8a35316985
Rename to bypassrestrictions
2022-07-31 22:39:21 +02:00
c63345e4ee
Rename authbypass
2022-07-31 22:39:21 +02:00
005b9f03a4
search the menu using input box ( #1317 )
...
* working version
* change onchange to oninput with minimum of three chars
* working version with delay and fix for category click
2022-07-31 20:45:09 +02:00
4d48bd3d4c
fix in style sheet that now shows normal dropdown behaviour ( #1315 )
2022-07-27 13:44:23 +02:00
71afc6b6f3
Workflow fix ( #1311 )
...
* conditional step
* conditional step
2022-07-25 09:55:24 +02:00
242fdf39a1
Fixes #1233 - Path traversal seems to contain wrong description
2022-07-24 22:09:16 +02:00
37163a99a6
Remove unused script
2022-07-24 15:34:43 +02:00
126ead2290
Add release notes
2022-07-24 15:34:43 +02:00
928bc32f4f
Update README.md
2022-07-24 15:34:08 +02:00
6b63aaf8b1
Robot framework ( #1304 )
...
* added Robot framework UI tests
* added Robot framework UI tests workflow
* Update test.yml
wait in workflow
* remove obsolete selenium java libs and test
* Update test.yml
push result to commit as comment
* Update test.yml
push comment does not seem to work on WebGoat PR
* clean up unrequired robot options
* update readme
2022-07-24 12:28:01 +02:00
c4f16ceff6
Update README.md
2022-07-23 21:56:39 +02:00
4050d1817c
Move to JRE image
2022-07-23 09:39:52 +02:00
37186e1d90
Explicity add ports to Java command
...
This way we don't have to mention it somewhere in the documentation it is all in one command
2022-07-23 09:39:52 +02:00
06b7244de7
Move XXE lesson to category A3: Injection
2022-07-23 09:39:52 +02:00
260168bb3f
Remove automatic selection of a random port
2022-07-23 09:39:52 +02:00
af9ba18040
Bump docker/build-push-action from 3.0.0 to 3.1.0 ( #1302 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v3.0.0...v3.1.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 18:50:11 +02:00
20dd3ffb95
Lang switch ( #1297 )
...
* language selector first steps
* language german intro added
* ascii doc lang attribute as additional option
* removed some commented code
* changed adoc resource loader to take into account the selected language
* added readme
* added lang test cases
2022-07-20 10:52:48 +02:00
24fcc8f321
Use starting instead of using.
2022-07-19 21:17:09 +02:00
ff965c83be
Adjust year
2022-07-19 21:17:09 +02:00
2aa3609461
Fix typo
2022-07-19 21:17:09 +02:00
fe7774bb6f
Update documentation regarding WebWolf
...
WebWolf no longer runs as a separate application we can simplify the description.
2022-07-19 21:17:09 +02:00
9e3eb39069
removed one duplicate label key and made all login and register fields multi language ( #1296 )
2022-07-16 06:53:39 +02:00
7add1ef73e
hints tested ( #1295 )
2022-07-15 12:44:37 +02:00
4fc03381a8
Label hint tests ( #1293 )
...
* label test
* adjusted it test filter
* label test added
2022-07-15 08:17:11 +02:00
16af4272a5
joda time refactored some dep fix ( #1292 )
2022-07-14 09:11:06 +02:00
b47568ed69
Bump actions/cache from 3.0.4 to 3.0.5 ( #1291 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.0.4...v3.0.5 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-14 09:03:51 +02:00
f8b7ca5c85
Pom update ( #1290 )
...
* asciidoctorj update
* pom and suppression updates
2022-07-11 13:28:44 +02:00
e4eb5d783a
Some updates and code improvements ( #1288 )
...
* try with resources
* StringBuilder
* removed ant and updated spring boot
2022-07-10 17:13:26 +02:00
7dd0dd0923
Bump actions/cache from 3.0.3 to 3.0.4 ( #1270 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.0.3...v3.0.4 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 15:25:31 +02:00
aeb481e561
Bump actions/cache from 3.0.2 to 3.0.3 ( #1260 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.0.2...v3.0.3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-04 18:06:55 +02:00
8a22c88d61
Bump docker/build-push-action from 2.10.0 to 3.0.0 ( #1252 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 08:36:51 +02:00
724666e10f
Bump docker/setup-buildx-action from 1 to 2 ( #1253 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 08:36:39 +02:00
4953dd63ed
Bump docker/setup-qemu-action from 1.1.0 to 2.0.0 ( #1254 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1.1.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.1.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 08:36:28 +02:00
a32055995d
Bump docker/login-action from 1.14.1 to 2.0.0 ( #1255 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 08:36:01 +02:00
3c0b243797
Added new active developer ( #1249 )
...
Fix footer
2022-05-06 07:34:49 +02:00
dfa31e0a28
JWT doc code typo fix ( #1247 )
2022-04-20 08:16:21 +02:00
b32240f96b
owasp top10-2021 ( #1235 )
2022-04-11 21:12:41 +02:00
02c3f9551f
update spring boot ( #1242 )
2022-04-11 21:12:10 +02:00
bc91ca86e8
Bump actions/cache from 2.1.7 to 3.0.2 ( #1239 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2.1.7 to 3.0.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v2.1.7...v3.0.2 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 18:14:54 +02:00
1dadf20ee0
Bump actions/checkout from 2 to 3 ( #1240 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 18:14:42 +02:00
4ff41299e3
Bump actions/setup-java from 2 to 3 ( #1241 )
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 18:14:28 +02:00
a9fa53535d
Fix Build Badge and Link ( #1238 )
2022-04-11 07:45:58 +02:00
711649924b
Refactoring ( #1201 )
...
* Some initial refactoring
* Make it one application
* Got it working
* Fix problem on Windows
* Move WebWolf
* Move first lesson
* Moved all lessons
* Fix pom.xml
* Fix tests
* Add option to initialize a lesson
This way we can create content for each user inside a lesson. The initialize method will be called when a new user is created or when a lesson reset happens
* Clean up pom.xml files
* Remove fetching labels based on language.
We only support English at the moment, all the lesson explanations are written in English which makes it very difficult to translate. If we only had labels it would make sense to support multiple languages
* Fix SonarLint issues
* And move it all to the main project
* Fix for documentation paths
* Fix pom warnings
* Remove PMD as it does not work
* Update release notes about refactoring
Update release notes about refactoring
Update release notes about refactoring
* Fix lesson template
* Update release notes
* Keep it in the same repo in Dockerhub
* Update documentation to show how the connection is obtained.
Resolves : #1180
* Rename all integration tests
* Remove command from Dockerfile
* Simplify GitHub actions
Currently, we use a separate actions for pull-requests and branch build.
This is now consolidated in one action.
The PR action triggers always, it now only trigger when the PR is
opened and not in draft.
Running all platforms on a branch build is a bit too much, it is better
to only run all platforms when someone opens a PR.
* Remove duplicate entry from release notes
* Add explicit registry for base image
* Lesson scanner not working when fat jar
When running the fat jar we have to take into account we
are reading from the jar file and not the filesystem. In
this case you cannot use `getFile` for example.
* added info in README and fixed release docker
* changed base image and added ignore file
Co-authored-by: Zubcevic.com <rene@zubcevic.com >
2022-04-09 14:56:12 +02:00
f3d8206a07
Set permissions for GitHub actions ( #1228 )
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com >
2022-04-09 12:54:32 +02:00
56f5b0f0fa
Bump actions/cache from 2.1.7 to 3 ( #1220 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2.1.7 to 3.
- [Release notes](https://github.com/actions/cache/releases )
- [Commits](https://github.com/actions/cache/compare/v2.1.7...v3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-26 14:33:06 +01:00
bed2eed8d8
Bump docker/build-push-action from 2.7.0 to 2.10.0 ( #1218 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.7.0 to 2.10.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.10.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-26 14:32:53 +01:00
984548ae88
Bump actions/checkout from 2 to 3 ( #1213 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 14:52:49 +01:00
32475ea37e
Bump docker/login-action from 1.13.0 to 1.14.1 ( #1214 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.13.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.13.0...v1.14.1 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 14:52:28 +01:00
2332bf22a7
Bump docker/login-action from 1.12.0 to 1.13.0 ( #1209 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.12.0...v1.13.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-28 07:58:56 +01:00
3bc009297e
Update SessionManagementTest.java ( #1198 )
...
url() is required in this case. You will notice it when changing host name or when using https
2021-12-23 17:07:55 +01:00
