Skip to content

[SCB-Bot] Upgraded sslyze from 6.0.0 to 6.1.0 #2829

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Ilyesbdlala merged 3 commits into from
Jan 28, 2025
Merged

[SCB-Bot] Upgraded sslyze from 6.0.0 to 6.1.0 #2829

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3b52383
Upgrading sslyze from 6.0.0 to 6.1.0
secureCodeBoxBot Jan 4, 2025
a3a1155
Removed the fix for handling the missing timezone for sslyze date_sca…
Ilyesbdlala Jan 28, 2025
fd7f5e8
Updated the SSLyze test files to include the timezone indicator to da…
Ilyesbdlala Jan 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion scanners/sslyze/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ description: A Helm chart for the SSLyze security scanner that integrates with t
type: application
# version - gets automatically set to the secureCodeBox release version when the helm charts gets published
version: v3.1.0-alpha1
appVersion: "6.0.0"
appVersion: "6.1.0"
kubeVersion: ">=v1.11.0-0"
annotations:
versionApi: https://api.github.com/repos/nabla-c0d3/sslyze/releases/latest
Expand Down
2 changes: 1 addition & 1 deletion scanners/sslyze/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ title: "SSLyze"
category: "scanner"
type: "SSL"
state: "released"
appVersion: "6.0.0"
appVersion: "6.1.0"
usecase: "SSL/TLS Configuration Scanner"
---

Expand Down
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/expired.badssl.com.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4825,8 +4825,8 @@
}
}
],
"date_scans_started": "2024-09-02T16:59:51.321383",
"date_scans_completed": "2024-09-02T17:00:21.006750",
"date_scans_started": "2024-09-02T16:59:51.321383Z",
"date_scans_completed": "2024-09-02T17:00:21.006750Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/google.com.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10223,8 +10223,8 @@
}
}
],
"date_scans_started": "2024-09-02T16:49:24.314457",
"date_scans_completed": "2024-09-02T16:49:27.875541",
"date_scans_started": "2024-09-02T16:49:24.314457Z",
"date_scans_completed": "2024-09-02T16:49:27.875541Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/no-certificate_deployments.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4049,8 +4049,8 @@
}
}
],
"date_scans_started": "2024-09-09T11:58:10.192252",
"date_scans_completed": "2024-09-09T11:58:19.094409",
"date_scans_started": "2024-09-09T11:58:10.192252Z",
"date_scans_completed": "2024-09-09T11:58:19.094409Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/revoked.badssl.com.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"date_scans_completed": "2021-12-22T12:56:13.259283",
"date_scans_started": "2021-12-22T12:55:23.830874",
"date_scans_completed": "2021-12-22T12:56:13.259283Z",
"date_scans_started": "2021-12-22T12:55:23.830874Z",
"server_scan_results": [
{
"connectivity_error_trace": null,
Expand Down
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/self-signed.badssl.com.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4609,8 +4609,8 @@
}
}
],
"date_scans_started": "2024-09-02T17:12:09.830072",
"date_scans_completed": "2024-09-02T17:12:40.417711",
"date_scans_started": "2024-09-02T17:12:09.830072Z",
"date_scans_completed": "2024-09-02T17:12:40.417711Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6161,8 +6161,8 @@
}
}
],
"date_scans_started": "2024-09-02T16:56:57.661483",
"date_scans_completed": "2024-09-02T16:57:27.742230",
"date_scans_started": "2024-09-02T16:56:57.661483Z",
"date_scans_completed": "2024-09-02T16:57:27.742230Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/unavailable-host.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@
"scan_result": null
}
],
"date_scans_started": "2024-09-03T11:16:28.459875",
"date_scans_completed": "2024-09-03T11:16:33.493072",
"date_scans_started": "2024-09-03T11:16:28.459875Z",
"date_scans_completed": "2024-09-03T11:16:33.493072Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4729,8 +4729,8 @@
}
}
],
"date_scans_started": "2024-09-02T17:08:17.745208",
"date_scans_completed": "2024-09-02T17:08:47.154682",
"date_scans_started": "2024-09-02T17:08:17.745208Z",
"date_scans_completed": "2024-09-02T17:08:47.154682Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/wrong.host.badssl.com.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4649,8 +4649,8 @@
}
}
],
"date_scans_started": "2024-09-02T17:05:34.041854",
"date_scans_completed": "2024-09-02T17:06:04.108674",
"date_scans_started": "2024-09-02T17:05:34.041854Z",
"date_scans_completed": "2024-09-02T17:06:04.108674Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
4 changes: 2 additions & 2 deletions scanners/sslyze/parser/__testFiles__/www.securecodebox.io.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5953,8 +5953,8 @@
}
}
],
"date_scans_started": "2024-09-02T16:51:10.448915",
"date_scans_completed": "2024-09-02T16:51:14.980658",
"date_scans_started": "2024-09-02T16:51:10.448915Z",
"date_scans_completed": "2024-09-02T16:51:14.980658Z",
"sslyze_version": "6.0.0",
"sslyze_url": "https://github.com/nabla-c0d3/sslyze"
}
10 changes: 2 additions & 8 deletions scanners/sslyze/parser/parser.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,15 +21,9 @@ function parse(fileContent) {
console.log("Parsing Result File");
console.log(JSON.stringify(fileContent));
}

if (fileContent.date_scans_completed) {
// I ran into an issue where the time coverted to ISO String was dependant from the timezone of the machine running the test.
// This means that if GitHub Actions CI time and local time are different the test will fail.
// To fix this we need to enforce the timezone in the date string.
// sslyze uses UTC time internally for the date_scans_completed field.
// https://github.com/nabla-c0d3/sslyze/blob/8ad73ec3d698c826bf3682aacbee2d91e4a2cdbc/sslyze/__main__.py#L83
// To enforce UTC time, we can just add a Z to the end of the date string.
serverScanResult.identified_at = new Date(fileContent.date_scans_completed+ "Z").toISOString();
serverScanResult.identified_at = new Date(fileContent.date_scans_completed).toISOString();
}

const partialFindings = [
Expand Down