secureCodeBox
diff --git a/‎.github/workflows/ci.yaml‎
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/ci.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/release-build.yaml‎
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/release-build.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/scb-bot.yaml‎
Lines changed: 28 additions & 28 deletions b/‎.github/workflows/scb-bot.yaml‎
Lines changed: 28 additions & 28 deletions
diff --git a/‎CONTRIBUTORS.md‎
Lines changed: 3 additions & 1 deletion b/‎CONTRIBUTORS.md‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎LICENSE‎
Lines changed: 1 addition & 0 deletions b/‎LICENSE‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎hook-sdk/nodejs/package-lock.json‎
Lines changed: 15 additions & 15 deletions b/‎hook-sdk/nodejs/package-lock.json‎
Lines changed: 15 additions & 15 deletions
diff --git a/‎hook-sdk/nodejs/package.json‎
Lines changed: 1 addition & 1 deletion b/‎hook-sdk/nodejs/package.json‎
Lines changed: 1 addition & 1 deletion
@@ -290,6 +290,7 @@ jobs:
           - nmap
           - nuclei
           - screenshooter
+          - semgrep
           - ssh-scan
           - sslyze
           - trivy
 
@@ -279,6 +279,7 @@ jobs:
           - nmap
           - nuclei
           - screenshooter
+          - semgrep
           - ssh-scan
           - sslyze
           - test-scan
 
@@ -1,33 +1,33 @@
 name: Check outdated scanners
-on: 
-  push:
+on:
   schedule:
-   - cron: "15 9 * * *" # Daily at 9:15 (avoids the beginning of the hour congestion)
+    - cron: "15 9 * * *" # Daily at 9:15 (avoids the beginning of the hour congestion)
 jobs:
   version-compare:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         scanner:
-          - amass                   # Scanner that needs to be updated
-          - angularjs-csti-scanner  # Scanner that does not need to be updated
-          # - gitleaks
-          # - kube-hunter
-          # - kubeaudit
-          # - ncrack
-          # - nuclei
-          # - ssh-scan
-          # - sslyze
-          # - trivy
-          # - whatweb
-          # - wpscan
-          # - zap
-          # - zap-advanced 
-          # These are commented out for the moment to avoid accidental multiple erroneous PRs
+          - amass
+          - angularjs-csti-scanner
+          - cmseek
+          - gitleaks
+          - kube-hunter
+          - kubeaudit
+          - ncrack
+          - nuclei
+          - semgrep
+          - ssh-scan
+          - sslyze
+          - trivy
+          - whatweb
+          - wpscan
+          - zap
+          - zap-advanced
           # missing scanners are : nmap, nikto, typo3scan
     steps:
       - uses: actions/checkout@v2
-   
+
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@v3
         with:
@@ -39,11 +39,11 @@ jobs:
       - name: Fetch scanner's version API
         uses: mikefarah/yq@v4.4.1
         with:
-          cmd: echo versionApi=$(yq e .versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV 
+          cmd: echo versionApi=$(yq e .versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
 
       - name: Fetch latest release scanner version
         run: echo release=$((curl -sL ${{env.versionApi}}  ) | jq -r ".tag_name") | tr -d "v" >> $GITHUB_ENV
-            
+
       - name: Fetch local scanner version
         uses: mikefarah/yq@v4.4.1
         with:
@@ -58,20 +58,20 @@ jobs:
           echo pullRequest=$pullRequestTitle >> $GITHUB_ENV
 
           echo ${{ secrets.GITHUB_TOKEN }} | gh auth login --with-token
-          echo prExists=$(gh pr list --state open --limit 100 | grep -F "$pullRequestTitle" -c) >> $GITHUB_ENV 
+          echo prExists=$(gh pr list --state open --limit 100 | grep -F "$pullRequestTitle" -c) >> $GITHUB_ENV
 
-      - name : Upgrade Scanner
-        if: ${{ env.release != env.local && env.prExists == 0 }} 
+      - name: Upgrade Scanner
+        if: ${{ env.release != env.local && env.prExists == 0 }}
         uses: mikefarah/yq@v4.4.1
         with:
-        # appVersion value in chart is replaced with release value. Empty lines are deleted in the process
+          # appVersion value in chart is replaced with release value. Empty lines are deleted in the process
           cmd: yq e --inplace '.appVersion = "v${{env.release}}"' ./scanners/${{ matrix.scanner }}/Chart.yaml
 
-      - name : Create Pull Request
-        if: ${{ env.release != env.local && env.prExists == 0 }}  
+      - name: Create Pull Request
+        if: ${{ env.release != env.local && env.prExists == 0 }}
         uses: peter-evans/create-pull-request@v3
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.SCB_BOT_USER_TOKEN }}
           committer: secureCodeBoxBot <securecodebox@iteratec.com>
           author: secureCodeBoxBot <securecodebox@iteratec.com>
           title: ${{ env.pullRequest }}
 
@@ -31,4 +31,6 @@ Committing with `git commit -s` will add the sign-off at the end of the commit m
 - Johannes Zahn <johannes.zahn@iteratec.com>
 - Jop Zitman <jop.zitman@secura.com>
 - Florian Buchmeier <florian.buchmeier@audi.de>
-- Max Maass <max.maass@iteratec.com>
+- Max Maass <max.maass@iteratec.com>
+- Chuck McAuley <nobletrout@gmail.com>
+- Ilyes Ben Dlala <ilyes.bendlala@iteratec.com>
@@ -0,0 +1 @@
+LICENSES/Apache-2.0.txt
@@ -11,7 +11,7 @@
   "license": "Apache-2.0",
   "dependencies": {
     "@kubernetes/client-node": "^0.15.1",
-    "axios": "^0.21.4",
+    "axios": "^0.22.0",
     "ws": "^7.5.5"
   }
 }
Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@`
`11`	`11`	`"license": "Apache-2.0",`
`12`	`12`	`"dependencies": {`
`13`	`13`	`"@kubernetes/client-node": "^0.15.1",`
`14`		`- "axios": "^0.21.4",`
	`14`	`+ "axios": "^0.22.0",`
`15`	`15`	`"ws": "^7.5.5"`
`16`	`16`	`}`
`17`	`17`	`}`