diff --git a/.envrc b/.envrc index 068b8b84ce..71d4504f60 100644 --- a/.envrc +++ b/.envrc @@ -5,6 +5,11 @@ # shellcheck shell=sh # https://direnv.net/man/direnv-stdlib.1.html PATH_add bin + +export VIRTUAL_ENV=venv +layout python +use nvm + # shellcheck disable=SC2155 export PROJECT_DIR="$(pwd)" diff --git a/.github/workflows/license-check.yaml b/.github/workflows/license-check.yaml index bf94535edb..f9cadf756c 100644 --- a/.github/workflows/license-check.yaml +++ b/.github/workflows/license-check.yaml @@ -22,6 +22,6 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: REUSE Compliance Check - uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0 + uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0 with: args: --include-submodules lint diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 55e566d2aa..2b94813571 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -46,7 +46,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.github.io/flavors/ - uses: oxsecurity/megalinter@0dcbedd66ea456ba2d54fd350affaa15df8a0da3 # v9.0.1 + uses: oxsecurity/megalinter@62c799d895af9bcbca5eacfebca29d527f125a57 # v9.1.0 env: # All available variables are described in documentation # https://megalinter.github.io/configuration/ diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml index ce50803cd2..edaffbcd7d 100644 --- a/.github/workflows/oss-scorecard.yaml +++ b/.github/workflows/oss-scorecard.yaml @@ -33,6 +33,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 with: sarif_file: results.sarif diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml index 854c85cb4e..9d4d1c7c8e 100644 --- a/.github/workflows/release-build.yaml +++ b/.github/workflows/release-build.yaml @@ -425,7 +425,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set ENV Var with Scanner Version - uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2 + uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 # Notice: The current version of the scanner is provided via the Chart.yaml to ensure # there is only one place to edit the version of a scanner with: @@ -433,7 +433,7 @@ jobs: # extract the supported cpu architectures from the Chart.yaml - name: Set ENV Var with Supported Platforms - uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2 + uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: echo supportedPlatforms=$(yq e .annotations.supported-platforms scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV @@ -555,7 +555,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set ENV Var with Demo-Target Version - uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2 + uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 # Notice: The current version of the demo-target is provided via the Chart.yaml to ensure # there is only one place to edit the version of a scanner with: diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml index 1b4ffd9a41..c95dc20ed9 100644 --- a/.github/workflows/scb-bot.yaml +++ b/.github/workflows/scb-bot.yaml @@ -61,14 +61,14 @@ jobs: # Fetching scanner version from local chart .appVersion attribute # this would look like 1.1.1 or v1.1.1 depending on the corresponding Docker image tag - name: Fetch local scanner version - uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2 + uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: echo local=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV # Fetching scanner version API from local chart .annotations.versionApi attribute # This would look like https://api.github.com/repos/projectdiscovery/nuclei/releases/latest - name: Fetch scanner's version API - uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2 + uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: echo versionApi=$(yq e .annotations.versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV @@ -143,7 +143,7 @@ jobs: - name: Upgrade Scanner Helm Chart if: ${{ env.release != env.local && env.prExists == 0 && env.release != null}} - uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2 + uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: # appVersion value in chart is replaced with release value. Empty lines are deleted in the process cmd: yq e --inplace '.appVersion = "${{env.release}}"' ./scanners/${{ matrix.scanner }}/Chart.yaml diff --git a/.python-version b/.python-version index 71380f2427..f982feb41b 100644 --- a/.python-version +++ b/.python-version @@ -1 +1 @@ -3.9.10 \ No newline at end of file +3.14.0 diff --git a/.reuse/dep5 b/.reuse/dep5 deleted file mode 100644 index 64acaf960b..0000000000 --- a/.reuse/dep5 +++ /dev/null @@ -1,15 +0,0 @@ -Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: secureCodeBox -Upstream-Contact: Robert Felber -Source: https://github.com/secureCodeBox/secureCodeBox - -Files: .github/ISSUE_TEMPLATE/*.md -Copyright: the secureCodeBox authors -License: Apache-2.0 - -# Workaround because some of the test files hav content which confuses reuse -# and it will skip the file resulting in no copyright/license ifo which will -# fail our check. -Files: **/tests/__snapshot__/*.yaml.snap -Copyright: the secureCodeBox authors -License: Apache-2.0 diff --git a/REUSE.toml b/REUSE.toml new file mode 100644 index 0000000000..f2f92f8080 --- /dev/null +++ b/REUSE.toml @@ -0,0 +1,16 @@ +version = 1 +SPDX-PackageName = "secureCodeBox" +SPDX-PackageSupplier = "OWASP (https://owasp.org/)" +SPDX-PackageDownloadLocation = "https://github.com/secureCodeBox/secureCodeBox" + +[[annotations]] +path = ".github/ISSUE_TEMPLATE/**.md" +precedence = "aggregate" +SPDX-FileCopyrightText = "the secureCodeBox authors" +SPDX-License-Identifier = "Apache-2.0" + +[[annotations]] +path = "**/tests/__snapshot__/**.yaml.snap" +precedence = "aggregate" +SPDX-FileCopyrightText = "the secureCodeBox authors" +SPDX-License-Identifier = "Apache-2.0" diff --git a/bin/add-license-header.sh b/bin/add-license-header.sh index 98c66f3e59..2d2833c65f 100755 --- a/bin/add-license-header.sh +++ b/bin/add-license-header.sh @@ -17,7 +17,7 @@ # cat spdx-report.md | ./add-license-header.sh # # To generate the file list use `reuse lint`. This produces a Markdown report: -# docker run --rm --volume $(pwd):/data fsfe/reuse lint > spdx-report.md +# docker run --rm --volume $(pwd):/data fsfe/reuse --include-submodules lint > spdx-report.md # # See also: # - https://spdx.org diff --git a/scanners/nmap/examples/basic-example/nmap-results.xml b/scanners/nmap/examples/basic-example/nmap-results.xml index b2a9acd2df..cfe396cc54 100644 --- a/scanners/nmap/examples/basic-example/nmap-results.xml +++ b/scanners/nmap/examples/basic-example/nmap-results.xml @@ -1,10 +1,9 @@ + - - diff --git a/scanners/nmap/examples/example-with-parameters/nmap-results.xml b/scanners/nmap/examples/example-with-parameters/nmap-results.xml index 80267ee8d0..acbbcd59d5 100644 --- a/scanners/nmap/examples/example-with-parameters/nmap-results.xml +++ b/scanners/nmap/examples/example-with-parameters/nmap-results.xml @@ -1,10 +1,9 @@ + - - @@ -21,7 +20,7 @@ SPDX-License-Identifier: Apache-2.0 - +