228) 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
 2022-04-09 12:54:32 +02:00
dependabot[bot]
56f5b0f0fa Bump actions/cache from 2.1.7 to 3 (#1220) 
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.7...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-26 14:33:06 +01:00
dependabot[bot]
bed2eed8d8 Bump docker/build-push-action from 2.7.0 to 2.10.0 (#1218) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.7.0 to 2.10.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.10.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-26 14:32:53 +01:00
dependabot[bot]
984548ae88 Bump actions/checkout from 2 to 3 (#1213) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-09 14:52:49 +01:00
dependabot[bot]
32475ea37e Bump docker/login-action from 1.13.0 to 1.14.1 (#1214) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.13.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.13.0...v1.14.1)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-09 14:52:28 +01:00
dependabot[bot]
2332bf22a7 Bump docker/login-action from 1.12.0 to 1.13.0 (#1209) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:58:56 +01:00
dependabot[bot]
c5389f31c3 Bump docker/login-action from 1.9.0 to 1.12.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.9.0 to 1.12.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.9.0...v1.12.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-12-21 12:53:41 +01:00
Nanne Baars
a42f8fcf75 No progress information for Maven 2021-12-20 16:45:06 +01:00
dependabot[bot]
48fd7f310e Bump actions/cache from 2.1.5 to 2.1.7 
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.5 to 2.1.7.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.5...v2.1.7)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-23 13:21:52 +01:00
Nanne Baars
36bdd9b1a0 Rename master to main 2021-10-30 22:50:47 +02:00
Nanne Baars
6a92f651f8 Move to Java 17 2021-10-28 21:19:05 +02:00
Nanne Baars
e709a501cb Remove develop from branches to build 
The PR already works on a merge commit with develop no need to build it once more afterwards
 2021-10-24 13:12:48 +02:00
Nanne Baars
76af488d16 Move Github actions to same image as Docker run on 2021-10-24 13:08:52 +02:00
Nanne Baars
981fcb3ebc Move to different base image for Java 
This way we can also support arm/v7
 2021-10-24 13:08:40 +02:00
Nanne Baars
cc0d0fa2a6 Ignore branch builds on main repository 2021-10-24 11:51:47 +02:00
Nanne Baars
a4104fdf8b Ignore branch builds on our repository 2021-10-24 11:43:03 +02:00
Nanne Baars
720414eba6 Ignore branch builds on our repository 2021-10-24 11:40:13 +02:00
Nanne Baars
541c424eb9 Ignore branch builds on our repository 2021-10-24 11:36:35 +02:00
Nanne Baars
be2a6aa0bd Run only on branches 2021-10-24 11:25:15 +02:00
Nanne Baars
e5ab24a1fc Revert all GH actions work 2021-10-24 10:22:30 +02:00
Nanne Baars
b0174a6b26 Revert all GH actions work 2021-10-24 10:20:27 +02:00
Nanne Baars
cb8739ac06 Simplify Github actions 2021-10-24 10:16:52 +02:00
Nanne Baars
672d752e0e Simplify Github actions 2021-10-24 10:02:36 +02:00
Nanne Baars
8241d98a38 Simplify Github actions 2021-10-24 10:01:53 +02:00
Nanne Baars
86d3868d9e Simplify Github actions 2021-10-24 10:00:30 +02:00
Nanne Baars
2f007babec Simplify Github actions 2021-10-24 09:59:35 +02:00
Nanne Baars
7742444a99 Simplify Github actions 2021-10-24 09:58:28 +02:00
Nanne Baars
98bcef9a5e Simplify Github actions 2021-10-24 09:44:57 +02:00
Nanne Baars
c3f9772a27 Simplify Github actions 2021-10-24 09:39:37 +02:00
Nanne Baars
01d3453c41 Simplify Github actions 
Consolidate build steps to 1 script this way we don't run multiple builds for pushing a branch and create a PR.
 2021-10-24 09:30:00 +02:00
Nanne Baars
9e15e95001 Remove signoff action as it will not work with forked repositories 2021-10-02 17:49:42 +02:00
Nanne Baars
dc71975f27 No need to do mvn clean 2021-10-02 17:49:42 +02:00
Nanne Baars
b79a9c6b2c Build should use Java 16 2021-10-02 17:49:42 +02:00
Nanne Baars
8e6d87d429 Remove unnecessary action 2021-09-30 18:53:27 +02:00
Nanne Baars
5adf1d1dd7 Renaming the actions 2021-09-30 17:11:08 +02:00
Nanne Baars
5164514789 Remove Slack integration from build as it needs a token and will never work when PR is received from a fork. 2021-09-30 17:09:21 +02:00
Nanne Baars
f28bb09724 Remove action 2021-09-30 16:54:52 +02:00
dependabot[bot]
7602781a5b Bump actions/github-script from 0.3.0 to 5 
Bumps [actions/github-script](https://github.com/actions/github-script) from 0.3.0 to 5.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/0.3.0...v5)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-30 11:46:52 +02:00
Nanne Baars
fbf18440fb Revert "Use CLA again and add action to recheck it" 
This reverts commit b7a1edd0
 2021-09-29 20:02:42 +02:00
Nanne Baars
b7a1edd04a Use CLA again and add action to recheck it 2021-09-29 19:56:22 +02:00
Nanne Baars
14bb53d43a Add action to warn against PR against master (should be develop) 2021-09-29 19:00:29 +02:00
Nanne Baars
906ab766df Add action to warn against PR against master (should be develop) 2021-09-29 18:57:29 +02:00
Nanne Baars
902af04dd4 Add action to warn against PR against master (should be develop) 2021-09-29 18:45:00 +02:00
Nanne Baars
05bef55c80 Add action to warn against PR against master (should be develop) 2021-09-29 18:42:25 +02:00
Nanne Baars
5933d226af Add action to warn against PR against master (should be develop) 2021-09-29 18:31:19 +02:00
Nanne Baars
b7ff89243a Add action to warn against PR against master (should be develop) 2021-09-29 18:23:11 +02:00