wrongsecrets | Kubernetes Ecosystem Directory

Bot releases are visible (Hide)

wrongsecrets - 1.9.0: K8s 1.30, no Consul, Java 22, new challenges and automation leaps Latest Release

Published by commjoen 3 months ago

What's Changed

This version is another new content & LCM release: we've added a cool and exciting challenge about Kubernetes Sealed Secrets! We upgraded to K8s 1.30, removed our dependency on Consul (less resources required to play!), and added a lot of automation to see if everything works the way it should. Next, we started compiling everything for Java 22. In other words: time for a big version bump!

New Challenges

Vault sidecar challenge2 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1405
Update challenge48 to have both solutions in 1 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1521
Sealed Secret in Kubernetes Challenge by @Shubham-Patel07 in https://github.com/OWASP/wrongsecrets/pull/1452

Fixes

fix: add documentation on TLS for AWS and GCP by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1407
fix: change healthcheck path by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1409
fix: add terratest for challenge disabled by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1410
attempt to fix k8s workflows by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1449
Hotfix: remove Colima support by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1450
fix for links by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1454
Add misssing oglang deps for dependabot by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1503
Fix dependabot by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1504
feat: bump to k8s 1.30 and remove consul by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1500

LCM

Bump org.webjars:datatables from 1.13.5 to 2.0.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1350
Bump hashicorp/google-beta from 5.25.0 to 5.27.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1371
Bump hashicorp/google from 5.25.0 to 5.27.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1372
Update terraform-aws-modules/vpc/aws requirement from ~> 5.7.0 to ~> 5.8.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1376
Bump hashicorp/aws from 5.45.0 to 5.47.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1375
Bump hashicorp/aws from 5.45.0 to 5.47.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1379
Bump eclipse-temurin from 22_36-jre-alpine to 22.0.1_8-jre-alpine by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1374
Update terraform-aws-modules/vpc/aws requirement from ~> 5.7.0 to ~> 5.8.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1381
Bump hashicorp/azurerm from 3.99.0 to 3.101.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1373
Bump aws.sdk.version from 2.25.40 to 2.25.42 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1377
Bump com.puppycrawl.tools:checkstyle from 10.15.0 to 10.16.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1378
Bump org.jruby:jruby-complete from 9.4.6.0 to 9.4.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1382
Bump io.gatling.highcharts:gatling-charts-highcharts from 3.11.1 to 3.11.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1380
Bump globals from 15.0.0 to 15.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1383
Bump eslint-plugin-n from 17.2.1 to 17.4.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1385
Bump eslint-plugin-cypress from 2.15.2 to 3.0.2 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1388
Bump cypress from 13.7.3 to 13.8.1 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1391
Bump eslint-plugin-n from 17.2.1 to 17.4.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1390
Bump cypress from 13.7.3 to 13.8.1 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1395
Bump eslint-plugin-jest from 28.2.0 to 28.5.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1401
Bump eslint-plugin-jest from 28.2.0 to 28.3.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1393
Bump eslint-plugin-jest from 28.2.0 to 28.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1400
Bump @eslint/js from 9.0.0 to 9.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1399
Bump eslint-plugin-jest from 28.3.0 to 28.5.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1402
Bump eslint-plugin-n from 17.2.1 to 17.4.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1396
Bump eslint-plugin-cypress from 2.15.2 to 3.1.1 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1404
Bump requests from 2.31.0 to 2.32.0 in /scripts/sort_contibutors by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1406
Bump eslint from 8.57.0 to 9.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1398
Bump cypress from 13.8.1 to 13.10.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1413
Bump eslint from 9.3.0 to 9.4.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1415
Bump eslint-plugin-chai-friendly from 0.7.4 to 0.8.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1414
Bump eslint-plugin-cypress from 3.2.0 to 3.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1424
Bump cypress from 13.8.1 to 13.10.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1443
Bump eslint-plugin-cypress from 3.2.0 to 3.3.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1440
Bump org.codehaus.mojo:tidy-maven-plugin from 1.2.0 to 1.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1436
Bump eslint-plugin-chai-friendly from 0.7.4 to 0.8.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1438
Bump eslint from 9.3.0 to 9.4.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1426
Bump eslint-plugin-cypress from 3.2.0 to 3.3.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1416
Bump eslint-plugin-chai-friendly from 0.7.4 to 0.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1420
Bump eslint from 9.3.0 to 9.4.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1432
Bump @babel/preset-env from 7.24.5 to 7.24.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1422
Bump @babel/eslint-parser from 7.24.5 to 7.24.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1421
Bump org.cyclonedx:cyclonedx-core-java from 8.0.3 to 9.0.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1434
Bump io.gatling.highcharts:gatling-charts-highcharts from 3.11.2 to 3.11.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1447
Bump io.gatling:gatling-maven-plugin from 4.9.0 to 4.9.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1444
Bump hashicorp/google from 5.27.0 to 5.31.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1417
Bump hashicorp/google-beta from 5.27.0 to 5.31.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1418
Bump hashicorp/random from 3.6.1 to 3.6.2 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1419
Bump hashicorp/azurerm from 3.101.0 to 3.106.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1429
Bump hashicorp/random from 3.6.1 to 3.6.2 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1433
Bump hashicorp/random from 3.6.1 to 3.6.2 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1435
Bump hashicorp/aws from 5.47.0 to 5.52.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1448
Bump terraform-aws-modules/eks/aws from 20.8.5 to 20.13.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1437
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.4.0 to 4.8.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1423
Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1442
Bump aws.sdk.version from 2.25.42 to 2.25.64 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1439
Bump com.github.spotbugs:spotbugs-annotations from 4.8.4 to 4.8.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1431
Bump com.azure.spring:spring-cloud-azure-dependencies from 5.11.0 to 5.12.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1445
Bump org.springframework.cloud:spring-cloud-dependencies from 2023.0.1 to 2023.0.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1430
Bump com.google.cloud:spring-cloud-gcp-dependencies from 5.1.2 to 5.4.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1425
Bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1427
Bump asciidoctorj.version from 2.5.12 to 2.5.13 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1428
Bump urllib3 from 2.2.1 to 2.2.2 in /scripts/sort_contibutors by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1451
Bump org.cyclonedx:cyclonedx-core-java from 9.0.2 to 9.0.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1453
Bump org.springframework.boot:spring-boot-starter-parent from 3.2.5 to 3.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1446
Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1455
Bump eslint-plugin-chai-friendly from 0.8.0 to 1.0.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1492
Bump @babel/preset-env from 7.24.6 to 7.24.7 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1491
Bump eslint from 9.4.0 to 9.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1490
Bump hashicorp/azurerm from 3.106.1 to 3.110.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1482
Bump hashicorp/http from 3.4.2 to 3.4.3 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1481
Bump hashicorp/http from 3.4.2 to 3.4.3 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1480
Bump hashicorp/aws from 5.52.0 to 5.56.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1479
Bump hashicorp/google from 5.31.1 to 5.35.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1458
Bump hashicorp/google-beta from 5.31.1 to 5.35.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1457
Bump hashicorp/http from 3.4.2 to 3.4.3 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1456
Bump terraform-aws-modules/eks/aws from 20.13.0 to 20.15.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1478
Bump @babel/eslint-parser from 7.24.6 to 7.24.7 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1488
Bump globals from 15.3.0 to 15.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1489
Bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1470
Bump io.gatling.highcharts:gatling-charts-highcharts from 3.11.3 to 3.11.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1466
Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1475
Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.5.0 to 2.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1469
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.5.0 to 4.8.6.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1477
Bump mocha from 10.4.0 to 10.5.2 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1460
Bump cypress from 13.10.0 to 13.13.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1498
Bump eslint from 9.4.0 to 9.6.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1461
Bump globals from 15.3.0 to 15.7.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1463
Bump org.springframework.boot:spring-boot-starter-parent from 3.3.0 to 3.3.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1471
Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1474
Bump javascript-obfuscator from 4.1.0 to 4.1.1 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1464
Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1493
Bump org.webjars:datatables from 2.0.3 to 2.0.7 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1441
Bump cypress from 13.10.0 to 13.12.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1483
Bump mocha from 10.4.0 to 10.5.2 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1485
Bump eslint from 9.4.0 to 9.6.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1487
Bump com.github.spotbugs:spotbugs from 4.8.5 to 4.8.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1476
Bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1468
Bump com.google.cloud:spring-cloud-gcp-dependencies from 5.4.1 to 5.4.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1467
Bump globals from 15.3.0 to 15.7.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1486
Bump globals from 15.3.0 to 15.8.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1499
Bump eslint-plugin-chai-friendly from 0.8.0 to 1.0.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1484
Bump eslint-plugin-chai-friendly from 0.8.0 to 1.0.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1459
Bump aws.sdk.version from 2.25.64 to 2.26.15 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1496
Bump io.gatling:gatling-maven-plugin from 4.9.1 to 4.9.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1494
build(deps): bump certifi from 2024.2.2 to 2024.7.4 in /scripts/sort_contibutors by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1501
Bump minimatch from 9.0.4 to 9.0.5 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1465
build(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1502
build(deps): bump hashicorp/aws from 5.56.1 to 5.57.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1520
build(deps): bump hashicorp/google from 5.35.0 to 5.36.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1518
build(deps): bump hashicorp/azurerm from 3.110.0 to 3.111.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1517
build(deps): bump hashicorp/google-beta from 5.35.0 to 5.36.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1512
build(deps): update terraform-aws-modules/vpc/aws requirement from ~> 5.8.1 to ~> 5.9.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1506
build(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.1 to 4.8.6.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1513
build(deps): bump terraform-aws-modules/eks/aws from 20.16.0 to 20.17.2 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1505
build(deps-dev): bump globals from 15.7.0 to 15.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1508
build(deps-dev): bump cypress from 13.12.0 to 13.13.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1511
build(deps-dev): bump mocha from 10.5.2 to 10.6.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1510
build(deps): bump github.com/gruntwork-io/terratest from 0.44.0 to 0.46.16 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1516
build(deps-dev): bump mocha from 10.5.2 to 10.6.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1509
build(deps): bump github.com/gruntwork-io/terratest from 0.44.0 to 0.46.16 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1514
build(deps): bump github.com/gruntwork-io/terratest from 0.44.0 to 0.46.16 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1515
build(deps): bump org.jruby:jruby-complete from 9.4.7.0 to 9.4.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1519
build(deps): bump aws.sdk.version from 2.26.15 to 2.26.16 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1507

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.8.5...1.9.0

Special Thanks

We would like to thank @nbaars , @Shubham-Patel07 , @bendehaan , and @commjoen for their hard work on this release!

wrongsecrets - 1.8.5: Java 22, challenge fixes, automation, and textual updates

Published by commjoen 6 months ago

What's Changed

This version is a big LCM release, where we upgraded to Java22, and made a lot of the challenges easier to read. On top of that we extended the end2end tests a lot and made them part of our automations, in order to catch bugs faster.

Fixes

Hotfix contributor patch by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1275
Install libstdc++ to fix issue 1279 by @Wind010 in https://github.com/OWASP/wrongsecrets/pull/1280
Fix challenge29 heroku by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1297
Correct hint file reference for Challenge 34 by @dannylloyd in https://github.com/OWASP/wrongsecrets/pull/1307
Fix for #1113 with docs: Document how to disable challenges by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1308
Fix Zap workflow by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1315
Make hint more explicit for challenge1 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1316
Fix CdoeQL for java 22 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1318
Added missing contributors to readme by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1319
Fixes for challenge 3, 4 and 8 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1320
Update the cypress tests for #1306 to check for error codes by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1309
Update README.md by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1323
Update challenge8.adoc by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1321
Add cypress testing to docker test and as a workflow for heroku by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1322
update challenge 12 hints by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1325
update final parts for cypress testing (k8s, docker) by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1324
Update challenge6.adoc to make it clear which version we are looking for by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1361
Update challenge6.adoc by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1362
Fixed hints based on feedback by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1359

Java 22

First version of java 22 moving back to temurin alpine by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1281
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1278
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1277
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1276
Bump hashicorp/google from 5.18.0 to 5.22.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1296
Bump hashicorp/azurerm from 3.94.0 to 3.97.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1292
Bump terraform-aws-modules/eks/aws from 20.5.0 to 20.8.4 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1295
Update terraform-aws-modules/vpc/aws requirement from ~> 5.5.1 to ~> 5.7.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1294
Bump hashicorp/google-beta from 5.18.0 to 5.22.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1289
Bump aws.sdk.version from 2.25.20 to 2.25.21 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1283
Bump @commitlint/config-conventional from 19.0.3 to 19.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1287
Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.15.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1298
Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.11 to 2.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1288
Bump terraform-aws-modules/eks/aws from 20.5.0 to 20.8.4 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1304
Bump hashicorp/azurerm from 3.94.0 to 3.97.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1301
Bump hashicorp/google-beta from 5.18.0 to 5.22.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1300
Bump hashicorp/google from 5.18.0 to 5.22.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1299
Bump hashicorp/aws from 5.39.1 to 5.43.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1293
Update terraform-aws-modules/vpc/aws requirement from ~> 5.5.1 to ~> 5.7.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1303
Bump asciidoctorj.version from 2.5.11 to 2.5.12 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1284
Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.3.0 to 2.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1305
Bump com.google.cloud:spring-cloud-gcp-dependencies from 5.0.4 to 5.1.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1290
Bump zaproxy/action-baseline from 0.11.0 to 0.12.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1311
Bump minimatch from 9.0.3 to 9.0.4 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1285
Bump idna from 3.4 to 3.7 in /scripts/sort_contibutors by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1312
Bump azure/setup-helm from 3.5 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1313
Bump colima plugin by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1317
Bump eslint-plugin-cypress from 2.15.1 to 2.15.2 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1342
Bump @commitlint/config-conventional from 18.6.3 to 19.2.2 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1341
Bump eslint-plugin-cypress from 2.15.1 to 2.15.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1340
Bump @commitlint/config-conventional from 18.6.0 to 19.2.2 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1338
Bump hashicorp/random from 3.6.0 to 3.6.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1351
Bump terraform-aws-modules/eks/aws from 20.8.4 to 20.8.5 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1349
Bump hashicorp/aws from 5.43.0 to 5.45.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1348
Bump hashicorp/azurerm from 3.97.1 to 3.99.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1347
Bump hashicorp/google-beta from 5.22.0 to 5.25.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1346
Bump hashicorp/google from 5.22.0 to 5.25.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1339
Bump hashicorp/random from 3.6.0 to 3.6.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1328
Bump hashicorp/random from 3.6.0 to 3.6.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1327
Bump eslint-plugin-jest from 27.6.3 to 28.2.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1330
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.3.1 to 4.8.4.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1344
Bump eslint-plugin-jest from 27.9.0 to 28.2.0 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1336
Bump aws.sdk.version from 2.25.21 to 2.25.31 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1329
Bump eslint-plugin-n from 16.6.2 to 17.2.1 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1345
Bump eslint-plugin-n from 16.6.2 to 17.2.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1343
Bump mocha from 10.3.0 to 10.4.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1333
Bump eslint-plugin-jest from 27.9.0 to 28.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1331
Bump eslint-plugin-n from 16.6.2 to 17.2.1 in /src/test/K8s-tests by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1326
Bump com.github.spotbugs:spotbugs-annotations from 4.8.3 to 4.8.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1337
Bump com.github.spotbugs:spotbugs from 4.8.3 to 4.8.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1334
Bump eslint from 8.56.0 to 8.57.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1355
Bump cypress from 13.6.4 to 13.7.3 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1354
Bump mocha from 10.3.0 to 10.4.0 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1353
Bump eslint-plugin-n from 16.6.2 to 17.2.1 in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1352
Bump com.tngtech.archunit:archunit-junit5 from 1.2.1 to 1.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1332
Bump golang.org/x/net from 0.17.0 to 0.23.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1356
Bump golang.org/x/net from 0.17.0 to 0.23.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1357
Bump golang.org/x/net from 0.17.0 to 0.23.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1358
Bump @commitlint/config-conventional from 19.1.0 to 19.2.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1335
Bump lycheeverse/lychee-action from 1.9.3 to 1.10.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1363
Bump org.springframework.boot:spring-boot-starter-parent from 3.2.4 to 3.2.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1367
Bump aws.sdk.version from 2.25.31 to 2.25.40 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1366
Bump io.gatling:gatling-maven-plugin from 4.8.2 to 4.9.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1364
Bump io.gatling.highcharts:gatling-charts-highcharts from 3.10.5 to 3.11.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1365
Bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.4 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1370
Bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.4 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1369
Bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.4 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1368

New Contributors

@Wind010 made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1280
@dannylloyd made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1307

Special thanks

Special thanks goes to @bendehaan , @commjoen , @Wind010 , @dannylloyd for their hard work on this release!

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.8.4...1.8.5

wrongsecrets - 1.8.4: LCM and bugfixes

Published by commjoen 8 months ago

What's Changed

Bugfixes and Improvements

Simplified intigration test for K8s in cypress by @Shubham-Patel07 in https://github.com/OWASP/wrongsecrets/pull/1235
Update toggle switch by @Shubham-Patel07 in https://github.com/OWASP/wrongsecrets/pull/1239
Various fixes: eslint, broken animation, contributors, and more challenges links by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1242
Fix typo on CONTRIBUTING.md by @za in https://github.com/OWASP/wrongsecrets/pull/1244
Fix typo on CONTRIBUTING.md by @za in https://github.com/OWASP/wrongsecrets/pull/1245
Fix for challenge 16 FE/BE alignment and fix for showing the minimal needed tech. by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1272
fix: fix AWS for new EKS module and K8s 1.29 by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1273
enable challenge 46 in cloud by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1274

LCM

Bump hashicorp/google from 5.13.0 to 5.14.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1234
Bump hashicorp/google-beta from 5.13.0 to 5.14.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1233
Bump pre-commit-ci/lite-action from 1.0.1 to 1.0.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1237
Bump pre-commit/action from 3.0.0 to 3.0.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1238
Bump flat and mocha in /src/test/e2e by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1241
Bump com.h3xstream.findsecbugs:findsecbugs-plugin from 1.12.0 to 1.13.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1246
Bump io.gatling.highcharts:gatling-charts-highcharts from 3.10.3 to 3.10.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1247
Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1250
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.3.0 to 4.8.3.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1255
Bump org.springframework.boot:spring-boot-starter-parent from 3.2.2 to 3.2.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1248
Bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1269
Bump com.azure.spring:spring-cloud-azure-dependencies from 5.8.0 to 5.9.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1249
Bump hashicorp/http from 3.4.1 to 3.4.2 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1268
Bump hashicorp/azurerm from 3.89.0 to 3.94.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1267
Bump hashicorp/http from 3.4.1 to 3.4.2 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1266
Bump hashicorp/google from 5.14.0 to 5.18.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1264
Bump hashicorp/google-beta from 5.14.0 to 5.18.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1263
Bump hashicorp/http from 3.4.1 to 3.4.2 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1259
Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.5.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1258
Bump hashicorp/aws from 5.34.0 to 5.39.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1265
Bump @commitlint/config-conventional from 18.6.0 to 19.0.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1262
Bump org.jruby:jruby-complete from 9.4.5.0 to 9.4.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1251
Bump aws.sdk.version from 2.23.15 to 2.25.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1252
Bump com.google.cloud:spring-cloud-gcp-dependencies from 5.0.1 to 5.0.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1256
Bump eslint-plugin-jest from 27.6.3 to 27.9.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1261
Bump eslint from 8.56.0 to 8.57.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1260
Bump io.gatling:gatling-maven-plugin from 4.7.0 to 4.8.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1257
Bump org.webjars:bootstrap from 5.3.2 to 5.3.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1254
Bump org.asciidoctor:asciidoctor-maven-plugin from 2.2.5 to 3.0.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1253

New Contributors

@Shubham-Patel07 made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1235

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.8.3...1.8.4

Special Thanks

Special thanks to @Shubham-Patel07 , @bendehaan , @za , @nbaars , @commjoen for their hard work on this release!

wrongsecrets - 1.8.3: last vault challenge and LCM

Published by commjoen 9 months ago

What's Changed

Bugfixes, improvements, and docs:

Fix typo on Vaultpassword.java by @za in https://github.com/OWASP/wrongsecrets/pull/1190
attempt to fix surefire perm issue for non fork by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1197
Update readme with contributors and more by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1194
Issue 1193: update trufflehog command on the challenge 1 hint doc by @za in https://github.com/OWASP/wrongsecrets/pull/1195
Sort alphabetically while importing Python modules by @za in https://github.com/OWASP/wrongsecrets/pull/1199
Format Python script using Black formatter by @za in https://github.com/OWASP/wrongsecrets/pull/1202
Update main.yml to no longer contain test uploads to the PR by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1226

New challenges:

New Challenge - Vault Template Injection by @nwolniak in https://github.com/OWASP/wrongsecrets/pull/1189

LCM:

Bump actions/cache from 3 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1192
Bump zaproxy/action-baseline from 0.10.0 to 0.11.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1203
Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.10 to 2.7.11 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1204
Bump org.springframework.boot:spring-boot-starter-parent from 3.2.1 to 3.2.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1205
Bump org.asciidoctor:asciidoctor-maven-plugin from 2.2.4 to 2.2.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1207
Bump org.springframework.vault:spring-vault-core from 3.1.0 to 3.1.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1212
Update main.yml to fix #1198 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1223
Bump eslint-plugin-jest from 27.6.0 to 27.6.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1209
Bump uk.org.webcompere:system-stubs-jupiter from 2.1.5 to 2.1.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1206
Bump com.google.cloud:spring-cloud-gcp-dependencies from 5.0.0 to 5.0.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1208
Bump @commitlint/config-conventional from 18.4.3 to 18.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1211
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.2.0 to 4.8.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1215
Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1216
Bump com.diffplug.spotless:spotless-maven-plugin from 2.41.1 to 2.43.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1217
Bump lycheeverse/lychee-action from 1.9.1 to 1.9.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1227
Bump eLco/setup-vault from 1.0.2 to 1.0.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1225
Bump amazoncorretto from 21.0.1-alpine to 21.0.2-alpine by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1222
Update terraform-aws-modules/vpc/aws requirement from ~> 5.4.0 to ~> 5.5.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1221
Bump hashicorp/aws from 5.31.0 to 5.34.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1220
Bump hashicorp/google-beta from 5.10.0 to 5.13.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1218
Bump hashicorp/google from 5.10.0 to 5.13.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1213
Bump hashicorp/azurerm from 3.85.0 to 3.89.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1219
Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1231
Bump eslint-plugin-n from 16.6.0 to 16.6.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1214
Bump aws.sdk.version from 2.22.9 to 2.23.15 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1232

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.8.2...1.8.3

Special thanks

Special thanks to @za , @commjoen , @bendehaan and @nwolniak for their hard work on this release!

wrongsecrets - 1.8.2: 2 new challenges! Open Security Summit Release

Published by commjoen 9 months ago

What's Changed

Challenge 44&45: Vault Metadata challenge by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1147

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.8.1...1.8.2

Special Thanks

Thanks to @nbaars , @commjoen , and @bendehaan for their hard work on this release

wrongsecrets - 1.8.1: Challenge 43 and other updates

Published by commjoen 9 months ago

What's Changed

Improvements and bug fixes

feat: run Cypress test against pre-compiled HTML by @nbaars in https://github.com/OWASP/wrongsecrets/pull/1141
Fix Webtop again by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1146
refactor: simplify challenges when answer is fixed by @nbaars in https://github.com/OWASP/wrongsecrets/pull/1125
Fix cypress related docs by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1168
fix reporting: give junit job the right permissions by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1169
fix reporting for mochatests by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1170

New challenges

Challenge 43: new challenge for secret shared on social media. by @djvinnie in https://github.com/OWASP/wrongsecrets/pull/1144

Documentation

Update main.py: give Nanne a special recognition for his work on the … by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1148

Goodbye Okteto

Update README.md to remove okteto references by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1188

LCM

Bump com.github.spotbugs:spotbugs-annotations from 4.8.2 to 4.8.3 by @dependabot in
Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1143
Bump actions/upload-artifact from 3 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1145
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1151
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1152
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1153
Bump asciidoctorj.version from 2.5.10 to 2.5.11 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1155
Bump aws.sdk.version from 2.21.42 to 2.22.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1156
https://github.com/OWASP/wrongsecrets/pull/1157
Bump eslint-plugin-import from 2.29.0 to 2.29.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1158
Bump eslint from 8.55.0 to 8.56.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1160
Bump io.gatling.highcharts:gatling-charts-highcharts from 3.9.5 to 3.10.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1159
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.8.4 to 5.0.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1161
Bump io.gatling:gatling-maven-plugin from 4.6.0 to 4.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1162
Bump eslint-plugin-n from 16.3.1 to 16.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1163
Bump com.azure.spring:spring-cloud-azure-dependencies from 5.7.0 to 5.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1164
Bump com.github.spotbugs:spotbugs from 4.8.2 to 4.8.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1165
Bump org.springframework.boot:spring-boot-starter-parent from 3.2.0 to 3.2.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1166
Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1167
Bump hashicorp/http from 3.4.0 to 3.4.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1184
Bump hashicorp/google from 5.7.0 to 5.10.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1183
Bump hashicorp/google-beta from 5.7.0 to 5.10.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1182
Bump hashicorp/random from 3.5.1 to 3.6.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1181
Bump hashicorp/random from 3.5.1 to 3.6.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1179
Bump terraform-aws-modules/eks/aws from 19.20.0 to 19.21.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1178
Bump hashicorp/aws from 5.29.0 to 5.31.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1177
Update terraform-aws-modules/vpc/aws requirement from ~> 5.2.0 to ~> 5.4.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1176
Bump hashicorp/random from 3.5.1 to 3.6.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1173
Bump hashicorp/http from 3.4.0 to 3.4.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1172
Bump hashicorp/azurerm from 3.83.0 to 3.85.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1171
Bump hashicorp/http from 3.4.0 to 3.4.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1180
Bump aws.sdk.version from 2.22.5 to 2.22.9 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1174
Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1175
Bump eslint-plugin-n from 16.5.0 to 16.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1185
Bump lycheeverse/lychee-action from 1.8.0 to 1.9.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1186
Bump lycheeverse/lychee-action from 1.9.0 to 1.9.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1187

Special Thanks

Special thanks to @nbaars , @djvinnie , @bendehaan , and @commjoen for their hard work on this release!

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.8.0...1.8.1

wrongsecrets - 1.8.0: Refactor and many fixes

Published by commjoen 10 months ago

What's Changed

This is a new major release, as we have done a very big refactor! Thank you, @nbaars, for enabling parallel challenge development!
We also migrated to Spring Boot 3.2.
Just so you know, from here on, you can remove challenges from the app relatively easily by updating the config.

Let's group the changes below:

Documentation:

Doc fix: explain and correct the local container creation by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1082
Adding alternative text in the pictures to the contribution file by @CaduRoriz in https://github.com/OWASP/wrongsecrets/pull/1066

Refactor:

Introduce separate configuration for challenges by @nbaars in https://github.com/OWASP/wrongsecrets/pull/1083

New challenge:

[Challenge 42] Spring boot actuator hiding api key by @nwolniak in https://github.com/OWASP/wrongsecrets/pull/1107

Fixes:

Fix link checker by moving lycheeignore to root of folder again by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1109
Hotfixes k8s defs, terratest and initial testing on okteto ctf by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1123
Fix for arm at golang by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1126
Fix docs and udpate nodejs version by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1127
Fix image with new parameters for launching the app by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1128
Challenge38 hint fix. by @djvinnie in https://github.com/OWASP/wrongsecrets/pull/1129
Bugfix: enable all challenges in cloud envs again by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1131
fix: aws lb and gke by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1137
fix: fix gcp ingress by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1138
Fix for issues regarding challenge rendering by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1133
fix: move gcp ingress to consul/vault script by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1140

LCM:

Bump org.webjars:bootstrap from 5.3.1 to 5.3.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1011
Bump amazoncorretto from 21.0.0-alpine to 21.0.1-alpine by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1065
Bump com.github.eirslett:frontend-maven-plugin from 1.14.0 to 1.14.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1064
Bump org.springframework.boot:spring-boot-starter-parent from 3.1.4 to 3.1.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1059
Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.0 to 3.3.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1061
Bump org.cyclonedx:cyclonedx-core-java from 8.0.1 to 8.0.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1060
Bump hashicorp/setup-terraform from 2 to 3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1067
Bump org.jruby:jruby-complete from 9.4.3.0 to 9.4.4.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1058
Bump hashicorp/google from 4.84.0 to 5.4.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1077
Bump hashicorp/google-beta from 4.84.0 to 5.4.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1076
Bump terraform-aws-modules/eks/aws from 19.16.0 to 19.17.4 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1069
Bump hashicorp/azurerm from 3.75.0 to 3.78.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1068
Bump eslint-plugin-import from 2.28.1 to 2.29.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1071
Bump eslint from 8.50.0 to 8.52.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1073
Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.7.10 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1080
Bump hashicorp/aws from 5.19.0 to 5.23.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1070
Bump eslint-plugin-jest from 27.4.2 to 27.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1074
Bump zaproxy/action-baseline from 0.9.0 to 0.10.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1078
Bump eslint-plugin-n from 16.1.0 to 16.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1075
Bump @commitlint/config-conventional from 17.7.0 to 18.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1072
Bump aws.sdk.version from 2.21.2 to 2.21.13 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1081
Bump com.azure.spring:spring-cloud-azure-dependencies from 5.5.0 to 5.6.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1063
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.8.2 to 4.8.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1062
Update terraform-aws-modules/vpc/aws requirement from ~> 5.1.1 to ~> 5.2.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1099
Bump terraform-aws-modules/eks/aws from 19.17.4 to 19.20.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1098
Bump hashicorp/google-beta from 5.4.0 to 5.7.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1096
Bump hashicorp/google from 5.4.0 to 5.7.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1095
Bump hashicorp/azurerm from 3.78.0 to 3.83.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1085
Bump @commitlint/config-conventional from 18.1.0 to 18.4.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1100
Bump hashicorp/aws from 5.23.1 to 5.29.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1097
Bump actions/setup-java from 3 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1084
chore(deps): bump actions/setup-python from 4 to 5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1110
Bump com.github.spotbugs:spotbugs from 4.8.0 to 4.8.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1086
chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.6 to 4.8.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1108
chore(deps): bump com.puppycrawl.tools:checkstyle from 10.12.4 to 10.12.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1111
Bump eslint from 8.52.0 to 8.55.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1104
Bump com.github.spotbugs:spotbugs-annotations from 4.8.0 to 4.8.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1089
Bump com.azure.spring:spring-cloud-azure-dependencies from 5.6.0 to 5.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1093
chore(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.2.0 to 2.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1117
chore(deps-dev): bump com.tngtech.archunit:archunit-junit5 from 1.1.0 to 1.2.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1118
Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1090
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.8.3 to 4.8.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1092
Bump uk.org.webcompere:system-stubs-jupiter from 2.1.3 to 2.1.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1091
chore(deps): bump aws.sdk.version from 2.21.13 to 2.21.42 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1119
chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.1.0 to 3.1.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1120
chore(deps): bump com.diffplug.spotless:spotless-maven-plugin from 2.40.0 to 2.41.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1122
chore(deps): bump org.jruby:jruby-complete from 9.4.4.0 to 9.4.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1121
chore(deps): bump org.springframework.cloud:spring-cloud-dependencies from 2022.0.4 to 2023.0.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1116

New Contributors

@CaduRoriz made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1066
@nwolniak made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1107

Special Thanks

Special thanks to @CaduRoriz, @nwolniak , @nbaars , @bendehaan , and @djvinnie for their hard work on this release!

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.7.2...1.8.0

wrongsecrets - 1.7.2 quickfix for ui

Published by commjoen 12 months ago

What's Changed

Process

Added github actions to un-assigned issues after 90 days of inactivity by @za in https://github.com/OWASP/wrongsecrets/pull/1050

Required UI Fixes

Remove negative margin on larger screens by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1054
Fixing ui by moving blocks around by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1055

###LCM

Bump google.golang.org/grpc from 1.51.0 to 1.56.3 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1053
Bump google.golang.org/grpc from 1.51.0 to 1.56.3 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1051
Bump google.golang.org/grpc from 1.51.0 to 1.56.3 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1052

New Contributors

@za made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1050

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.7.1...1.7.2

wrongsecrets - 1.7.1: hacktoberfest 2! New challenges and changes

Published by commjoen 12 months ago

What's Changed

This is the second Hacktoberfest release with small ui updates and some very cool new challenges!

New Challenges

feat: Challenge 39 based on filename as encryption key by @adarsh-a-tw in https://github.com/OWASP/wrongsecrets/pull/1023
feat: Challenge 40 based on storing encryption key and secret in the same file by @adarsh-a-tw in https://github.com/OWASP/wrongsecrets/pull/1027
feat: Challenge 41 based on Password shucking by @adarsh-a-tw in https://github.com/OWASP/wrongsecrets/pull/1037

Updates and fixes

Heroku documentation update by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1024
Prep release 1.7.0 ctf party by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1025
Contributor rankings by @roddas in https://github.com/OWASP/wrongsecrets/pull/1022
Add the documentation of main.py script for contributor generation by @roddas in https://github.com/OWASP/wrongsecrets/pull/1026
Updated dockerfiles to include new challenge files and css layout by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1028
Railway documentation addition. by @alphasecio in https://github.com/OWASP/wrongsecrets/pull/1035
Cleanup by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1036
Fix menu ui on mobile by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1045
release 1.7.1 final fixes (ui and contributors), minor node update by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1047

LCM

Bump golang.org/x/net from 0.8.0 to 0.17.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1029
Bump golang.org/x/net from 0.8.0 to 0.17.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1030
Bump golang.org/x/net from 0.8.0 to 0.17.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1031
Bump jeroenwillemsen/wrongsecrets from 1.7.0RC4-no-vault to 1.7.0-no-vault by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1032
Bump urllib3 from 2.0.6 to 2.0.7 in /scripts/sort_contibutors by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1038
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.8.0 to 4.8.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1041
Bump org.cyclonedx:cyclonedx-core-java from 7.3.2 to 8.0.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1043
Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1044
Bump com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1039
Bump aws.sdk.version from 2.20.157 to 2.21.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1042
Bump com.github.spotbugs:spotbugs from 4.7.3 to 4.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1040
Bump actions/setup-node from 3 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1048

New Contributors

@adarsh-a-tw made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1023
@alphasecio made their first contribution in https://github.com/OWASP/wrongsecrets/pull/1035

Special thanks

We would like to thank @adarsh-a-tw , @alphasecio , @commjoen , @bendehaan , @mikewoudenberg, and @roddas for their hard work on this release!

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.7.0...1.7.1

wrongsecrets - 1.7.0: Hacktoberfest 1: Java 21, K8s 1.28 and 3 new challenges

Published by commjoen about 1 year ago

Project upgrade

This is another big release as part of Hacktoberfest! and have loads of great news:

we have many hacktoberfest approved PRs which are part of this release
our project got upgraded to "Production Status" in OWASP!
this project upgrades k8s to 1.28 and Java to 21(LTS), which means we can easily deploy this project to various cloud providers for at least another year without the need of a lot of maintenance & we can continue development of the java app as we are now compatible with a new LTS version of Java.

What's Changed

Major upgrades

Upgrade to Java 21 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/987
Upgrade to K8s 1.28 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/991

New challenges:

Add challenge36: Advanced reverse engineering game by @roddas in https://github.com/OWASP/wrongsecrets/pull/947
Add challenge 37 for ZAP configuration with authenticated endpoint by @commjoen in https://github.com/OWASP/wrongsecrets/pull/941
Feature(#614): Challenge38 - Git notes challenge by @RemakingEden in https://github.com/OWASP/wrongsecrets/pull/903

Other changes:

Remove fly.io from readme and prepare deployment for fly v2 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/986
Update README.md by @commjoen in https://github.com/OWASP/wrongsecrets/pull/985
Update README.md: adding @roddas as contributor by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1013
Add missing files in container for challenge 36 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1014
feat: add terratest for AWS, Azure and GCP by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/1015
Update contributing.md: Change image to use java 21 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1017
first fix for missing step on setting java to 21 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1018
Tests clean up by @drnow4u in https://github.com/OWASP/wrongsecrets/pull/1021
Update dependabot.yml to have 10 mrs on Java by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1008
Pre-release of 1.7.0 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/1020

LCM:

Bump s4u/setup-maven-action from 1.9.0 to 1.10.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/988
Bump terraform-linters/setup-tflint from 3 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/989
Bump eslint-plugin-jest from 27.2.3 to 27.4.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1007
Bump com.diffplug.spotless:spotless-maven-plugin from 2.39.0 to 2.40.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1001
Bump aws.sdk.version from 2.20.139 to 2.20.157 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/999
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.5 to 4.7.3.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1010
Bump eslint from 8.48.0 to 8.50.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1006
Bump eslint-plugin-n from 16.0.2 to 16.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1005
Bump cypress from 13.1.0 to 13.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1004
Bump eslint-plugin-cypress from 2.14.0 to 2.15.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1003
Bump hashicorp/azurerm from 3.71.0 to 3.75.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/995
Bump hashicorp/google from 4.80.0 to 4.84.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/994
Bump hashicorp/google-beta from 4.80.0 to 4.84.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/993
Bump hashicorp/aws from 5.15.0 to 5.19.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/997
Bump com.github.eirslett:frontend-maven-plugin from 1.13.4 to 1.14.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1002
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.7.2 to 4.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1009
Bump javascript-obfuscator from 4.0.2 to 4.1.0 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/996
Bump uk.org.webcompere:system-stubs-jupiter from 2.0.2 to 2.1.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/1012
Bump nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect from 3.2.1 to 3.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/998

New Contributors

@roddas made their first contribution in https://github.com/OWASP/wrongsecrets/pull/947

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.10...1.7.0

Special Thanks:

Special thanks to @roddas , @nbaars , @bendehaan , @drnow4u , @RemakingEden , and @commjoen for their hard work on this release!

wrongsecrets - 1.6.10: Small updates and fixes

Published by commjoen about 1 year ago

What's Changed

Features

Create render.yaml for render.io deployment by @commjoen in https://github.com/OWASP/wrongsecrets/pull/983

Small fixes

Docker exercises changes in readme.md by @djvinnie in https://github.com/OWASP/wrongsecrets/pull/964
Update README.md as GitHub Id changed by @commjoen in https://github.com/OWASP/wrongsecrets/pull/979
Added star'ing message by @djvinnie in https://github.com/OWASP/wrongsecrets/pull/980

LCM

Bump eslint-plugin-import from 2.28.0 to 2.28.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/955
Bump eslint from 8.46.0 to 8.48.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/952
Bump com.puppycrawl.tools:checkstyle from 10.12.2 to 10.12.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/961
Bump com.diffplug.spotless:spotless-maven-plugin from 2.38.0 to 2.39.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/958
Bump org.springframework.boot:spring-boot-starter-parent from 3.1.2 to 3.1.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/960
Bump aws.sdk.version from 2.20.116 to 2.20.139 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/972
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.7.0 to 4.7.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/971
Bump @commitlint/config-conventional from 17.6.7 to 17.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/953
Bump eslint-plugin-cypress from 2.13.3 to 2.14.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/969
Bump eslint-plugin-n from 16.0.1 to 16.0.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/956
Bump azurerm from 3.67.0 to 3.71.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/967
Bump hashicorp/google-beta from 4.76.0 to 4.80.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/966
Bump hashicorp/google from 4.76.0 to 4.80.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/965
Bump terraform-aws-modules/eks/aws from 19.15.4 to 19.16.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/963
Bump aws from 5.10.0 to 5.15.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/962
Bump org.linguafranca.pwdb:KeePassJava2 from 2.1.4 to 2.2.1 and fix local run issue with challenge14 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/970
Update container-alts-test.yml bumping Colima setup by @commjoen in https://github.com/OWASP/wrongsecrets/pull/945
Update container-alts-test.yml to alpha.v10 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/976
Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/977
Feature: update node to version 20 as checkout v4 standard operates with v20 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/978
Bump org.webjars:jquery from 3.7.0 to 3.7.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/959
Bump com.azure.spring:spring-cloud-azure-dependencies from 5.3.0 to 5.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/973
Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.1.0 to 2.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/957
Bump cypress from 12.17.2 to 13.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/954

New Contributors

@djvinnie made their first contribution in https://github.com/OWASP/wrongsecrets/pull/964

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.9...1.6.10

Special Thanks

Special thanks to @djvinnie , @nbaars , @bendehaan , and @commjoen for their work on this release!

wrongsecrets - 1.6.9: Bugfixes in challenges

Published by commjoen about 1 year ago

What's Changed

Docs:

Update README.md by @commjoen in https://github.com/OWASP/wrongsecrets/pull/940

Bugfixes:

Update Challenge35 as there as a bug in the component ordering by @commjoen in https://github.com/OWASP/wrongsecrets/pull/942
Update challenge32 to explain external website usage by @commjoen in https://github.com/OWASP/wrongsecrets/pull/948
Replace Challenge32 with another prompting game (Gandalf) as the old prompting game is shut down by @commjoen in https://github.com/OWASP/wrongsecrets/pull/950
Fix for challenge29 as there was an issue with decyrpting the actual answer by @commjoen in https://github.com/OWASP/wrongsecrets/pull/949
Fixes for Challenge17 generation by @commjoen in https://github.com/OWASP/wrongsecrets/pull/951

LCM:

Bump s4u/setup-maven-action from 1.8.0 to 1.9.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/944

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.8...1.6.9

Special Thanks

Special thanks to @bendehaan , @commjoen, and @djvinnie for their hard work on this release!

wrongsecrets - 1.6.8

Published by commjoen about 1 year ago

What's Changed

New challenges

Challenge35: Add experimental key by @commjoen in https://github.com/OWASP/wrongsecrets/pull/938

Bugfixes

Update container-alts-test.yml to test bug fix in action by @commjoen in https://github.com/OWASP/wrongsecrets/pull/939

LCM

Bump hashicorp/google-beta from 4.75.1 to 4.76.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/933
Bump aws.sdk.version from 2.20.115 to 2.20.116 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/934
Bump hashicorp/google from 4.75.1 to 4.76.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/932
Bump zaproxy/action-baseline from 0.8.2 to 0.9.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/936
Bump tough-cookie and @cypress/request by @dependabot in https://github.com/OWASP/wrongsecrets/pull/937
Bump org.webjars:bootstrap from 5.3.0 to 5.3.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/935

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.7...1.6.8

Special Thanks

Special thanks to @bendehaan and @commjoen for their hard work on this release!

wrongsecrets - 1.6.7: Back to Java17(LTS) and other LCM

Published by commjoen about 1 year ago

What's Changed

Bugfixes:

Fixes in challengeUI for CTF Party by @commjoen in https://github.com/OWASP/wrongsecrets/pull/900
Downgrade to patched java17 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/911

LCM:

Bump spring-cloud-azure-dependencies from 5.1.0 to 5.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/890
Bump @commitlint/config-conventional from 17.6.5 to 17.6.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/895
Bump checkstyle from 10.12.0 to 10.12.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/889
Bump spring-boot-starter-parent from 3.0.6 to 3.1.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/874
Bump hashicorp/google-beta from 4.70.0 to 4.71.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/885
Bump hashicorp/google from 4.70.0 to 4.71.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/886
Bump azurerm from 3.62.1 to 3.63.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/897
Bump eslint-plugin-n from 16.0.0 to 16.0.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/892
Bump eslint from 8.43.0 to 8.44.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/893
Bump aws.sdk.version from 2.20.91 to 2.20.97 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/888
Bump spring-cloud-gcp-dependencies from 4.5.0 to 4.5.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/891
Bump aws from 5.5.0 to 5.6.2 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/896
Bump minimatch from 9.0.1 to 9.0.2 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/887
Bump cypress from 12.15.0 to 12.16.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/894
Bump frontend-maven-plugin from 1.12.1 to 1.13.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/898
Bump zaproxy/action-baseline from 0.7.0 to 0.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/899
Bump zaproxy/action-baseline from 0.8.0 to 0.8.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/902
Bump eslint-plugin-jest from 27.2.2 to 27.2.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/910
Bump cypress from 12.16.0 to 12.17.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/909
Bump aws.sdk.version from 2.20.97 to 2.20.103 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/905
Bump word-wrap from 1.2.3 to 1.2.4 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/912
Bump eslint from 8.44.0 to 8.45.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/908
Bump frontend-maven-plugin from 1.13.3 to 1.13.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/906
Bump minimatch from 9.0.2 to 9.0.3 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/904
Bump datatables from 1.13.4 to 1.13.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/907
Bump com.diffplug.spotless:spotless-maven-plugin from 2.37.0 to 2.38.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/915
Bump eslint-plugin-import from 2.27.5 to 2.28.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/923
Bump org.springframework.boot:spring-boot-starter-parent from 3.1.1 to 3.1.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/929
Bump org.springframework.cloud:spring-cloud-dependencies from 2022.0.3 to 2022.0.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/913
Bump cypress from 12.17.1 to 12.17.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/927
Bump azurerm from 3.63.0 to 3.67.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/918
Bump hashicorp/google-beta from 4.71.0 to 4.75.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/922
Bump hashicorp/google from 4.71.0 to 4.75.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/921
Bump terraform-aws-modules/eks/aws from 19.15.3 to 19.15.4 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/920
Update terraform-aws-modules/vpc/aws requirement from ~> 5.0.0 to ~> 5.1.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/916
Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.5.1 to 4.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/917
Bump eslint from 8.45.0 to 8.46.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/924
Bump com.puppycrawl.tools:checkstyle from 10.12.1 to 10.12.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/930
Bump @commitlint/config-conventional from 17.6.6 to 17.6.7 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/926
Bump aws.sdk.version from 2.20.103 to 2.20.115 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/919
Bump org.webjars:jquery from 3.6.4 to 3.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/931
Bump org.thymeleaf.extras:thymeleaf-extras-springsecurity6 from 3.1.1.RELEASE to 3.1.2.RELEASE by @dependabot in https://github.com/OWASP/wrongsecrets/pull/928
Bump aws from 5.6.2 to 5.10.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/925

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.6...1.6.7

Thanks

Thanks to @commjoen for his hard work on this release!

wrongsecrets - 1.6.6: Challenge 34, LCM & Doc improvements

Published by commjoen over 1 year ago

What's Changed

New Challenges

feat(#692): Challenge 34 with a focus on determenistic use of KDFs by @commjoen in https://github.com/OWASP/wrongsecrets/pull/866

Small Fixes

Textual fixes for consistency by @commjoen in https://github.com/OWASP/wrongsecrets/pull/884

LCM:

Bump maven-checkstyle-plugin from 3.2.2 to 3.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/852
Bump spring-cloud-gcp-dependencies from 4.3.1 to 4.4.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/854
Bump asciidoctorj.version from 2.5.8 to 2.5.9 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/853
Bump checkstyle from 10.10.0 to 10.12.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/855
Bump aws.sdk.version from 2.20.56 to 2.20.78 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/856
Bump asciidoctor-maven-plugin from 2.2.3 to 2.2.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/857
Bump jruby-complete from 9.4.2.0 to 9.4.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/862
Bump aws.sdk.version from 2.20.78 to 2.20.82 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/861
Bump asciidoctorj.version from 2.5.9 to 2.5.10 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/863
Bump s4u/setup-maven-action from 1.7.0 to 1.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/864
Bump aws.sdk.version from 2.20.82 to 2.20.85 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/865
Bump spotbugs-maven-plugin from 4.7.3.4 to 4.7.3.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/875
Bump eslint-plugin-jest from 27.2.1 to 27.2.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/868
Bump eslint from 8.41.0 to 8.43.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/867
Bump aws.sdk.version from 2.20.85 to 2.20.91 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/869
Bump spring-cloud-gcp-dependencies from 4.4.0 to 4.5.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/872
Bump terraform-aws-modules/eks/aws from 19.15.2 to 19.15.3 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/876
Bump hashicorp/google from 4.67.0 to 4.70.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/877
Bump http from 3.3.0 to 3.4.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/878
Bump hashicorp/google-beta from 4.67.0 to 4.70.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/880
Bump azurerm from 3.58.0 to 3.62.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/881
Bump aws from 5.0.1 to 5.5.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/883
Bump http from 3.3.0 to 3.4.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/882
Bump cypress from 12.13.0 to 12.15.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/871
Bump eslint-plugin-n from 15.7.0 to 16.0.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/873
Bump http from 3.3.0 to 3.4.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/879
Bump datatables from 1.13.2 to 1.13.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/870

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.5...1.6.6

Special Thanks

We would like to thank @commjoen and @bendehaan for their hard work on this release.

wrongsecrets - 1.6.5: Challenge 33, score-tracking on home, ui tests, small fixes & docs

Published by commjoen over 1 year ago

What's Changed

Documentation:

#630 Docker image jeroenwillemsen/wrongsecrets:1.5.14-no-vault hangs … by @MarcinNowak-codes in https://github.com/OWASP/wrongsecrets/pull/631
Update ctf instructions for challenge 30 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/821
Update README.md (badges & screenshots), challenge1 text, and a ui-bug by @commjoen in https://github.com/OWASP/wrongsecrets/pull/825

Quality updates:

chore: add Spotless formatter by @nbaars in https://github.com/OWASP/wrongsecrets/pull/790
UI Test Framework by @RemakingEden in https://github.com/OWASP/wrongsecrets/pull/808
Automate spotless apply as part of pre-commit by @commjoen in https://github.com/OWASP/wrongsecrets/pull/824
Fix for okteto; namespace substitution in challenge33.yml by @commjoen in https://github.com/OWASP/wrongsecrets/pull/827
Scoring UI test tweaks by @RemakingEden in https://github.com/OWASP/wrongsecrets/pull/828
Pre-release fixes (docs, tests, bugfixes in challenge 33 & challenge 13, pre-commit&node upgrades) and setting up 1.6.5 release by @commjoen in https://github.com/OWASP/wrongsecrets/pull/829

New Features:

feat(#647): initial scoring and highlighting by @commjoen in https://github.com/OWASP/wrongsecrets/pull/804

New Challenges:

feat(#765): k8s challenge with securestring by @commjoen in https://github.com/OWASP/wrongsecrets/pull/818

LCM

Bump cyclonedx-maven-plugin from 2.7.8 to 2.7.9 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/834
Bump spotless-maven-plugin from 2.36.0 to 2.37.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/833
Bump spring-cloud-dependencies from 2022.0.2 to 2022.0.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/835
Bump eslint-config-standard from 17.0.0 to 17.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/841
Bump minimatch from 9.0.0 to 9.0.1 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/837
Bump cypress from 12.10.0 to 12.13.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/840
Bump eslint from 8.39.0 to 8.41.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/842
Bump terraform-aws-modules/eks/aws from 19.13.1 to 19.15.2 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/845
Bump aws from 4.65.0 to 5.0.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/844
Bump hashicorp/google-beta from 4.63.1 to 4.67.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/839
Bump hashicorp/google from 4.63.1 to 4.67.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/838
Update terraform-aws-modules/vpc/aws requirement from ~> 4.0.1 to ~> 5.0.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/846
Bump spring-cloud-gcp-dependencies from 4.2.0 to 4.3.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/847
Bump lombok from 1.18.26 to 1.18.28 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/849
Bump bootstrap from 5.2.3 to 5.3.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/832
Bump @commitlint/config-conventional from 17.6.1 to 17.6.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/843
Bump azurerm from 3.54.0 to 3.58.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/836
Delete secondkey.txt by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/850

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.4...1.6.5

Special Thanks

We would like to thank @bendehaan, @RemakingEden , @nbaars, @MarcinNowak-codes , @commjoen , and @devsecops

wrongsecrets - 1.6.4: performance improvements, LCM, and 3 new challenges (LocalStorage, AI/LLM and documentation)

Published by commjoen over 1 year ago

What's Changed

New challenges

Feature(#648): Add the localstorage challenge by @Novice-expert in https://github.com/OWASP/wrongsecrets/pull/716
Feature(#816): first LLM based challenge by @commjoen in https://github.com/OWASP/wrongsecrets/pull/817
Feature(#423): Addition of Challenge 31 (third documentation challenge) by @puneeth072003 in https://github.com/OWASP/wrongsecrets/pull/757

Small updates

Code tidying, challenge difficulty refactor, removal of unnecessary code by @nbaars in https://github.com/OWASP/wrongsecrets/pull/789
fix: wire challenges to compute size dynamically. by @nbaars in https://github.com/OWASP/wrongsecrets/pull/820

Other features

Optimize performance of the app by means of JS minification and enabling GZIP compression by @commjoen in https://github.com/OWASP/wrongsecrets/pull/805
Fixes for docs and challenges by @commjoen in https://github.com/OWASP/wrongsecrets/pull/806
Update README.md to add new contributor Novice-Expert by @commjoen in https://github.com/OWASP/wrongsecrets/pull/807

Dependency updates

build(deps): bump asciidoctorj.version from 2.5.7 to 2.5.8 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/777
build(deps): bump checkstyle from 10.9.3 to 10.10.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/792
build(deps): bump cyclonedx-maven-plugin from 2.7.7 to 2.7.8 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/794
build(deps): bump aws.sdk.version from 2.20.53 to 2.20.56 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/797
build(deps): bump spring-cloud-azure-dependencies from 5.0.0 to 5.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/800
build(deps): bump aws from 4.64.0 to 4.65.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/801
build(deps): bump hashicorp/google from 4.62.1 to 4.63.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/799
build(deps): bump hashicorp/google-beta from 4.62.1 to 4.63.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/791
build(deps): bump azurerm from 3.53.0 to 3.54.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/796
build(deps): bump http from 3.2.1 to 3.3.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/793
build(deps): bump http from 3.2.1 to 3.3.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/798
build(deps): bump http from 3.2.1 to 3.3.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/795
build(deps): bump minimatch from 8.0.3 to 9.0.0 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/779
build(deps): bump lycheeverse/lychee-action from 1.7.0 to 1.8.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/819

New Contributors

@Novice-expert made their first contribution in https://github.com/OWASP/wrongsecrets/pull/716

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.3...1.6.4

Special Thanks

Special thanks to @nbaars , @bendehaan , @Novice-expert , @puneeth072003 , @commjoen, @mikewoudenberg , and @h43z for their hard work on this release!

wrongsecrets - 1.6.3: Http caching, bugfixes and LCM

Published by commjoen over 1 year ago

What's Changed

Bugfixes

Fix for string checks for challenge 7, 13, and 14 by @commjoen in https://github.com/OWASP/wrongsecrets/pull/788

New features

Disabling springdoc on heroku by @commjoen in https://github.com/OWASP/wrongsecrets/pull/761
Performance improvement 1: Enable Http caching of js/css resources. by @commjoen and @nbaars in https://github.com/OWASP/wrongsecrets/pull/763

LCM

build(deps): bump lycheeverse/lychee-action from 1.6.1 to 1.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/764
build(deps-dev): bump @commitlint/config-conventional from 17.4.4 to 17.6.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/768
build(deps-dev): bump eslint from 8.37.0 to 8.39.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/767
build(deps): bump spring-boot-starter-parent from 3.0.5 to 3.0.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/771
build(deps): bump maven-checkstyle-plugin from 3.2.1 to 3.2.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/774
build(deps): bump cyclonedx-maven-plugin from 2.7.6 to 2.7.7 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/786
build(deps): bump spotbugs-maven-plugin from 4.7.3.3 to 4.7.3.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/785
build(deps): bump spring-cloud-gcp-dependencies from 4.1.3 to 4.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/770
build(deps): bump aws.sdk.version from 2.20.39 to 2.20.53 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/787
build(deps): bump hashicorp/google-beta from 4.59.0 to 4.62.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/769
build(deps): update terraform-aws-modules/vpc/aws requirement from ~> 3.19.0 to ~> 4.0.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/783
build(deps): bump random from 3.4.3 to 3.5.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/781
build(deps): bump aws from 4.61.0 to 4.64.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/780
build(deps): bump terraform-aws-modules/eks/aws from 19.12.0 to 19.13.1 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/782
build(deps): bump azurerm from 3.50.0 to 3.53.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/773
build(deps): bump random from 3.4.3 to 3.5.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/778
build(deps): bump random from 3.4.3 to 3.5.1 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/776
build(deps): bump hashicorp/google from 4.59.0 to 4.62.1 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/775
Update README.md by @commjoen in https://github.com/OWASP/wrongsecrets/pull/766

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.2...1.6.3

Special Thanks

Special thanks to @commjoen and @nbaars for their hard work on this release!

wrongsecrets - 1.6.2: Improved UI, big doc update, LCM, and Challenge29

Published by commjoen over 1 year ago

What's Changed

This is a big documentation update, with which we are now at 100% passing of the OpenSSF: .
Next, we have a new challenge added, and are preparing to add a few more in a couple of weeks ;-).

Documentation:

Fix: Small fix in Contributing.md by @puneeth072003 in https://github.com/OWASP/wrongsecrets/pull/712
fix: fix link in pre-commit badge by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/711
feat(#680): first swagger api setup by @commjoen in https://github.com/OWASP/wrongsecrets/pull/710
fix: add new challenge label to issue template by @bendehaan in https://github.com/OWASP/wrongsecrets/pull/720
Feat(#695): mention AWS as a sponsor by @commjoen in https://github.com/OWASP/wrongsecrets/pull/722
Updates the Javadocs and required docs for OpenSSF by @commjoen in https://github.com/OWASP/wrongsecrets/pull/718
Add missing period by @szh in https://github.com/OWASP/wrongsecrets/pull/725
feat(#680): added more javadoc by @commjoen in https://github.com/OWASP/wrongsecrets/pull/739
Make readme more inviting by @commjoen in https://github.com/OWASP/wrongsecrets/pull/759
(noticket): adding missing contributors by @commjoen in https://github.com/OWASP/wrongsecrets/pull/760
Update readme with badge locations and setup linkedin post by @commjoen in https://github.com/OWASP/wrongsecrets/pull/741

LCM:

build(deps-dev): bump eslint from 8.36.0 to 8.37.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/733
build(deps-dev): bump eslint-plugin-n from 15.6.1 to 15.7.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/735
build(deps): bump spring-boot-starter-parent from 3.0.4 to 3.0.5 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/726
build(deps): bump cyclonedx-maven-plugin from 2.7.5 to 2.7.6 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/730
build(deps): bump checkstyle from 10.8.0 to 10.9.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/744
build(deps): bump spotbugs-maven-plugin from 4.7.3.2 to 4.7.3.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/745
build(deps): bump aws.sdk.version from 2.20.23 to 2.20.37 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/728
build(deps): bump spring-cloud-dependencies from 2022.0.1 to 2022.0.2 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/748
build(deps): bump spring-cloud-gcp-dependencies from 4.1.1 to 4.1.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/729
build(deps): bump jruby-complete from 9.4.1.0 to 9.4.2.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/731
build(deps): bump asciidoctor-maven-plugin from 2.2.2 to 2.2.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/746
build(deps): bump thymeleaf-layout-dialect from 3.2.0 to 3.2.1 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/749
build(deps): bump springdoc-openapi-starter-webmvc-ui from 2.0.4 to 2.1.0 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/747
build(deps): bump aws.sdk.version from 2.20.37 to 2.20.38 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/750
build(deps): bump spotbugs-annotations from 4.6.0 to 4.7.3 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/753
build(deps): bump aws.sdk.version from 2.20.37 to 2.20.39 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/752
build(deps): bump hashicorp/google from 4.55.0 to 4.59.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/732
build(deps): bump hashicorp/google-beta from 4.55.0 to 4.59.0 in /gcp by @dependabot in https://github.com/OWASP/wrongsecrets/pull/734
build(deps): bump azurerm from 3.45.0 to 3.50.0 in /azure by @dependabot in https://github.com/OWASP/wrongsecrets/pull/736
build(deps): bump terraform-aws-modules/eks/aws from 19.10.0 to 19.12.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/738
build(deps): bump aws from 4.56.0 to 4.61.0 in /aws by @dependabot in https://github.com/OWASP/wrongsecrets/pull/737
build(deps): bump minimatch from 7.3.0 to 8.0.3 in /js by @dependabot in https://github.com/OWASP/wrongsecrets/pull/754
build(deps): bump jquery from 3.6.3 to 3.6.4 by @dependabot in https://github.com/OWASP/wrongsecrets/pull/751

Bugfixes

fix: save selected theme by @turjoc120 in https://github.com/OWASP/wrongsecrets/pull/715

New Challenges

Addition of Challenge 29 by @puneeth072003 in https://github.com/OWASP/wrongsecrets/pull/697

New Contributors

@szh made their first contribution in https://github.com/OWASP/wrongsecrets/pull/725
@turjoc120 made their first contribution in https://github.com/OWASP/wrongsecrets/pull/715

Special thanks to

Special thanks to: @bendehaan , @puneeth072003 , @szh , @turjoc120, @nbaars , and @commjoen for their hard work on this release!

Full Changelog: https://github.com/OWASP/wrongsecrets/compare/1.6.1...1.6.2

wrongsecrets - 1.6.1: UI extended, OpenSSF compliance, improved Q/A, and Challenge28

Published by commjoen over 1 year ago

What's Changed

UI Changes:

Add a link to our OWASP Project page and add a Donate link for cloud cost coverage by @commjoen in https://github.com/OWASP/wrongsecrets/pull/691
feat(#707): Initial overhaul for ui, licenses to be included by @commjoen in https://github.com/OWASP/wrongsecrets/pull/708

Bugfixes:

Fix(#701): ui rendering on XS screens (stack not rendering) fixed: empty collumn filled again on mobile in portraid by @commjoen in https://github.com/OWASP/wrongsecrets/pull/704