Skip to content

Bump the github-actions-version-updates group across 1 directory with 4 updates #3324

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Weltraumschaf merged 8 commits into from
Oct 14, 2025
Merged

Bump the github-actions-version-updates group across 1 directory with 4 updates #3324

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
6b4e525
Bump the github-actions-version-updates group across 1 directory with…
dependabot[bot] Oct 13, 2025
aacf0f9
Use The Latest Python Version
Weltraumschaf Oct 13, 2025
d919941
Load pyenv and nvm automatiocally, if direnv is installed
Weltraumschaf Oct 13, 2025
956556c
Same Arguments As In GH Workflow
Weltraumschaf Oct 13, 2025
f82bc67
Convert Deprecated Reuse config To New Format
Weltraumschaf Oct 13, 2025
d864850
Change Package Supplier to the Umbrella Organization We Publish it
Weltraumschaf Oct 13, 2025
75708a8
Fix XML Syntax: Nothing Allowed Before Preamble
Weltraumschaf Oct 13, 2025
5dfc9a1
Strip the SPDX From Captured Response
Weltraumschaf Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@
# shellcheck shell=sh
# https://direnv.net/man/direnv-stdlib.1.html
PATH_add bin

export VIRTUAL_ENV=venv
layout python
use nvm

# shellcheck disable=SC2155
export PROJECT_DIR="$(pwd)"

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/license-check.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,6 @@ jobs:
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

- name: REUSE Compliance Check
uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0
with:
args: --include-submodules lint
2 changes: 1 addition & 1 deletion .github/workflows/mega-linter.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:
id: ml
# You can override MegaLinter flavor used to have faster performances
# More info at https://megalinter.github.io/flavors/
uses: oxsecurity/megalinter@0dcbedd66ea456ba2d54fd350affaa15df8a0da3 # v9.0.1
uses: oxsecurity/megalinter@62c799d895af9bcbca5eacfebca29d527f125a57 # v9.1.0
env:
# All available variables are described in documentation
# https://megalinter.github.io/configuration/
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/oss-scorecard.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,6 @@ jobs:

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6
uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8
with:
sarif_file: results.sarif
6 changes: 3 additions & 3 deletions .github/workflows/release-build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -425,15 +425,15 @@ jobs:
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

- name: Set ENV Var with Scanner Version
uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2
uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1
# Notice: The current version of the scanner is provided via the Chart.yaml to ensure
# there is only one place to edit the version of a scanner
with:
cmd: echo scannerVersion=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV

# extract the supported cpu architectures from the Chart.yaml
- name: Set ENV Var with Supported Platforms
uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2
uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1
with:
cmd: echo supportedPlatforms=$(yq e .annotations.supported-platforms scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV

Expand Down Expand Up @@ -555,7 +555,7 @@ jobs:
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

- name: Set ENV Var with Demo-Target Version
uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2
uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1
# Notice: The current version of the demo-target is provided via the Chart.yaml to ensure
# there is only one place to edit the version of a scanner
with:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scb-bot.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,14 +61,14 @@ jobs:
# Fetching scanner version from local chart .appVersion attribute
# this would look like 1.1.1 or v1.1.1 depending on the corresponding Docker image tag
- name: Fetch local scanner version
uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2
uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1
with:
cmd: echo local=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV

# Fetching scanner version API from local chart .annotations.versionApi attribute
# This would look like https://api.github.com/repos/projectdiscovery/nuclei/releases/latest
- name: Fetch scanner's version API
uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2
uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1
with:
cmd: echo versionApi=$(yq e .annotations.versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV

Expand Down Expand Up @@ -143,7 +143,7 @@ jobs:

- name: Upgrade Scanner Helm Chart
if: ${{ env.release != env.local && env.prExists == 0 && env.release != null}}
uses: mikefarah/yq@6251e95af8df3505def48c71f3119836701495d6 # v4.47.2
uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1
with:
# appVersion value in chart is replaced with release value. Empty lines are deleted in the process
cmd: yq e --inplace '.appVersion = "${{env.release}}"' ./scanners/${{ matrix.scanner }}/Chart.yaml
Expand Down
2 changes: 1 addition & 1 deletion .python-version
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.9.10
3.14.0
15 changes: 0 additions & 15 deletions .reuse/dep5
View file
Open in desktop

This file was deleted.

16 changes: 16 additions & 0 deletions REUSE.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
version = 1
SPDX-PackageName = "secureCodeBox"
SPDX-PackageSupplier = "OWASP (https://owasp.org/)"
SPDX-PackageDownloadLocation = "https://github.com/secureCodeBox/secureCodeBox"

[[annotations]]
path = ".github/ISSUE_TEMPLATE/**.md"
precedence = "aggregate"
SPDX-FileCopyrightText = "the secureCodeBox authors"
SPDX-License-Identifier = "Apache-2.0"

[[annotations]]
path = "**/tests/__snapshot__/**.yaml.snap"
precedence = "aggregate"
SPDX-FileCopyrightText = "the secureCodeBox authors"
SPDX-License-Identifier = "Apache-2.0"
2 changes: 1 addition & 1 deletion bin/add-license-header.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
# cat spdx-report.md | ./add-license-header.sh
#
# To generate the file list use `reuse lint`. This produces a Markdown report:
# docker run --rm --volume $(pwd):/data fsfe/reuse lint > spdx-report.md
# docker run --rm --volume $(pwd):/data fsfe/reuse --include-submodules lint > spdx-report.md
#
# See also:
# - https://spdx.org
Expand Down
3 changes: 1 addition & 2 deletions scanners/nmap/examples/basic-example/nmap-results.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
SPDX-FileCopyrightText: the secureCodeBox authors

SPDX-License-Identifier: Apache-2.0
-->

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.92 scan initiated Sun Apr 9 11:00:21 2023 as: nmap -oX /home/securecodebox/nmap-results.xml scanme.nmap.org -->
Expand Down
5 changes: 2 additions & 3 deletions scanners/nmap/examples/example-with-parameters/nmap-results.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
SPDX-FileCopyrightText: the secureCodeBox authors

SPDX-License-Identifier: Apache-2.0
-->

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.92 scan initiated Sun Apr 9 10:54:38 2023 as: nmap -oX /home/securecodebox/nmap-results.xml -Pn -sV juice-shop.demo-targets.svc.cluster.local -->
Expand All @@ -21,7 +20,7 @@ SPDX-License-Identifier: Apache-2.0
<ports><extraports state="filtered" count="999">
<extrareasons reason="no-response" count="999" proto="tcp" ports="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
</extraports>
<port protocol="tcp" portid="3000"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="ppp" servicefp="SF-Port3000-TCP:V=7.92%I=7%D=4/9%Time=643299E3%P=aarch64-alpine-linux-musl%r(GetRequest,962,&quot;HTTP/1\.1\x20200\x20OK\r\nAccess-Control-Allow-Origin:\x20\*\r\nX-Content-Type-Options:\x20nosniff\r\nX-Frame-Options:\x20SAMEORIGIN\r\nFeature-Policy:\x20payment\x20&apos;self&apos;\r\nAccept-Ranges:\x20bytes\r\nCache-Control:\x20public,\x20max-age=0\r\nLast-Modified:\x20Sun,\x2009\x20Apr\x202023\x2010:53:36\x20GMT\r\nETag:\x20W/\&quot;7c3-18765a6650b\&quot;\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nContent-Length:\x201987\r\nVary:\x20Accept-Encoding\r\nDate:\x20Sun,\x2009\x20Apr\x202023\x2010:56:35\x20GMT\r\nConnection:\x20close\r\n\r\n&lt;!-&#45;\n\x20\x20~\x20Copyright\x20\(c\)\x202014-2021\x20Bjoern\x20Kimminich\x20&amp;\x20the\x20OWASP\x20Juice\x20Shop\x20contributors\.\n\x20\x20~\x20SPDX-License-Identifier:\x20MIT\n\x20\x20-&#45;&gt;&lt;!DOCTYPE\x20html&gt;&lt;html\x20lang=\&quot;en\&quot;&gt;&lt;head&gt;\n\x20\x20&lt;meta\x20charset=\&quot;utf-8\&quot;&gt;\n\x20\x20&lt;title&gt;OWASP\x20Juice\x20Shop&lt;/title&gt;\n\x20\x20&lt;meta\x20name=\&quot;description\&quot;\x20content=\&quot;Probably\x20the\x20most\x20modern\x20and\x20sophisticated\x20insecure\x20web\x20application\&quot;&gt;\n\x20\x20&lt;meta\x20name=\&quot;viewport\&quot;\x20content=\&quot;width=device-width,\x20initial-scale=1\&quot;&gt;\n\x20\x20&lt;link\x20id=\&quot;favicon\&quot;\x20rel=\&quot;icon\&quot;\x20type=\&quot;image/x-icon\&quot;\x20href=\&quot;assets/public/favicon_js\.ico&quot;)%r(Help,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(NCP,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(HTTPOptions,EA,&quot;HTTP/1\.1\x20204\x20No\x20Content\r\nAccess-Control-Allow-Origin:\x20\*\r\nAccess-Control-Allow-Methods:\x20GET,HEAD,PUT,PATCH,POST,DELETE\r\nVary:\x20Access-Control-Request-Headers\r\nContent-Length:\x200\r\nDate:\x20Sun,\x2009\x20Apr\x202023\x2010:56:35\x20GMT\r\nConnection:\x20close\r\n\r\n&quot;)%r(RTSPRequest,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(RPCCheck,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(DNSVersionBindReqTCP,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(DNSStatusRequestTCP,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;);" method="table" conf="3"/></port>
<port protocol="tcp" portid="3000"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="ppp" servicefp="SF-Port3000-TCP:V=7.92%I=7%D=4/9%Time=643299E3%P=aarch64-alpine-linux-musl%r(GetRequest,962,&quot;HTTP/1\.1\x20200\x20OK\r\nAccess-Control-Allow-Origin:\x20\*\r\nX-Content-Type-Options:\x20nosniff\r\nX-Frame-Options:\x20SAMEORIGIN\r\nFeature-Policy:\x20payment\x20&apos;self&apos;\r\nAccept-Ranges:\x20bytes\r\nCache-Control:\x20public,\x20max-age=0\r\nLast-Modified:\x20Sun,\x2009\x20Apr\x202023\x2010:53:36\x20GMT\r\nETag:\x20W/\&quot;7c3-18765a6650b\&quot;\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nContent-Length:\x201987\r\nVary:\x20Accept-Encoding\r\nDate:\x20Sun,\x2009\x20Apr\x202023\x2010:56:35\x20GMT\r\nConnection:\x20close\r\n\r\n&lt;!-&#45;\n\x20\x20~\x20Copyright\x20\(c\)\x202014-2021\x20Bjoern\x20Kimminich\x20&amp;\x20the\x20OWASP\x20Juice\x20Shop\x20contributors\.\n\x20\x20~\x20License-Identifier:\x20MIT\n\x20\x20-&#45;&gt;&lt;!DOCTYPE\x20html&gt;&lt;html\x20lang=\&quot;en\&quot;&gt;&lt;head&gt;\n\x20\x20&lt;meta\x20charset=\&quot;utf-8\&quot;&gt;\n\x20\x20&lt;title&gt;OWASP\x20Juice\x20Shop&lt;/title&gt;\n\x20\x20&lt;meta\x20name=\&quot;description\&quot;\x20content=\&quot;Probably\x20the\x20most\x20modern\x20and\x20sophisticated\x20insecure\x20web\x20application\&quot;&gt;\n\x20\x20&lt;meta\x20name=\&quot;viewport\&quot;\x20content=\&quot;width=device-width,\x20initial-scale=1\&quot;&gt;\n\x20\x20&lt;link\x20id=\&quot;favicon\&quot;\x20rel=\&quot;icon\&quot;\x20type=\&quot;image/x-icon\&quot;\x20href=\&quot;assets/public/favicon_js\.ico&quot;)%r(Help,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(NCP,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(HTTPOptions,EA,&quot;HTTP/1\.1\x20204\x20No\x20Content\r\nAccess-Control-Allow-Origin:\x20\*\r\nAccess-Control-Allow-Methods:\x20GET,HEAD,PUT,PATCH,POST,DELETE\r\nVary:\x20Access-Control-Request-Headers\r\nContent-Length:\x200\r\nDate:\x20Sun,\x2009\x20Apr\x202023\x2010:56:35\x20GMT\r\nConnection:\x20close\r\n\r\n&quot;)%r(RTSPRequest,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(RPCCheck,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(DNSVersionBindReqTCP,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;)%r(DNSStatusRequestTCP,2F,&quot;HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\n\r\n&quot;);" method="table" conf="3"/></port>
</ports>
<times srtt="3589" rttvar="4528" to="100000"/>
</host>
Expand Down
Loading