diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a673e25e6f..1f80a11d78 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -59,6 +59,7 @@ updates: ignore: - dependency-name: "io.kubernetes:client-java:*-legacy" - dependency-name: "io.securecodebox:defectdojo-client:3.0.0" + - dependency-name: "org.springframework:spring-web" groups: gradle-security-updates: applies-to: security-updates diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e0ca0d272e..5e67fb3555 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -22,25 +22,25 @@ env: # renovate: datasource=github-releases depName=python/cpython PYTHON_VERSION: "3.13.5" # renovate: datasource=github-releases depName=kubernetes/kubernetes - KUBECTL_VERSION: "v1.34.3" + KUBECTL_VERSION: "v1.36.1" # renovate: datasource=github-releases depName=kubernetes-sigs/kind - KIND_BINARY_VERSION: "v0.30.0" + KIND_BINARY_VERSION: "v0.31.0" # renovate: datasource=github-releases depName=helm/helm - HELM_VERSION: "v4.0.1" + HELM_VERSION: "v4.2.0" # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_PLUGIN_UNITTEST_VERSION: "1.0.3" + HELM_PLUGIN_UNITTEST_VERSION: "1.1.0" # renovate: datasource=github-releases depName=go-task/task - TASK_VERSION: "v3.45.5" + TASK_VERSION: "3.51.1" jobs: test-nodejs-scanner-test-helpers: name: "Unit Test | Node.js Scanner Test Helpers" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install bun - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 + uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 - name: Install dependencies working-directory: tests/integration @@ -50,10 +50,10 @@ jobs: working-directory: tests/integration run: bun test helpers.test.js k8s-setup: - name: "Setup Kind & Kubectl & Helm & Task" + name: "Setup Kind & Kubectl & Helm" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install Kind run: | @@ -71,36 +71,24 @@ jobs: tar -xzf ./helm.tar.gz chmod +x ./linux-amd64/helm - - name: Install Task - run: | - curl -Lo ./task.tar.gz https://github.com/go-task/task/releases/download/${{ env.TASK_VERSION }}/task_linux_amd64.tar.gz - tar -xzf ./task.tar.gz - chmod +x ./task - - name: Archive Kind - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: kind path: ./kind - name: Archive Kubectl - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: kubectl path: ./kubectl - name: Archive Helm - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: helm path: ./linux-amd64/helm - - name: Archive Task - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - with: - name: task - path: ./task - # ---- Unit-Test ---- # ---- Unit-Test | Java ---- @@ -111,9 +99,15 @@ jobs: needs: - k8s-setup steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} + - name: Download Helm - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: helm path: ./helm @@ -128,17 +122,7 @@ jobs: - name: Install Helm Unit Test Plugin run: | - helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST_VERSION }} --verify=false - - - name: Download Task - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: task - path: ./task - - - name: Make Task globally available - run: | - chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task + helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST_VERSION }} --verify=false - name: Helm-Chart Unit Tests run: task test:helm:all @@ -150,24 +134,24 @@ jobs: matrix: unit: ["persistence-defectdojo"] steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up JDK 17 - uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: "temurin" # required Java distribution java-version: "17" # The JDK version to make available on the path. java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk architecture: x64 # (x64 or x86) - defaults to x64 - name: Cache SonarCloud packages - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - name: Cache Gradle packages - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: ~/.gradle/caches key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} @@ -191,10 +175,15 @@ jobs: component: ["operator", "lurker"] steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: "operator/go.mod" @@ -206,18 +195,18 @@ jobs: - name: Test working-directory: ./operator - run: make test + run: task test - name: Build Container Image working-directory: ./operator - run: make docker-build + run: task docker-build - name: Export Container Image working-directory: ./operator - run: make docker-export-${{ matrix.component }} + run: task docker-export-${{ matrix.component }} - name: Upload Image As Artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ matrix.component }}-image path: ./operator/${{ matrix.component }}.tar @@ -230,10 +219,15 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: "auto-discovery/kubernetes/go.mod" @@ -245,18 +239,18 @@ jobs: - name: Test working-directory: ./auto-discovery/kubernetes/ - run: make test + run: task test - name: Build Container Image working-directory: ./auto-discovery/kubernetes/ - run: make docker-build + run: task docker-build - name: Export Container Image working-directory: ./auto-discovery/kubernetes/ - run: make docker-export + run: task docker-export - name: Upload Image As Artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: auto-discovery-image path: ./auto-discovery/kubernetes/auto-discovery-kubernetes.tar @@ -270,10 +264,10 @@ jobs: - k8s-setup steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: "auto-discovery/kubernetes/go.mod" @@ -283,30 +277,25 @@ jobs: go fmt ./... go vet ./... - - name: Download Task - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 with: - name: task - path: ./task - - - name: Make Task globally available - run: | - chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task + version: ${{ env.TASK_VERSION }} - name: Download Kind - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: kind path: ./kind - name: Download Kubectl - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: kubectl path: ./kubectl - name: Download Helm - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: helm path: ./helm @@ -336,7 +325,7 @@ jobs: run: task docker-export - name: Upload Image As Artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: auto-discovery-pull-secret-extractor path: ./auto-discovery/kubernetes/pull-secret-extractor/auto-discovery-secret-extractor.tar @@ -363,10 +352,15 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: "auto-discovery/cloud-aws/go.mod" @@ -378,18 +372,18 @@ jobs: - name: Test working-directory: ./auto-discovery/cloud-aws/ - run: make test + run: task test - name: Build Container Image working-directory: ./auto-discovery/cloud-aws/ - run: make docker-build + run: task docker-build - name: Export Container Image working-directory: ./auto-discovery/cloud-aws/ - run: make docker-export + run: task docker-export - name: Upload Image As Artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: auto-discovery-cloud-aws-image path: ./auto-discovery/cloud-aws/auto-discovery-cloud-aws.tar @@ -407,18 +401,23 @@ jobs: - hook-sdk steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} - name: Build Image working-directory: ./${{ matrix.sdk }}/nodejs - run: make docker-build-sdk + run: task docker-build - name: Export Image working-directory: ./${{ matrix.sdk }}/nodejs - run: make docker-export-sdk + run: task docker-export - name: Upload Artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ matrix.sdk }}-image path: ./${{ matrix.sdk }}/nodejs/${{ matrix.sdk }}.tar @@ -457,35 +456,30 @@ jobs: - zap-automation-framework steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install bun - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 + uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 - - name: Download Task - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 with: - name: task - path: ./task - - - name: Make Task globally available - run: | - chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task + version: ${{ env.TASK_VERSION }} - name: Download Kind - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: kind path: ./kind - name: Download Kubectl - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: kubectl path: ./kubectl - name: Download Helm - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: helm path: ./helm @@ -496,18 +490,24 @@ jobs: chmod +x ./kubectl/kubectl && sudo mv ./kubectl/kubectl /usr/local/bin/kubectl chmod +x ./helm/helm && sudo mv ./helm/helm /usr/local/bin/helm + - name: Go Setup + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + with: + go-version-file: "scanners/git-repo-scanner/scanner/go.mod" + - name: Verify tools run: | kind version kubectl version || true helm version + go version - name: Unit Tests working-directory: ./scanners/${{ matrix.unit }}/ run: task test:unit - name: Download Parser SDK Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: parser-sdk-image path: /tmp @@ -518,7 +518,7 @@ jobs: docker images | grep sdk - name: Download Operator Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: operator-image path: ./operator @@ -529,7 +529,7 @@ jobs: docker images | grep operator - name: Download Lurker Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: lurker-image path: ./operator @@ -552,7 +552,7 @@ jobs: run: task deploy - name: Start Integration Tests - uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0 with: timeout_minutes: 15 max_attempts: 3 @@ -610,35 +610,30 @@ jobs: # - persistence-static-report (WIP) steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install bun - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 + uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 - - name: Download Task - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 with: - name: task - path: ./task - - - name: Make Task globally available - run: | - chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task + version: ${{ env.TASK_VERSION }} - name: Download Kind - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: kind path: ./kind - name: Download Kubectl - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: kubectl path: ./kubectl - name: Download Helm - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: helm path: ./helm @@ -660,7 +655,7 @@ jobs: run: task test:unit - name: Download Parser SDK Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: hook-sdk-image path: /tmp @@ -671,7 +666,7 @@ jobs: docker images | grep sdk - name: Download Operator Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: operator-image path: ./operator @@ -682,7 +677,7 @@ jobs: docker images | grep operator - name: Download Lurker Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: lurker-image path: ./operator @@ -705,7 +700,7 @@ jobs: run: task deploy - name: Start Integration Tests - uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0 with: timeout_minutes: 15 max_attempts: 3 @@ -744,10 +739,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: "scbctl/go.mod" diff --git a/.github/workflows/documentation-roulette.yaml b/.github/workflows/documentation-roulette.yaml index 0b87dc6b53..b695a82ecc 100644 --- a/.github/workflows/documentation-roulette.yaml +++ b/.github/workflows/documentation-roulette.yaml @@ -21,7 +21,7 @@ jobs: if: github.repository == 'secureCodeBox/secureCodeBox' steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Request team members with the GitHub API using their gh cli - name: Fetch core-team members diff --git a/.github/workflows/helm-charts-release-ghcr.yaml b/.github/workflows/helm-charts-release-ghcr.yaml index 4a6bbfd772..369d64a1da 100644 --- a/.github/workflows/helm-charts-release-ghcr.yaml +++ b/.github/workflows/helm-charts-release-ghcr.yaml @@ -20,7 +20,7 @@ jobs: name: "Publish Helm Charts to GHCR" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Parse Release Version run: | diff --git a/.github/workflows/helm-charts-release.yaml b/.github/workflows/helm-charts-release.yaml index 667a3da4cc..07d6e51f85 100644 --- a/.github/workflows/helm-charts-release.yaml +++ b/.github/workflows/helm-charts-release.yaml @@ -18,7 +18,7 @@ jobs: name: Package and Publish runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: "Install yq" run: | sudo snap install yq diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml index 30074751d7..4f4b23929c 100644 --- a/.github/workflows/helm-docs.yaml +++ b/.github/workflows/helm-docs.yaml @@ -14,18 +14,22 @@ on: permissions: contents: write +env: + # renovate: datasource=github-releases depName=go-task/task + TASK_VERSION: "3.51.1" + jobs: helm-docs: runs-on: ubuntu-24.04 if: github.repository == 'secureCodeBox/secureCodeBox' steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{ github.head_ref }} token: ${{ secrets.SCB_BOT_USER_TOKEN }} - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0 + uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0 with: gpg_private_key: ${{ secrets.GPG_COMMITS_PRIVATE_KEY }} passphrase: ${{ secrets.GPG_COMMITS_PASSPHRASE }} @@ -34,6 +38,11 @@ jobs: git_committer_name: secureCodeBoxBot git_committer_email: securecodebox@iteratec.com + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} + - name: Download Helm Docs run: | mkdir helm-docs @@ -51,21 +60,21 @@ jobs: - name: Generate README run: | - make readme + task readme - name: Generate Demo Target Docs - run: make demo-target-docs + run: task demo-target-docs - name: Generate Hooks Docs - run: make hook-docs + run: task hook-docs - name: Generate Scanner Docs - run: make scanner-docs + run: task scanner-docs - name: Generate Operator Docs - run: make operator-docs + run: task operator-docs - name: Generate AutoDiscovery Docs - run: make auto-discovery-docs + run: task auto-discovery-docs - name: Remove Helm Docs Files run: | diff --git a/.github/workflows/label-commenter.yml b/.github/workflows/label-commenter.yml index abe871f668..ed95133232 100644 --- a/.github/workflows/label-commenter.yml +++ b/.github/workflows/label-commenter.yml @@ -19,7 +19,7 @@ jobs: comment: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Label Commenter uses: peaceiris/actions-label-commenter@f0dbbef043eb1b150b566db36b0bdc8b7f505579 # v1.10.0 with: diff --git a/.github/workflows/license-check.yaml b/.github/workflows/license-check.yaml index 5accc5694b..eff256f09b 100644 --- a/.github/workflows/license-check.yaml +++ b/.github/workflows/license-check.yaml @@ -19,7 +19,7 @@ jobs: if: github.repository == 'secureCodeBox/secureCodeBox' steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: REUSE Compliance Check uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0 diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index b7f28353e3..60de0ebfdb 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -36,7 +36,7 @@ jobs: steps: # Git Checkout - name: Checkout Code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} fetch-depth: 0 @@ -46,7 +46,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.github.io/flavors/ - uses: oxsecurity/megalinter@55a59b24a441e0e1943080d4a512d827710d4a9d # v9.2.0 + uses: oxsecurity/megalinter@8fbdead70d1409964ab3d5afa885e18ee85388bb # v9.4.0 env: # All available variables are described in documentation # https://megalinter.github.io/configuration/ @@ -57,7 +57,7 @@ jobs: # Upload MegaLinter artifacts - name: Archive production artifacts if: ${{ success() }} || ${{ failure() }} - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: MegaLinter reports path: | diff --git a/.github/workflows/move-bot-pr-to-review.yaml b/.github/workflows/move-bot-pr-to-review.yaml index 2e4bcfabcc..10d9b2395a 100644 --- a/.github/workflows/move-bot-pr-to-review.yaml +++ b/.github/workflows/move-bot-pr-to-review.yaml @@ -19,7 +19,7 @@ jobs: # only run if the branch starts with 'dependabot/' or 'dependencies/upgrading' if: startsWith(github.head_ref, 'dependabot/') || startsWith(github.head_ref, 'dependencies/upgrading') steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Add bot PR to project run: | diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml index ec5e52c344..42b1e4ad1b 100644 --- a/.github/workflows/oss-scorecard.yaml +++ b/.github/workflows/oss-scorecard.yaml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false @@ -33,6 +33,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 with: sarif_file: results.sarif diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml index 28557a6ced..a6ba911288 100644 --- a/.github/workflows/release-build.yaml +++ b/.github/workflows/release-build.yaml @@ -31,11 +31,11 @@ jobs: component: ["operator", "lurker"] steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/${{ matrix.component }} tags: | @@ -43,18 +43,18 @@ jobs: type=semver,pattern={{version}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./${{ matrix.component }} file: ./${{ matrix.component }}/Dockerfile @@ -78,11 +78,11 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/auto-discovery-kubernetes tags: | @@ -90,18 +90,18 @@ jobs: type=semver,pattern={{version}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./auto-discovery/kubernetes/ file: ./auto-discovery/kubernetes/Dockerfile @@ -125,11 +125,11 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/auto-discovery-pull-secret-extractor tags: | @@ -137,18 +137,18 @@ jobs: type=semver,pattern={{version}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./auto-discovery/kubernetes/pull-secret-extractor file: ./auto-discovery/kubernetes/pull-secret-extractor/Dockerfile @@ -178,11 +178,11 @@ jobs: - hook-sdk steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/${{ matrix.sdk }}-nodejs tags: | @@ -190,18 +190,18 @@ jobs: type=semver,pattern={{version}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./${{ matrix.sdk }}/nodejs file: ./${{ matrix.sdk }}/nodejs/Dockerfile @@ -231,11 +231,11 @@ jobs: - update-field-hook steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/hook-${{ matrix.hook }} tags: | @@ -243,12 +243,12 @@ jobs: type=semver,pattern={{version}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} @@ -258,7 +258,7 @@ jobs: echo "baseImageTag=sha-$(git rev-parse --short HEAD)" >> $GITHUB_ENV - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./hooks/${{ matrix.hook }}/hook file: ./hooks/${{ matrix.hook }}/hook/Dockerfile @@ -285,11 +285,11 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/persistence-elastic-dashboard-importer tags: | @@ -297,16 +297,16 @@ jobs: type=semver,pattern={{version}} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./hooks/persistence-elastic/dashboard-importer/ file: ./hooks/persistence-elastic/dashboard-importer/Dockerfile @@ -347,11 +347,11 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/parser-${{ matrix.parser }} tags: | @@ -359,12 +359,12 @@ jobs: type=semver,pattern={{version}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} @@ -374,7 +374,7 @@ jobs: echo "baseImageTag=sha-$(git rev-parse --short HEAD)" >> $GITHUB_ENV - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./scanners/${{ matrix.parser }}/parser file: ./scanners/${{ matrix.parser }}/parser/Dockerfile @@ -422,10 +422,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set ENV Var with Scanner Version - uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2 + uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 # Notice: The current version of the scanner is provided via the Chart.yaml to ensure # there is only one place to edit the version of a scanner with: @@ -433,13 +433,13 @@ jobs: # extract the supported cpu architectures from the Chart.yaml - name: Set ENV Var with Supported Platforms - uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2 + uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 with: cmd: echo supportedPlatforms=$(yq e .annotations.supported-platforms scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/scanner-${{ matrix.scanner }} tags: | @@ -447,16 +447,16 @@ jobs: ${{ env.scannerVersion }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./scanners/${{ matrix.scanner }}/scanner file: ./scanners/${{ matrix.scanner }}/scanner/Dockerfile @@ -492,11 +492,11 @@ jobs: - test-scan steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/scanner-${{ matrix.scanner }} tags: | @@ -504,10 +504,10 @@ jobs: type=semver,pattern={{version}} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} @@ -517,13 +517,13 @@ jobs: echo "baseImageTag=sha-$(git rev-parse --short HEAD)" >> $GITHUB_ENV - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./scanners/${{ matrix.scanner }}/scanner file: ./scanners/${{ matrix.scanner }}/scanner/Dockerfile build-args: | baseImageTag=${{ env.baseImageTag }} - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.docker_meta.outputs.tags }} labels: ${{ steps.docker_meta.outputs.labels }} @@ -552,10 +552,10 @@ jobs: - old-wordpress steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set ENV Var with Demo-Target Version - uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2 + uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 # Notice: The current version of the demo-target is provided via the Chart.yaml to ensure # there is only one place to edit the version of a scanner with: @@ -563,7 +563,7 @@ jobs: - name: Docker Meta id: docker_meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_NAMESPACE }}/demo-target-${{ matrix.target }} tags: | @@ -572,16 +572,16 @@ jobs: ${{ env.targetVersion }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: ./demo-targets/${{ matrix.target }}/container file: ./demo-targets/${{ matrix.target }}/container/Dockerfile diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml index e19179506f..24559555ba 100644 --- a/.github/workflows/scb-bot.yaml +++ b/.github/workflows/scb-bot.yaml @@ -23,6 +23,10 @@ permissions: contents: write pull-requests: write +env: + # renovate: datasource=github-releases depName=go-task/task + TASK_VERSION: "3.51.1" + jobs: version-compare: runs-on: ubuntu-24.04 @@ -48,10 +52,10 @@ jobs: - zap-automation-framework # missing scanners are : nmap, nikto steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0 + uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0 with: gpg_private_key: ${{ secrets.GPG_COMMITS_PRIVATE_KEY }} passphrase: ${{ secrets.GPG_COMMITS_PASSPHRASE }} @@ -61,14 +65,14 @@ jobs: # Fetching scanner version from local chart .appVersion attribute # this would look like 1.1.1 or v1.1.1 depending on the corresponding Docker image tag - name: Fetch local scanner version - uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2 + uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 with: cmd: echo local=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV # Fetching scanner version API from local chart .annotations.versionApi attribute # This would look like https://api.github.com/repos/projectdiscovery/nuclei/releases/latest - name: Fetch scanner's version API - uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2 + uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 with: cmd: echo versionApi=$(yq e .annotations.versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV @@ -143,12 +147,17 @@ jobs: - name: Upgrade Scanner Helm Chart if: ${{ env.release != env.local && env.prExists == 0 && env.release != null}} - uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2 + uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 with: # appVersion value in chart is replaced with release value. Empty lines are deleted in the process cmd: yq e --inplace '.appVersion = "${{env.release}}"' ./scanners/${{ matrix.scanner }}/Chart.yaml # Updating Helm Docs + - name: Install Task + uses: go-task/setup-task@3be4020d41929789a01026e0e427a4321ce0ad44 # v2.0.0 + with: + version: ${{ env.TASK_VERSION }} + - name: Download Helm Docs run: | mkdir helm-docs @@ -165,22 +174,22 @@ jobs: sudo mv helm-docs /usr/local/bin/helm-docs - name: Generate README - run: make readme + run: task readme - name: Generate Demo Target Docs - run: make demo-target-docs + run: task demo-target-docs - name: Generate Hooks Docs - run: make hook-docs + run: task hook-docs - name: Generate Scanner Docs - run: make scanner-docs + run: task scanner-docs - name: Generate Operator Docs - run: make operator-docs + run: task operator-docs - name: Generate AutoDiscovery Docs - run: make auto-discovery-docs + run: task auto-discovery-docs - name: Remove Helm Docs Files run: | @@ -189,7 +198,7 @@ jobs: - name: Create Pull Request if: ${{ env.release != env.local && env.prExists == 0 && env.release != null }} - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7.0.11 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: token: ${{ secrets.SCB_BOT_USER_TOKEN }} committer: secureCodeBoxBot diff --git a/.npmrc b/.npmrc new file mode 100644 index 0000000000..12934b83a0 --- /dev/null +++ b/.npmrc @@ -0,0 +1,3 @@ +min-release-age=7 # days +ignore-scripts=true +engine-strict=true diff --git a/.npmrc.license b/.npmrc.license new file mode 100644 index 0000000000..3034c0d74b --- /dev/null +++ b/.npmrc.license @@ -0,0 +1,3 @@ +SPDX-FileCopyrightText: the secureCodeBox authors + +SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/.nvmrc b/.nvmrc index 2bd5a0a98a..a45fd52cc5 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -22 +24 diff --git a/.templates/new-scanner/Taskfile.yaml b/.templates/new-scanner/Taskfile.yaml index 9944d77f99..f3504e3f65 100644 --- a/.templates/new-scanner/Taskfile.yaml +++ b/.templates/new-scanner/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index d6071c23be..951a74893c 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -62,3 +62,5 @@ Committing with `git commit -s` will add the sign-off at the end of the commit m - Joel Saß - Patrick Weiss - Conleth Kennedy +- Matus Szepe +- Felix Bäuml \ No newline at end of file diff --git a/Makefile b/Makefile deleted file mode 100644 index a2341a4b90..0000000000 --- a/Makefile +++ /dev/null @@ -1,122 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include ./prerequisites.mk -include ./env-paths.mk - -all: help - -.PHONY: npm-ci-all -npm-ci-all: ## Runs npm ci in all node module subfolders. - @echo "Installing all NPM dependencies" - @"$(BIN_DIR)/npm-ci-all.sh" - -.PHONY: npm-test-all -npm-test-all: ## Runs all Jest based test suites. - npm test -- --ci --colors --coverage --testPathIgnorePatterns /integration-tests/ - -.PHONY: test-all -test-all: install-operator install-sdks ## Runs all makefile based test suites (unit + integration Tests). - @echo "Running make test for all scanner and hook modules..." - @for dir in $(SCANNERS_TEST_LIST) $(HOOKS_TEST_LIST); do \ - echo "🧪 Test Suite for $${dir}" && cd $$(dirname $$dir) && $(MAKE) -s test || exit 1; \ - done - -.PHONY: install-operator -install-operator: ## Install the operator for makefile based testing. - @echo "Installing the operator for makefile based testing..." - cd "$(OPERATOR_DIR)" && $(MAKE) -s docker-build docker-export kind-import helm-deploy - -.PHONY: install-sdks -install-sdks: ## Install the SDKs for makefile based testing. - @echo "Installing the SDKs (parser, hooks) for makefile based testing..." - cd "$(PARSER_SDK_DIR)" && $(MAKE) -s docker-build - cd "$(HOOK_SDK_DIR)" && $(MAKE) -s docker-build - -.PHONY: readme -readme: ## Generate README.md based on Chart.yaml and template. - "$(BIN_DIR)/generate-helm-docs.sh" --readme $(PROJECT_DIR) $(HELM_DOCS_DIR) - -.PHONY: hook-docs -hook-docs: ## Generate documentation for hooks. - @for chart in $(HOOKS_CHART_LIST); do \ - "$(BIN_DIR)/generate-helm-docs.sh" --hook "$${chart}" "$(HELM_DOCS_DIR)"; \ - done - -.PHONY: scanner-docs -scanner-docs: ## Generate documentation for scanners. - @for chart in $(SCANNERS_CHART_LIST); do \ - "$(BIN_DIR)/generate-helm-docs.sh" --scanner "$${chart}" "$(HELM_DOCS_DIR)"; \ - done - -.PHONY: operator-docs -operator-docs: ## Generate documentation for the operator. - "$(BIN_DIR)/generate-helm-docs.sh" --operator "$(OPERATOR_DIR)/Chart.yaml" "$(HELM_DOCS_DIR)" - -.PHONY: auto-discovery-docs -auto-discovery-docs: ## Generate documentation for the auto-discovery. - "$(BIN_DIR)/generate-helm-docs.sh" --operator "$(AUTO_DISCOVERY_DIR)/cloud-aws/Chart.yaml" "$(HELM_DOCS_DIR)" - "$(BIN_DIR)/generate-helm-docs.sh" --operator "$(AUTO_DISCOVERY_DIR)/kubernetes/Chart.yaml" "$(HELM_DOCS_DIR)" - -.PHONY: demo-target-docs -demo-target-docs: ## Generate documentation for demo targets. - @for chart in $(DEMO_TARGETS_CHART_LIST); do \ - "$(BIN_DIR)/generate-helm-docs.sh" --demo-target "$${chart}" "$(HELM_DOCS_DIR)"; \ - done - -.PHONY: docs -docs: readme hook-docs scanner-docs operator-docs auto-discovery-docs demo-target-docs ## Generate all documentation. - -.PHONY: create-new-scanner -create-new-scanner: ## Creates templates for a new scanner, pass NAME=NEW-SCANNER to this target. -ifndef NAME - $(error Scanner name not defined, please provide via make create-new-scanner NAME=NEW-SCANNER) -endif - rm -rf "$(SCANNERS_DIR)/$(NAME)" - cp -r "$(TEMPLATES_DIR)/new-scanner/" "$(SCANNERS_DIR)/$(NAME)" - find "$(SCANNERS_DIR)/$(NAME)" -type f ! -name tmp \ - -exec sed -n "s/new-scanner/$(NAME)/g;w $(SCANNERS_DIR)/$(NAME)/tmp" {} \; \ - -exec mv "$(SCANNERS_DIR)/$(NAME)/tmp" {} \; - mv "$(SCANNERS_DIR)/$(NAME)/templates/new-scanner-parse-definition.yaml" \ - "$(SCANNERS_DIR)/$(NAME)/templates/$(NAME)-parse-definition.yaml" - mv "$(SCANNERS_DIR)/$(NAME)/templates/new-scanner-scan-type.yaml" \ - "$(SCANNERS_DIR)/$(NAME)/templates/$(NAME)-scan-type.yaml" - -.PHONY: test-scanner -test-scanner: ## Shorthand to test a scanner w/o changing in its subdirectory. -ifndef NAME - $(error Scanner name not defined, please provide via make test-scanner NAME=SCANNER_NAME) -endif - $(MAKE) test -C $(SCANNERS_DIR)/$(NAME) - -.PHONY: test-hook -test-hook: ## Shorthand to test a hook w/o changing in its subdirectory. -ifndef NAME - $(error Hook name not defined, please provide via make test-hook NAME=HOOK_NAME) -endif - $(MAKE) test -C $(HOOKS_DIR)/$(NAME) - -.PHONY: lint -lint: ## Lint only changed files with respect to main branch - npx mega-linter-runner - @printf "\033[36m\n\n\nThe generated reports can be found under ./report/linters_logs/ \n\n\033[0m" - -.PHONY: lintfix -lintfix: ## Lint only changed files with respect to main branch and apply automatic fixes if possible - npx mega-linter-runner --fix - @printf "\033[36m\n\n\nThe generated reports can be found under ./report/linters_logs/ \n\n\033[0m" - -.PHONY: lintall -lintall: ## Lint complete repo - npx mega-linter-runner --env VALIDATE_ALL_CODEBASE=true - @printf "\033[36m\n\n\nThe generated reports can be found under ./report/linters_logs/ \n\n\033[0m" - -.PHONY: help -help: ## Display this help screen. - @grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \ - awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' - -.PHONY: scbctl -scbctl: ## Build scbctl cli tool - cd scbctl && go build -o scbctl main.go diff --git a/Taskfile.yaml b/Taskfile.yaml index fe4fc68f80..d4c7d1ba03 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -2,50 +2,68 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" env: IMG_NS: securecodebox IMG_TAG: sh: 'echo "sha-$(git rev-parse --short HEAD)"' +vars: + SCANNERS_DIR: '{{ .TASKFILE_DIR }}/scanners' + HOOKS_DIR: '{{ .TASKFILE_DIR }}/hooks' + DEMO_TARGETS_DIR: '{{ .TASKFILE_DIR }}/demo-targets' + OPERATOR_DIR: '{{ .TASKFILE_DIR }}/operator' + PARSER_SDK_DIR: '{{ .TASKFILE_DIR }}/parser-sdk/nodejs' + HOOK_SDK_DIR: '{{ .TASKFILE_DIR }}/hook-sdk/nodejs' + AUTO_DISCOVERY_DIR: '{{ .TASKFILE_DIR }}/auto-discovery' + HELM_DOCS_DIR: '{{ .TASKFILE_DIR }}/.helm-docs' + TEMPLATES_DIR: '{{ .TASKFILE_DIR }}/.templates' + BIN_DIR: '{{ .TASKFILE_DIR }}/bin' + tasks: create-kind-cluster: + run: once cmds: - 'echo "Starting kind cluster for testing environment"' - kind create cluster --name testing-env status: - - kind get clusters | grep testing-env || exit 1 + - kind get clusters | grep -q testing-env build-operator-image: + run: once cmds: - 'echo "Building operator image with tag ${IMG_TAG}"' - docker build -t ${IMG_NS}/operator:${IMG_TAG} {{ .TASKFILE_DIR }}/operator status: - - docker images | grep "${IMG_NS}/operator" | grep "${IMG_TAG}" + - docker images | grep -q "${IMG_NS}/operator:${IMG_TAG}" build-lurker-image: + run: once cmds: - 'echo "Building lurker image with tag ${IMG_TAG}"' - docker build -t ${IMG_NS}/lurker:${IMG_TAG} {{ .TASKFILE_DIR }}/lurker status: - - docker images | grep "${IMG_NS}/lurker" | grep "${IMG_TAG}" + - docker images | grep -q "${IMG_NS}/lurker:${IMG_TAG}" load-operator-image: + run: once deps: [build-operator-image] cmds: - kind load docker-image ${IMG_NS}/operator:${IMG_TAG} --name testing-env status: - - kind get images --name testing-env | grep "${IMG_NS}/operator:${IMG_TAG}" || exit 1 + - kind get images --name testing-env | grep -q "${IMG_NS}/operator:${IMG_TAG}" load-lurker-image: + run: once deps: [build-lurker-image] cmds: - kind load docker-image ${IMG_NS}/lurker:${IMG_TAG} --name testing-env status: - - kind get images --name testing-env | grep "${IMG_NS}/lurker:${IMG_TAG}" || exit 1 + - kind get images --name testing-env | grep -q "${IMG_NS}/lurker:${IMG_TAG}" deploy-operator: + run: once deps: [load-operator-image, load-lurker-image] cmds: - 'echo "Deploying secureCodeBox operator to the testing environment"' @@ -60,21 +78,23 @@ tasks: --set="lurker.image.tag=${IMG_TAG}" \ --set="lurker.image.pullPolicy=IfNotPresent" status: - - kubectl get deployment -n securecodebox-system securecodebox-controller-manager | grep "1/1" || false + - kubectl get deployment -n securecodebox-system securecodebox-controller-manager | grep -q "1/1" build-parser-sdk-image: + run: once cmds: - 'echo "Building parser-sdk images with tag ${IMG_TAG}"' - docker build -t securecodebox/parser-sdk-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }}/parser-sdk/nodejs status: - - docker images | grep "securecodebox/parser-sdk-nodejs" | grep "${IMG_TAG}" + - docker images | grep -q "securecodebox/parser-sdk-nodejs:${IMG_TAG}" build-hook-sdk-image: + run: once cmds: - 'echo "Building hook-sdk images with tag ${IMG_TAG}"' - docker build -t securecodebox/hook-sdk-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }}/hook-sdk/nodejs status: - - docker images | grep "securecodebox/hook-sdk-nodejs" | grep "${IMG_TAG}" + - docker images | grep -q "securecodebox/hook-sdk-nodejs:${IMG_TAG}" prepare-testing-env: desc: "Prepare the testing environment by running all required tasks" @@ -101,10 +121,115 @@ tasks: interactive: true test:helm:all: + desc: "Run helm unit tests for all charts in the project" + preconditions: + - msg: "Helm unittest plugin is not installed. Install it from https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + vars: + CHARTS: + sh: find {{ .TASKFILE_DIR }} -name "Chart.yaml" -exec dirname {} \; + cmds: + - for: { var: CHARTS } + cmd: helm unittest "{{ .ITEM }}" + + npm-ci-all: + desc: "Install all NPM dependencies across the project" + cmds: + - 'echo "Installing all NPM dependencies"' + - '{{ .BIN_DIR }}/npm-ci-all.sh' + + npm-test-all: + desc: "Run all Jest based test suites" + cmds: + - npm test -- --ci --colors --coverage --testPathIgnorePatterns /integration-tests/ + + readme: + desc: "Generate README.md based on Chart.yaml and template" + cmds: + - '{{ .BIN_DIR }}/generate-helm-docs.sh --readme {{ .TASKFILE_DIR }} {{ .HELM_DOCS_DIR }}' + + hook-docs: + desc: "Generate documentation for all hooks" + vars: + CHARTS: + sh: find {{ .HOOKS_DIR }} -maxdepth 2 -name "Chart.yaml" + cmds: + - for: { var: CHARTS } + cmd: '{{ .BIN_DIR }}/generate-helm-docs.sh --hook "{{ .ITEM }}" "{{ .HELM_DOCS_DIR }}"' + + scanner-docs: + desc: "Generate documentation for all scanners" + vars: + CHARTS: + sh: find {{ .SCANNERS_DIR }} -maxdepth 2 -name "Chart.yaml" + cmds: + - for: { var: CHARTS } + cmd: '{{ .BIN_DIR }}/generate-helm-docs.sh --scanner "{{ .ITEM }}" "{{ .HELM_DOCS_DIR }}"' + + operator-docs: + desc: "Generate documentation for the operator" + cmds: + - '{{ .BIN_DIR }}/generate-helm-docs.sh --operator "{{ .OPERATOR_DIR }}/Chart.yaml" "{{ .HELM_DOCS_DIR }}"' + + auto-discovery-docs: + desc: "Generate documentation for auto-discovery components" cmds: + - '{{ .BIN_DIR }}/generate-helm-docs.sh --operator "{{ .AUTO_DISCOVERY_DIR }}/cloud-aws/Chart.yaml" "{{ .HELM_DOCS_DIR }}"' + - '{{ .BIN_DIR }}/generate-helm-docs.sh --operator "{{ .AUTO_DISCOVERY_DIR }}/kubernetes/Chart.yaml" "{{ .HELM_DOCS_DIR }}"' + + demo-target-docs: + desc: "Generate documentation for demo targets" + vars: + CHARTS: + sh: find {{ .DEMO_TARGETS_DIR }} -maxdepth 2 -name "Chart.yaml" + cmds: + - for: { var: CHARTS } + cmd: '{{ .BIN_DIR }}/generate-helm-docs.sh --demo-target "{{ .ITEM }}" "{{ .HELM_DOCS_DIR }}"' + + docs: + desc: "Generate all documentation" + cmds: + - task: readme + - task: hook-docs + - task: scanner-docs + - task: operator-docs + - task: auto-discovery-docs + - task: demo-target-docs + + create-new-scanner: + desc: "Create a new scanner from template (use -- NAME=scanner-name)" + preconditions: + - msg: "Scanner name not defined, please provide via: task create-new-scanner -- NAME=NEW-SCANNER" + sh: '[ -n "{{ .NAME }}" ]' + cmds: + - rm -rf "{{ .SCANNERS_DIR }}/{{ .NAME }}" + - cp -r "{{ .TEMPLATES_DIR }}/new-scanner/" "{{ .SCANNERS_DIR }}/{{ .NAME }}" - | - find . -name "Chart.yaml" | while read -r chart_file; do - chart_dir=$(dirname "$chart_file") - echo "Running tests for helm chart: $chart_dir" - helm unittest $chart_dir - done + find "{{ .SCANNERS_DIR }}/{{ .NAME }}" -type f ! -name tmp \ + -exec sed -n "s/new-scanner/{{ .NAME }}/g;w {{ .SCANNERS_DIR }}/{{ .NAME }}/tmp" {} \; \ + -exec mv "{{ .SCANNERS_DIR }}/{{ .NAME }}/tmp" {} \; + - mv "{{ .SCANNERS_DIR }}/{{ .NAME }}/templates/new-scanner-parse-definition.yaml" "{{ .SCANNERS_DIR }}/{{ .NAME }}/templates/{{ .NAME }}-parse-definition.yaml" + - mv "{{ .SCANNERS_DIR }}/{{ .NAME }}/templates/new-scanner-scan-type.yaml" "{{ .SCANNERS_DIR }}/{{ .NAME }}/templates/{{ .NAME }}-scan-type.yaml" + + lint: + desc: "Lint only changed files with respect to main branch" + cmds: + - npx mega-linter-runner + - 'echo "The generated reports can be found under ./report/linters_logs/"' + + lintfix: + desc: "Lint only changed files with respect to main branch and apply automatic fixes" + cmds: + - npx mega-linter-runner --fix + - 'echo "The generated reports can be found under ./report/linters_logs/"' + + lintall: + desc: "Lint complete repo" + cmds: + - npx mega-linter-runner --env VALIDATE_ALL_CODEBASE=true + - 'echo "The generated reports can be found under ./report/linters_logs/"' + + scbctl: + desc: "Build scbctl CLI tool" + cmds: + - cd scbctl && go build -o scbctl main.go diff --git a/auto-discovery/cloud-aws/Dockerfile b/auto-discovery/cloud-aws/Dockerfile index 5a6264fac4..6dd3a8023b 100644 --- a/auto-discovery/cloud-aws/Dockerfile +++ b/auto-discovery/cloud-aws/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Build the service binary -FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder +FROM --platform=$BUILDPLATFORM golang:1.26.3 AS builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/auto-discovery/cloud-aws/Makefile b/auto-discovery/cloud-aws/Makefile deleted file mode 100644 index 4b041ac9c2..0000000000 --- a/auto-discovery/cloud-aws/Makefile +++ /dev/null @@ -1,145 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include ../../prerequisites.mk - -IMG_NS ?= securecodebox - -# Image URL to use all building/pushing image targets -IMG ?= auto-discovery-cloud-aws - -# Tag used for the image -IMG_TAG ?= sha-$$(git rev-parse --short HEAD) - -# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. -ENVTEST_K8S_VERSION = 1.24.2 - -# SETUP_ENVTEST_VERSION refers to the version of setup-envtest binary. -SETUP_ENVTEST_VERSION = v0.0.0-20230216140739-c98506dc3b8e - -# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set). -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq (,$(shell go env GOBIN)) -GOBIN=$(shell go env GOPATH)/bin -else -GOBIN=$(shell go env GOBIN) -endif - -# Setting SHELL to bash allows bash commands to be executed by recipes. -# This is a requirement for 'setup-envtest.sh' in the test target. -# Options are set to exit when a recipe line exits non-zero or a piped command fails. -SHELL = /usr/bin/env bash -o pipefail -.SHELLFLAGS = -ec - -.PHONY: all -all: build - -##@ General - -# The help target prints out all targets with their descriptions organized -# beneath their categories. The categories are represented by '##@' and the -# target descriptions by '##'. The awk commands is responsible for reading the -# entire set of makefiles included in this invocation, looking for lines of the -# file as xyz: ## something, and then pretty-format the target and help. Then, -# if there's a line with ##@ something, that gets pretty-printed as a category. -# More info on the usage of ANSI control characters for terminal formatting: -# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters -# More info on the awk command: -# http://linuxcommand.org/lc3_adv_awk.php - -.PHONY: help -help: ## Display this help. - @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) - -##@ Development - -.PHONY: fmt -fmt: ## Run go fmt against code. - go fmt ./... - -.PHONY: vet -vet: ## Run go vet against code. - go vet ./... - -.PHONY: test -test: fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile cover.out - -.PHONY: ginkgo -ginkgo: fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GOBIN)/ginkgo test ./... -coverprofile cover.out -v --progress - -## Helm unit tests -.PHONY: helm-unit-tests -helm-unit-tests: - echo "Running helm unit tests for the cloud-aws autodiscovery"; - helm unittest . - -##@ Build - -.PHONY: build -build: fmt vet ## Build service binary. - go build -o bin/service cmd/service/main.go - -.PHONY: run -run: fmt vet ## Run the service from your host. - go run ./cmd/service/main.go --config auto-discovery-cloud-aws-config.yaml - -.PHONY: docker-build -docker-build: test ## Build docker image with the service. - @echo ".: ⚙️ Build Container Images" - docker build -t ${IMG_NS}/${IMG}:${IMG_TAG} . - -.PHONY: docker-push -docker-push: ## Push docker image with the service. - docker push ${IMG_NS}/${IMG}:${IMG_TAG} - -.PHONY: docker-export -docker-export: - @echo ".: 💾 Export Container Images" - docker save $(IMG_NS)/$(IMG):$(IMG_TAG) > $(IMG).tar - -##@ Deployment - -.PHONY: kind-import -kind-import: - @echo ".: 💾 Importing the image archive to local kind cluster." - kind load image-archive ./$(IMG).tar - -.PHONY: helm-deploy -helm-deploy: - @echo ".: ⚙️ Deploying auto-discovery-cloud-aws with the Image tag '$(IMG_TAG)' into kind." - helm -n integration-tests upgrade --install auto-discovery-cloud-aws ./ --wait \ - --set="image.repository=docker.io/$(IMG_NS)/$(IMG)" \ - --set="image.tag=$(IMG_TAG)" \ - --set="image.pullPolicy=IfNotPresent" \ - --set="config.aws.queueUrl=$(SQS_QUEUE_URL)" \ - --set="config.aws.region=$(AWS_REGION)" - -##@ Build Dependencies - -## Location to install dependencies to -LOCALBIN ?= $(shell pwd)/bin -$(LOCALBIN): - mkdir -p $(LOCALBIN) - -## Tool Binaries -ENVTEST ?= $(LOCALBIN)/setup-envtest - -.PHONY: envtest -envtest: $(ENVTEST) ## Download envtest-setup locally if necessary. -$(ENVTEST): $(LOCALBIN) - test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@$(SETUP_ENVTEST_VERSION) - -.PHONY: print-envtest-path -print-envtest-path: ## Print the path of the envtest binaries for use with other tools -# suppress output so that result can be stored as env var - @$(MAKE) -s envtest - @$(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path - -debug.env: ## Allow vscode profiles to access the envtest assets - printf '%s' 'KUBEBUILDER_ASSETS=' > debug.env - $(MAKE) print-envtest-path >> debug.env diff --git a/auto-discovery/cloud-aws/Taskfile.yaml b/auto-discovery/cloud-aws/Taskfile.yaml new file mode 100644 index 0000000000..9ae0a263e6 --- /dev/null +++ b/auto-discovery/cloud-aws/Taskfile.yaml @@ -0,0 +1,138 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.48.0" + +env: + IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +vars: + COMPONENT_NAME: cloud-aws + BINARY_NAME: service + BUILD_CMD: cmd/service/main.go + LOCALBIN: '{{ .TASKFILE_DIR }}/bin' + ENVTEST_K8S_VERSION: + sh: cd {{ .TASKFILE_DIR }} && go list -m -f '{{"{{"}}.Version{{"}}"}}' k8s.io/api 2>/dev/null | sed -E 's/^v?[0-9]+\.([0-9]+).*/1.\1/' + ENVTEST_VERSION: + sh: cd {{ .TASKFILE_DIR }} && go list -m -f '{{"{{"}}.Version{{"}}"}}' sigs.k8s.io/controller-runtime 2>/dev/null | sed -E 's/^v?([0-9]+)\.([0-9]+).*/release-\1.\2/' + +tasks: + fmt: + desc: "Run go fmt against code" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go fmt ./... + + vet: + desc: "Run go vet against code" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go vet ./... + + envtest: + desc: "Download setup-envtest locally if necessary" + run: once + dir: '{{ .TASKFILE_DIR }}' + generates: + - '{{ .LOCALBIN }}/setup-envtest' + - '{{ .LOCALBIN }}/.setup-envtest.version' + cmds: + - mkdir -p {{ .LOCALBIN }} + - rm -f {{ .LOCALBIN }}/setup-envtest + - GOBIN={{ .LOCALBIN }} go install sigs.k8s.io/controller-runtime/tools/setup-envtest@{{ .ENVTEST_VERSION }} + - echo "{{ .ENVTEST_VERSION }}" > {{ .LOCALBIN }}/.setup-envtest.version + status: + - test -f {{ .LOCALBIN }}/setup-envtest + - grep -qxF "{{ .ENVTEST_VERSION }}" {{ .LOCALBIN }}/.setup-envtest.version 2>/dev/null + + test: + desc: "Run Go tests" + deps: [fmt, vet, envtest] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + KUBEBUILDER_ASSETS="$({{ .LOCALBIN }}/setup-envtest use {{ .ENVTEST_K8S_VERSION }} --bin-dir {{ .LOCALBIN }} -p path)" \ + go test ./... -coverprofile cover.out + + ginkgo: + desc: "Run Ginkgo tests with verbose output" + deps: [fmt, vet, envtest] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + KUBEBUILDER_ASSETS="$({{ .LOCALBIN }}/setup-envtest use {{ .ENVTEST_K8S_VERSION }} --bin-dir {{ .LOCALBIN }} -p path)" \ + ginkgo test ./... -coverprofile cover.out -v --progress + + run: + desc: "Run the cloud-aws service from your host" + deps: [fmt, vet] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go run ./cmd/service/main.go --config auto-discovery-cloud-aws-config.yaml + + build: + desc: "Build the binary" + deps: [fmt, vet] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go build -o bin/{{ .BINARY_NAME }} {{ .BUILD_CMD }} + + helm-unit-tests: + desc: "Run helm unit tests" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "Helm unittest plugin is not installed. Install it from https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - helm unittest . + + docker-build: + desc: "Build Docker image" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + cmds: + - docker build -t ${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG} . + status: + - docker images | grep -q "${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG}" + + docker-push: + desc: "Push Docker image" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - docker push ${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG} + + docker-export: + desc: "Export Docker image to tar file" + deps: [docker-build] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - docker save ${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG} > auto-discovery-{{ .COMPONENT_NAME }}.tar + + kind-import: + desc: "Import Docker image into kind cluster" + deps: [docker-export] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - kind load image-archive ./auto-discovery-{{ .COMPONENT_NAME }}.tar + + helm-deploy: + desc: "Deploy cloud-aws to kind cluster with SQS configuration" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "SQS_QUEUE_URL environment variable is required" + sh: '[ -n "$SQS_QUEUE_URL" ]' + - msg: "AWS_REGION environment variable is required" + sh: '[ -n "$AWS_REGION" ]' + cmds: + - | + helm -n integration-tests upgrade --install auto-discovery-{{ .COMPONENT_NAME }} ./ --wait \ + --set="image.repository=docker.io/${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}" \ + --set="image.tag=${IMG_TAG}" \ + --set="image.pullPolicy=IfNotPresent" \ + --set="config.aws.queueUrl=${SQS_QUEUE_URL}" \ + --set="config.aws.region=${AWS_REGION}" diff --git a/auto-discovery/cloud-aws/go.mod b/auto-discovery/cloud-aws/go.mod index 6b8c329bfd..113ce9fe4e 100644 --- a/auto-discovery/cloud-aws/go.mod +++ b/auto-discovery/cloud-aws/go.mod @@ -4,25 +4,25 @@ module github.com/secureCodeBox/secureCodeBox/auto-discovery/cloud-aws -go 1.24.5 +go 1.26.2 require ( github.com/aws/aws-sdk-go v1.55.8 github.com/go-logr/logr v1.4.3 github.com/novln/docker-parser v1.0.0 - github.com/onsi/ginkgo/v2 v2.27.2 - github.com/onsi/gomega v1.38.2 - github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1 - github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 - k8s.io/api v0.34.2 - k8s.io/client-go v0.34.2 - k8s.io/klog/v2 v2.130.1 - sigs.k8s.io/controller-runtime v0.22.4 + github.com/onsi/ginkgo/v2 v2.29.0 + github.com/onsi/gomega v1.41.0 + github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20260408091312-ed3ef305dfd4 + github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4 + k8s.io/api v0.36.1 + k8s.io/client-go v0.36.1 + k8s.io/klog/v2 v2.140.0 + sigs.k8s.io/controller-runtime v0.24.1 sigs.k8s.io/yaml v1.6.0 ) require ( - github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect + github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver/v3 v3.4.0 // indirect @@ -31,80 +31,85 @@ require ( github.com/blang/semver/v4 v4.0.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/evanphx/json-patch v5.7.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect - github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.1 // indirect github.com/go-errors/errors v1.5.1 // indirect github.com/go-logr/zapr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.21.1 // indirect - github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.1 // indirect + github.com/go-openapi/jsonpointer v0.22.5 // indirect + github.com/go-openapi/jsonreference v0.21.5 // indirect + github.com/go-openapi/swag v0.25.5 // indirect + github.com/go-openapi/swag/cmdutils v0.25.5 // indirect + github.com/go-openapi/swag/conv v0.25.5 // indirect + github.com/go-openapi/swag/fileutils v0.25.5 // indirect + github.com/go-openapi/swag/jsonname v0.25.5 // indirect + github.com/go-openapi/swag/jsonutils v0.25.5 // indirect + github.com/go-openapi/swag/loading v0.25.5 // indirect + github.com/go-openapi/swag/mangling v0.25.5 // indirect + github.com/go-openapi/swag/netutils v0.25.5 // indirect + github.com/go-openapi/swag/stringutils v0.25.5 // indirect + github.com/go-openapi/swag/typeutils v0.25.5 // indirect + github.com/go-openapi/swag/yamlutils v0.25.5 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect - github.com/gogo/protobuf v1.3.2 // indirect github.com/google/btree v1.1.3 // indirect - github.com/google/gnostic-models v0.7.0 // indirect + github.com/google/gnostic-models v0.7.1 // indirect github.com/google/go-cmp v0.7.0 // indirect - github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6 // indirect + github.com/google/pprof v0.0.0-20260402051712-545e8a4df936 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect github.com/huandu/xstrings v1.5.0 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect - github.com/mailru/easyjson v0.9.0 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/moby/term v0.5.0 // indirect + github.com/moby/term v0.5.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect - github.com/pkg/errors v0.9.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_golang v1.23.2 // indirect github.com/prometheus/client_model v0.6.2 // indirect - github.com/prometheus/common v0.66.1 // indirect - github.com/prometheus/procfs v0.16.1 // indirect - github.com/spf13/cobra v1.9.1 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/prometheus/common v0.67.5 // indirect + github.com/prometheus/procfs v0.20.1 // indirect + github.com/spf13/cobra v1.10.2 // indirect + github.com/spf13/pflag v1.0.10 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xlab/treeprint v1.2.0 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.27.0 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.uber.org/zap v1.27.1 // indirect + go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/crypto v0.45.0 // indirect - golang.org/x/mod v0.29.0 // indirect - golang.org/x/net v0.47.0 // indirect - golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.38.0 // indirect - golang.org/x/term v0.37.0 // indirect - golang.org/x/text v0.31.0 // indirect - golang.org/x/time v0.11.0 // indirect - golang.org/x/tools v0.38.0 // indirect + golang.org/x/crypto v0.50.0 // indirect + golang.org/x/mod v0.35.0 // indirect + golang.org/x/net v0.53.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sync v0.20.0 // indirect + golang.org/x/sys v0.43.0 // indirect + golang.org/x/term v0.42.0 // indirect + golang.org/x/text v0.36.0 // indirect + golang.org/x/time v0.15.0 // indirect + golang.org/x/tools v0.44.0 // indirect gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect - google.golang.org/protobuf v1.36.8 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.34.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect - sigs.k8s.io/kustomize/api v0.20.1 // indirect - sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect + k8s.io/apiextensions-apiserver v0.36.0 // indirect + k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 // indirect + k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect + sigs.k8s.io/kustomize/api v0.21.1 // indirect + sigs.k8s.io/kustomize/kyaml v0.21.1 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect ) require ( github.com/jmespath/go-jmespath v0.4.0 // indirect - k8s.io/apimachinery v0.34.2 - k8s.io/cli-runtime v0.34.2 + k8s.io/apimachinery v0.36.1 + k8s.io/cli-runtime v0.36.1 ) diff --git a/auto-discovery/cloud-aws/go.sum b/auto-discovery/cloud-aws/go.sum index 883ea7acde..14d85ec2f4 100644 --- a/auto-discovery/cloud-aws/go.sum +++ b/auto-discovery/cloud-aws/go.sum @@ -1,5 +1,5 @@ -github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= -github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= +github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg= +github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= @@ -23,16 +23,16 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= -github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= -github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= +github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/gkampitakis/ciinfo v0.3.2 h1:JcuOPk8ZU7nZQjdUhctuhQofk7BGHuIy0c9Ez8BNhXs= github.com/gkampitakis/ciinfo v0.3.2/go.mod h1:1NIwaOcFChN4fa/B0hEBdAb6npDlFL8Bwx4dfRLRqAo= github.com/gkampitakis/go-diff v1.3.2 h1:Qyn0J9XJSDTgnsgHRdz9Zp24RaJeKMUHg2+PDZZdC4M= @@ -45,33 +45,57 @@ github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= -github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= -github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= -github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= -github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/jsonpointer v0.22.5 h1:8on/0Yp4uTb9f4XvTrM2+1CPrV05QPZXu+rvu2o9jcA= +github.com/go-openapi/jsonpointer v0.22.5/go.mod h1:gyUR3sCvGSWchA2sUBJGluYMbe1zazrYWIkWPjjMUY0= +github.com/go-openapi/jsonreference v0.21.5 h1:6uCGVXU/aNF13AQNggxfysJ+5ZcU4nEAe+pJyVWRdiE= +github.com/go-openapi/jsonreference v0.21.5/go.mod h1:u25Bw85sX4E2jzFodh1FOKMTZLcfifd1Q+iKKOUxExw= +github.com/go-openapi/swag v0.25.5 h1:pNkwbUEeGwMtcgxDr+2GBPAk4kT+kJ+AaB+TMKAg+TU= +github.com/go-openapi/swag v0.25.5/go.mod h1:B3RT6l8q7X803JRxa2e59tHOiZlX1t8viplOcs9CwTA= +github.com/go-openapi/swag/cmdutils v0.25.5 h1:yh5hHrpgsw4NwM9KAEtaDTXILYzdXh/I8Whhx9hKj7c= +github.com/go-openapi/swag/cmdutils v0.25.5/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.5 h1:wAXBYEXJjoKwE5+vc9YHhpQOFj2JYBMF2DUi+tGu97g= +github.com/go-openapi/swag/conv v0.25.5/go.mod h1:CuJ1eWvh1c4ORKx7unQnFGyvBbNlRKbnRyAvDvzWA4k= +github.com/go-openapi/swag/fileutils v0.25.5 h1:B6JTdOcs2c0dBIs9HnkyTW+5gC+8NIhVBUwERkFhMWk= +github.com/go-openapi/swag/fileutils v0.25.5/go.mod h1:V3cT9UdMQIaH4WiTrUc9EPtVA4txS0TOmRURmhGF4kc= +github.com/go-openapi/swag/jsonname v0.25.5 h1:8p150i44rv/Drip4vWI3kGi9+4W9TdI3US3uUYSFhSo= +github.com/go-openapi/swag/jsonname v0.25.5/go.mod h1:jNqqikyiAK56uS7n8sLkdaNY/uq6+D2m2LANat09pKU= +github.com/go-openapi/swag/jsonutils v0.25.5 h1:XUZF8awQr75MXeC+/iaw5usY/iM7nXPDwdG3Jbl9vYo= +github.com/go-openapi/swag/jsonutils v0.25.5/go.mod h1:48FXUaz8YsDAA9s5AnaUvAmry1UcLcNVWUjY42XkrN4= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5 h1:SX6sE4FrGb4sEnnxbFL/25yZBb5Hcg1inLeErd86Y1U= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5/go.mod h1:/2KvOTrKWjVA5Xli3DZWdMCZDzz3uV/T7bXwrKWPquo= +github.com/go-openapi/swag/loading v0.25.5 h1:odQ/umlIZ1ZVRteI6ckSrvP6e2w9UTF5qgNdemJHjuU= +github.com/go-openapi/swag/loading v0.25.5/go.mod h1:I8A8RaaQ4DApxhPSWLNYWh9NvmX2YKMoB9nwvv6oW6g= +github.com/go-openapi/swag/mangling v0.25.5 h1:hyrnvbQRS7vKePQPHHDso+k6CGn5ZBs5232UqWZmJZw= +github.com/go-openapi/swag/mangling v0.25.5/go.mod h1:6hadXM/o312N/h98RwByLg088U61TPGiltQn71Iw0NY= +github.com/go-openapi/swag/netutils v0.25.5 h1:LZq2Xc2QI8+7838elRAaPCeqJnHODfSyOa7ZGfxDKlU= +github.com/go-openapi/swag/netutils v0.25.5/go.mod h1:lHbtmj4m57APG/8H7ZcMMSWzNqIQcu0RFiXrPUara14= +github.com/go-openapi/swag/stringutils v0.25.5 h1:NVkoDOA8YBgtAR/zvCx5rhJKtZF3IzXcDdwOsYzrB6M= +github.com/go-openapi/swag/stringutils v0.25.5/go.mod h1:PKK8EZdu4QJq8iezt17HM8RXnLAzY7gW0O1KKarrZII= +github.com/go-openapi/swag/typeutils v0.25.5 h1:EFJ+PCga2HfHGdo8s8VJXEVbeXRCYwzzr9u4rJk7L7E= +github.com/go-openapi/swag/typeutils v0.25.5/go.mod h1:itmFmScAYE1bSD8C4rS0W+0InZUBrB2xSPbWt6DLGuc= +github.com/go-openapi/swag/yamlutils v0.25.5 h1:kASCIS+oIeoc55j28T4o8KwlV2S4ZLPT6G0iq2SSbVQ= +github.com/go-openapi/swag/yamlutils v0.25.5/go.mod h1:Gek1/SjjfbYvM+Iq4QGwa/2lEXde9n2j4a3wI3pNuOQ= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0 h1:7SgOMTvJkM8yWrQlU8Jm18VeDPuAvB/xWrdxFJkoFag= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0/go.mod h1:14iV8jyyQlinc9StD7w1xVPW3CO3q1Gj04Jy//Kw4VM= +github.com/go-openapi/testify/v2 v2.4.0 h1:8nsPrHVCWkQ4p8h1EsRVymA2XABB4OT40gcvAu+voFM= +github.com/go-openapi/testify/v2 v2.4.0/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw= github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= -github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= +github.com/google/gnostic-models v0.7.1/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6 h1:EEHtgt9IwisQ2AZ4pIsMjahcegHh6rmhqxzIRQIyepY= -github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6/go.mod h1:I6V7YzU0XDpsHqbsyrghnFZLO1gwK6NPTNvmetQIk9U= +github.com/google/pprof v0.0.0-20260402051712-545e8a4df936 h1:EwtI+Al+DeppwYX2oXJCETMO23COyaKGP6fHVpkpWpg= +github.com/google/pprof v0.0.0-20260402051712-545e8a4df936/go.mod h1:MxpfABSjhmINe3F1It9d+8exIHFvUqtLIRCdOGNXqiI= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= -github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/huandu/xstrings v1.5.0 h1:2ag3IFq9ZDANvthTwTiqSSZLjDc+BedvHPAp5tJy2TI= github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= @@ -82,16 +106,12 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/joshdk/go-junit v1.0.0 h1:S86cUKIdwBHWwA6xCmFlf3RTLfVXYQfvanM5Uh+K6GE= github.com/joshdk/go-junit v1.0.0/go.mod h1:TiiV0PqkaNfFXjEiyjWM3XXrhVyCa1K4Zfga6W52ung= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo= -github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ= +github.com/klauspost/compress v1.18.2 h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk= +github.com/klauspost/compress v1.18.2/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -100,8 +120,6 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= -github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= -github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/maruel/natural v1.1.1 h1:Hja7XhhmvEFhcByqDoHz9QZbkWey+COd9xWfCfn1ioo= github.com/maruel/natural v1.1.1/go.mod h1:v+Rfd79xlw1AgVBjbO0BEQmptqb5HvL/k9GRHB7ZKEg= github.com/mfridman/tparse v0.18.0 h1:wh6dzOKaIwkUGyKgOntDW4liXSo37qg5AXbIhkMV3vE= @@ -110,8 +128,8 @@ github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa1 github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= -github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= +github.com/moby/term v0.5.2 h1:6qk3FJAFDs6i/q3W/pQ97SX192qKfZgGjCQqfCJkgzQ= +github.com/moby/term v0.5.2/go.mod h1:d3djjFCrjnB+fl8NJux+EJzu0msscUP+f8it8hPkFLc= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -128,37 +146,39 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= -github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= -github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= -github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= +github.com/onsi/ginkgo/v2 v2.29.0 h1:rfh+ZFjgJhYWRoIqVf3Uwx/W20yLrcrE2h2GmYVRaag= +github.com/onsi/ginkgo/v2 v2.29.0/go.mod h1:+aXOY+vzZ5mu2iI2HpTZUPmM//oQfsNFX6gU9kNcA44= +github.com/onsi/gomega v1.41.0 h1:OwKp4pXNgVxf6sCplzYo794OFNuoL2q2SBMU5NSWOjA= +github.com/onsi/gomega v1.41.0/go.mod h1:M/Uqpu/8qTjtzCLUA2zJHX9Iilrau25x1PdoSRbWh5A= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= -github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= -github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= -github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= -github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4= +github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw= +github.com/prometheus/procfs v0.20.1 h1:XwbrGOIplXW/AU3YhIhLODXMJYyC1isLFfYCsTEycfc= +github.com/prometheus/procfs v0.20.1/go.mod h1:o9EMBZGRyvDrSPH1RqdxhojkuXstoe4UlK79eF5TGGo= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1 h1:RR7V/tWCsJPwVVrUssYsM9mvG7BdqzspN3fiZVbMI8E= -github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1/go.mod h1:1yO4sAVFa6nBekvAs/yXvPqknKqdbYPhdFhS22tu8YM= -github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 h1:bA5TfYaqlHXqrDGAZJuIPVpC+BqUU4wKSJzrOH6V6oU= -github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589/go.mod h1:C2aY0MPPrtn+VkOpWXJKpd+2xmFogMy4sjBH406XrDA= -github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= -github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= -github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20260408091312-ed3ef305dfd4 h1:GIyRbIA3xjRQhX0bhj9F+uToFtUKsZwWn9IqFbR3z3w= +github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20260408091312-ed3ef305dfd4/go.mod h1:iqLDQQUqr322tK9IA8xg9GmsQmgY60CIrZT7JiS0Glc= +github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4 h1:ykAUZDe7VqS5gJQlzFDrz8IYHy/yQX/5DVQIarW+iWM= +github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4/go.mod h1:K45+gtNFgX4paHyqQT1uESPhYy5xuPbH6F+yfYaGRyM= +github.com/sergi/go-diff v1.4.0 h1:n/SP9D5ad1fORl+llWyN+D6qoUETXNZARKjyY2/KVCw= +github.com/sergi/go-diff v1.4.0/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= +github.com/spf13/cobra v1.10.2 h1:DMTTonx5m65Ic0GOoRY2c16WCbHxOOw6xxezuLaBpcU= +github.com/spf13/cobra v1.10.2/go.mod h1:7C1pvHqHw5A4vrJfjNwvOdzYu0Gml16OCs2GRiTUUS4= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -179,73 +199,46 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= -go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc= +go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= +go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= -golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= -golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= -golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= -golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/crypto v0.50.0 h1:zO47/JPrL6vsNkINmLoo/PH1gcxpls50DNogFvB5ZGI= +golang.org/x/crypto v0.50.0/go.mod h1:3muZ7vA7PBCE6xgPX7nkzzjiUq87kRItoJQM1Yo8S+Q= +golang.org/x/mod v0.35.0 h1:Ww1D637e6Pg+Zb2KrWfHQUnH2dQRLBQyAtpr/haaJeM= +golang.org/x/mod v0.35.0/go.mod h1:+GwiRhIInF8wPm+4AoT6L0FA1QWAad3OMdTRx4tFYlU= +golang.org/x/net v0.53.0 h1:d+qAbo5L0orcWAr0a9JweQpjXF19LMXJE8Ey7hwOdUA= +golang.org/x/net v0.53.0/go.mod h1:JvMuJH7rrdiCfbeHoo3fCQU24Lf5JJwT9W3sJFulfgs= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= -golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= -golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= -golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= -golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI= +golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.42.0 h1:UiKe+zDFmJobeJ5ggPwOshJIVt6/Ft0rcfrXZDLWAWY= +golang.org/x/term v0.42.0/go.mod h1:Dq/D+snpsbazcBG5+F9Q1n2rXV8Ma+71xEjTRufARgY= +golang.org/x/text v0.36.0 h1:JfKh3XmcRPqZPKevfXVpI1wXPTqbkE5f7JA92a55Yxg= +golang.org/x/text v0.36.0/go.mod h1:NIdBknypM8iqVmPiuco0Dh6P5Jcdk8lJL0CUebqK164= +golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= +golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= +golang.org/x/tools v0.44.0 h1:UP4ajHPIcuMjT1GqzDWRlalUEoY+uzoZKnhOjbIPD2c= +golang.org/x/tools v0.44.0/go.mod h1:KA0AfVErSdxRZIsOVipbv3rQhVXTnlU6UhKxHd1seDI= gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0= gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= -google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= @@ -256,33 +249,33 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.2 h1:fsSUNZhV+bnL6Aqrp6O7lMTy6o5x2C4XLjnh//8SLYY= -k8s.io/api v0.34.2/go.mod h1:MMBPaWlED2a8w4RSeanD76f7opUoypY8TFYkSM+3XHw= -k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI= -k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= -k8s.io/apimachinery v0.34.2 h1:zQ12Uk3eMHPxrsbUJgNF8bTauTVR2WgqJsTmwTE/NW4= -k8s.io/apimachinery v0.34.2/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/cli-runtime v0.34.2 h1:cct1GEuWc3IyVT8MSCoIWzRGw9HJ/C5rgP32H60H6aE= -k8s.io/cli-runtime v0.34.2/go.mod h1:X13tsrYexYUCIq8MarCBy8lrm0k0weFPTpcaNo7lms4= -k8s.io/client-go v0.34.2 h1:Co6XiknN+uUZqiddlfAjT68184/37PS4QAzYvQvDR8M= -k8s.io/client-go v0.34.2/go.mod h1:2VYDl1XXJsdcAxw7BenFslRQX28Dxz91U9MWKjX97fE= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= -sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= -sigs.k8s.io/kustomize/api v0.20.1 h1:iWP1Ydh3/lmldBnH/S5RXgT98vWYMaTUL1ADcr+Sv7I= -sigs.k8s.io/kustomize/api v0.20.1/go.mod h1:t6hUFxO+Ph0VxIk1sKp1WS0dOjbPCtLJ4p8aADLwqjM= -sigs.k8s.io/kustomize/kyaml v0.20.1 h1:PCMnA2mrVbRP3NIB6v9kYCAc38uvFLVs8j/CD567A78= -sigs.k8s.io/kustomize/kyaml v0.20.1/go.mod h1:0EmkQHRUsJxY8Ug9Niig1pUMSCGHxQ5RklbpV/Ri6po= +k8s.io/api v0.36.1 h1:XbL/EMj8K2aJpJtePmqUyQMsM0D4QI2pvl7YKJ20FTY= +k8s.io/api v0.36.1/go.mod h1:KOWo4ey3TINlXjeHVuwB3i+tXXnu+UcwFBHlI/9dvEo= +k8s.io/apiextensions-apiserver v0.36.0 h1:Wt7E8J+VBCbj4FjiBfDTK/neXDDjyJVJc7xfuOHImZ0= +k8s.io/apiextensions-apiserver v0.36.0/go.mod h1:kGDjH0msuiIB3tgsYRV0kS9GqpMYMUsQ3GHv7TApyug= +k8s.io/apimachinery v0.36.1 h1:G63Gjx2W+q0YD+72Vo8oY0nDnePVwnuzTmmy5ENrVSA= +k8s.io/apimachinery v0.36.1/go.mod h1:ibYOR00vW/I1kzvi5SF0dRuJ52BvKtfvRdOn35GPQ+8= +k8s.io/cli-runtime v0.36.1 h1:yuC/BGnnj1YYPh6D1P+pZnzinCs6DvMq86yAeNqoqzM= +k8s.io/cli-runtime v0.36.1/go.mod h1:ZQWHGt8xAF7KnviB79vX0lYNyUUqKIpU+LQg7exuFAw= +k8s.io/client-go v0.36.1 h1:FN/K8QIT2CEDt+2WB2HnWrUANZ50AP5GII43/SP2JR0= +k8s.io/client-go v0.36.1/go.mod h1:s6rAnCtTGYDQnpNjEhSaISV+2O8jwruZ6m3QOYBFbtU= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 h1:V+sn9a/1fEYDGwnllCmqXBk8x7obZ+hl869Q3Abumkg= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/controller-runtime v0.24.1 h1:miPEwrmirImAvgME1L9qebGHrOnGJoVmVdtOU9fRfo4= +sigs.k8s.io/controller-runtime v0.24.1/go.mod h1:vFkfY5fGt5xAC/sKb8IBFKgWPNKG9OUG29dR8Y2wImw= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/kustomize/api v0.21.1 h1:lzqbzvz2CSvsjIUZUBNFKtIMsEw7hVLJp0JeSIVmuJs= +sigs.k8s.io/kustomize/api v0.21.1/go.mod h1:f3wkKByTrgpgltLgySCntrYoq5d3q7aaxveSagwTlwI= +sigs.k8s.io/kustomize/kyaml v0.21.1 h1:IVlbmhC076nf6foyL6Taw4BkrLuEsXUXNpsE+ScX7fI= +sigs.k8s.io/kustomize/kyaml v0.21.1/go.mod h1:hmxADesM3yUN2vbA5z1/YTBnzLJ1dajdqpQonwBL1FQ= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/auto-discovery/kubernetes/Dockerfile b/auto-discovery/kubernetes/Dockerfile index 535b1188cc..6137a1a644 100644 --- a/auto-discovery/kubernetes/Dockerfile +++ b/auto-discovery/kubernetes/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder +FROM --platform=$BUILDPLATFORM golang:1.26.3 AS builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/auto-discovery/kubernetes/Makefile b/auto-discovery/kubernetes/Makefile deleted file mode 100644 index df6a61958d..0000000000 --- a/auto-discovery/kubernetes/Makefile +++ /dev/null @@ -1,173 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include ../../prerequisites.mk - -IMG_NS ?= securecodebox - -# Image URL to use all building/pushing image targets -IMG ?= auto-discovery-kubernetes - -# Tag used for the image -IMG_TAG ?= sha-$$(git rev-parse --short HEAD) - -# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. -ENVTEST_K8S_VERSION = 1.33.0 - -# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set). -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq (,$(shell go env GOBIN)) -GOBIN=$(shell go env GOPATH)/bin -else -GOBIN=$(shell go env GOBIN) -endif - -# Setting SHELL to bash allows bash commands to be executed by recipes. -# This is a requirement for 'setup-envtest.sh' in the test target. -# Options are set to exit when a recipe line exits non-zero or a piped command fails. -SHELL = /usr/bin/env bash -o pipefail -.SHELLFLAGS = -ec - -.PHONY: all -all: build - -##@ General - -# The help target prints out all targets with their descriptions organized -# beneath their categories. The categories are represented by '##@' and the -# target descriptions by '##'. The awk commands is responsible for reading the -# entire set of makefiles included in this invocation, looking for lines of the -# file as xyz: ## something, and then pretty-format the target and help. Then, -# if there's a line with ##@ something, that gets pretty-printed as a category. -# More info on the usage of ANSI control characters for terminal formatting: -# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters -# More info on the awk command: -# http://linuxcommand.org/lc3_adv_awk.php - -.PHONY: help -help: ## Display this help. - @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) - -##@ Development - -.PHONY: manifests -manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=auto-discovery,headerFile="hack/boilerplate.yaml.txt" crd paths="./..." output:crd:artifacts:config=crds output:rbac:artifacts:config=templates/rbac - -.PHONY: fmt -fmt: ## Run go fmt against code. - go fmt ./... - -.PHONY: vet -vet: ## Run go vet against code. - go vet ./... - -ENVTEST_ASSETS_DIR=$(shell pwd)/testbin - -.PHONY: test -test: manifests fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile cover.out - -.PHONY: ginko -ginkgo: manifests fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" ginko test ./... -coverprofile cover.out -v --progress - -## Helm unit tests -.PHONY: helm-unit-tests -helm-unit-tests: - echo "Running helm unit tests for operator"; \ - helm unittest . \ - -##@ Build - -.PHONY: build -build: fmt vet ## Build manager binary. - go build -o bin/manager main.go - -.PHONY: run -run: manifests fmt vet ## Run a controller from your host. - go run ./main.go --config ./auto-discovery-config.yaml - -.PHONY: docker-build -docker-build: ## Build docker image with the manager. - @echo ".: ⚙️ Build Container Images" - docker build -t ${IMG_NS}/${IMG}:${IMG_TAG} . - -.PHONY: docker-push -docker-push: ## Push docker image with the manager. - docker push ${IMG_NS}/${IMG}:${IMG_TAG} - -.PHONY: docker-export -docker-export: - @echo ".: 💾 Export Container Images" - docker save $(IMG_NS)/$(IMG):$(IMG_TAG) > $(IMG).tar - -##@ Deployment - -.PHONY: kind-import -kind-import: - @echo ".: 💾 Importing the image archive to local kind cluster." - kind load image-archive ./$(IMG).tar - -.PHONY: helm-deploy -helm-deploy: - @echo ".: ⚙️ Deploying auto-discovery with the Image tag '$(IMG_TAG)' into kind." - helm upgrade --install auto-discovery ./ --wait \ - --set="image.repository=docker.io/$(IMG_NS)/$(IMG)" \ - --set="image.tag=$(IMG_TAG)" \ - --set="image.pullPolicy=IfNotPresent" \ - -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifndef ignore-not-found -ignore-not-found = false -endif - -.PHONY: install -install: manifests ## Install CRDs into the K8s cluster specified in ~/.kube/config. - -.PHONY: uninstall -uninstall: manifests ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. - -##@ Build Dependencies - -## Location to install dependencies to -LOCALBIN ?= $(shell pwd)/bin -$(LOCALBIN): - mkdir -p $(LOCALBIN) - -## Tool Binaries -CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen-$(CONTROLLER_TOOLS_VERSION) -ENVTEST ?= $(LOCALBIN)/setup-envtest-$(ENVTEST_VERSION) - -## Tool Versions -CONTROLLER_TOOLS_VERSION ?= v0.18.0 -ENVTEST_VERSION ?= release-0.21 - -.PHONY: controller-gen -controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. -$(CONTROLLER_GEN): $(LOCALBIN) - $(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen,$(CONTROLLER_TOOLS_VERSION)) - -.PHONY: envtest -envtest: $(ENVTEST) ## Download setup-envtest locally if necessary. -$(ENVTEST): $(LOCALBIN) - $(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,$(ENVTEST_VERSION)) - -# go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist -# $1 - target path with name of binary (ideally with version) -# $2 - package url which can be installed -# $3 - specific version of package -define go-install-tool -@[ -f $(1) ] || { \ -set -e; \ -package=$(2)@$(3) ;\ -echo "Downloading $${package}" ;\ -GOBIN=$(LOCALBIN) go install $${package} ;\ -mv "$$(echo "$(1)" | sed "s/-$(3)$$//")" $(1) ;\ -} -endef diff --git a/auto-discovery/kubernetes/Taskfile.yaml b/auto-discovery/kubernetes/Taskfile.yaml new file mode 100644 index 0000000000..451f66ef3c --- /dev/null +++ b/auto-discovery/kubernetes/Taskfile.yaml @@ -0,0 +1,163 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.48.0" + +env: + IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +vars: + COMPONENT_NAME: kubernetes + BINARY_NAME: manager + BUILD_CMD: main.go + CONTROLLER_TOOLS_VERSION: v0.18.0 + LOCALBIN: '{{ .TASKFILE_DIR }}/bin' + ENVTEST_K8S_VERSION: + sh: cd {{ .TASKFILE_DIR }} && go list -m -f '{{"{{"}}.Version{{"}}"}}' k8s.io/api 2>/dev/null | sed -E 's/^v?[0-9]+\.([0-9]+).*/1.\1/' + ENVTEST_VERSION: + sh: cd {{ .TASKFILE_DIR }} && go list -m -f '{{"{{"}}.Version{{"}}"}}' sigs.k8s.io/controller-runtime 2>/dev/null | sed -E 's/^v?([0-9]+)\.([0-9]+).*/release-\1.\2/' + +tasks: + fmt: + desc: "Run go fmt against code" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go fmt ./... + + vet: + desc: "Run go vet against code" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go vet ./... + + envtest: + desc: "Download setup-envtest locally if necessary" + run: once + dir: '{{ .TASKFILE_DIR }}' + generates: + - '{{ .LOCALBIN }}/setup-envtest' + - '{{ .LOCALBIN }}/.setup-envtest.version' + cmds: + - mkdir -p {{ .LOCALBIN }} + - rm -f {{ .LOCALBIN }}/setup-envtest + - GOBIN={{ .LOCALBIN }} go install sigs.k8s.io/controller-runtime/tools/setup-envtest@{{ .ENVTEST_VERSION }} + - echo "{{ .ENVTEST_VERSION }}" > {{ .LOCALBIN }}/.setup-envtest.version + status: + - test -f {{ .LOCALBIN }}/setup-envtest + - grep -qxF "{{ .ENVTEST_VERSION }}" {{ .LOCALBIN }}/.setup-envtest.version 2>/dev/null + + controller-gen: + desc: "Download controller-gen locally if necessary" + run: once + dir: '{{ .TASKFILE_DIR }}' + generates: + - '{{ .LOCALBIN }}/controller-gen' + - '{{ .LOCALBIN }}/.controller-gen.version' + cmds: + - mkdir -p {{ .LOCALBIN }} + - rm -f {{ .LOCALBIN }}/controller-gen + - GOBIN={{ .LOCALBIN }} go install sigs.k8s.io/controller-tools/cmd/controller-gen@{{ .CONTROLLER_TOOLS_VERSION }} + - echo "{{ .CONTROLLER_TOOLS_VERSION }}" > {{ .LOCALBIN }}/.controller-gen.version + status: + - test -f {{ .LOCALBIN }}/controller-gen + - grep -qxF "{{ .CONTROLLER_TOOLS_VERSION }}" {{ .LOCALBIN }}/.controller-gen.version 2>/dev/null + + manifests: + desc: "Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects" + deps: [controller-gen] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + {{ .LOCALBIN }}/controller-gen rbac:roleName=auto-discovery,headerFile="hack/boilerplate.yaml.txt" \ + crd paths="./..." \ + output:crd:artifacts:config=crds \ + output:rbac:artifacts:config=templates/rbac + + test: + desc: "Run Go tests with manifests generation" + deps: [manifests, fmt, vet, envtest] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + KUBEBUILDER_ASSETS="$({{ .LOCALBIN }}/setup-envtest use {{ .ENVTEST_K8S_VERSION }} --bin-dir {{ .LOCALBIN }} -p path)" \ + go test ./... -coverprofile cover.out + + ginkgo: + desc: "Run Ginkgo tests with verbose output and manifests generation" + deps: [manifests, fmt, vet, envtest] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + KUBEBUILDER_ASSETS="$({{ .LOCALBIN }}/setup-envtest use {{ .ENVTEST_K8S_VERSION }} --bin-dir {{ .LOCALBIN }} -p path)" \ + ginkgo test ./... -coverprofile cover.out -v --progress + + run: + desc: "Run the kubernetes auto-discovery controller from your host" + deps: [manifests, fmt, vet] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go run ./main.go --config ./auto-discovery-config.yaml + + build: + desc: "Build the binary" + deps: [fmt, vet] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go build -o bin/{{ .BINARY_NAME }} {{ .BUILD_CMD }} + + helm-unit-tests: + desc: "Run helm unit tests" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "Helm unittest plugin is not installed. Install it from https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - helm unittest . + + docker-build: + desc: "Build Docker image" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + cmds: + - docker build -t ${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG} . + status: + - docker images | grep -q "${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG}" + + docker-push: + desc: "Push Docker image" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - docker push ${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG} + + docker-export: + desc: "Export Docker image to tar file" + deps: [docker-build] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - docker save ${IMG_NS}/auto-discovery-{{ .COMPONENT_NAME }}:${IMG_TAG} > auto-discovery-{{ .COMPONENT_NAME }}.tar + + kind-import: + desc: "Import Docker image into kind cluster" + deps: [docker-export] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - kind load image-archive ./auto-discovery-{{ .COMPONENT_NAME }}.tar + + install: + desc: "Install CRDs into the K8s cluster specified in ~/.kube/config" + deps: [manifests] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - kubectl apply -f ./crds/ + + uninstall: + desc: "Uninstall CRDs from the K8s cluster specified in ~/.kube/config" + deps: [manifests] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - kubectl delete -f ./crds/ diff --git a/auto-discovery/kubernetes/go.mod b/auto-discovery/kubernetes/go.mod index ff1eb34ff0..e16fd757ae 100644 --- a/auto-discovery/kubernetes/go.mod +++ b/auto-discovery/kubernetes/go.mod @@ -4,20 +4,20 @@ module github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes -go 1.24.5 +go 1.26.2 require ( github.com/Masterminds/sprig v2.22.0+incompatible github.com/go-logr/logr v1.4.3 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.38.2 - github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 - k8s.io/api v0.34.2 - k8s.io/apimachinery v0.34.2 - k8s.io/client-go v0.34.2 - k8s.io/klog/v2 v2.130.1 - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 - sigs.k8s.io/controller-runtime v0.22.4 + github.com/onsi/gomega v1.41.0 + github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4 + k8s.io/api v0.36.1 + k8s.io/apimachinery v0.36.1 + k8s.io/client-go v0.36.1 + k8s.io/klog/v2 v2.140.0 + k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 + sigs.k8s.io/controller-runtime v0.24.1 sigs.k8s.io/yaml v1.6.0 ) @@ -27,59 +27,64 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect - github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.1 // indirect github.com/go-logr/zapr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.21.1 // indirect - github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/google/btree v1.1.3 // indirect - github.com/google/gnostic-models v0.7.0 // indirect + github.com/go-openapi/jsonpointer v0.22.5 // indirect + github.com/go-openapi/jsonreference v0.21.5 // indirect + github.com/go-openapi/swag v0.25.5 // indirect + github.com/go-openapi/swag/cmdutils v0.25.5 // indirect + github.com/go-openapi/swag/conv v0.25.5 // indirect + github.com/go-openapi/swag/fileutils v0.25.5 // indirect + github.com/go-openapi/swag/jsonname v0.25.5 // indirect + github.com/go-openapi/swag/jsonutils v0.25.5 // indirect + github.com/go-openapi/swag/loading v0.25.5 // indirect + github.com/go-openapi/swag/mangling v0.25.5 // indirect + github.com/go-openapi/swag/netutils v0.25.5 // indirect + github.com/go-openapi/swag/stringutils v0.25.5 // indirect + github.com/go-openapi/swag/typeutils v0.25.5 // indirect + github.com/go-openapi/swag/yamlutils v0.25.5 // indirect + github.com/google/gnostic-models v0.7.1 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect github.com/huandu/xstrings v1.5.0 // indirect github.com/imdario/mergo v0.3.16 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.9.0 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/pkg/errors v0.9.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_golang v1.23.2 // indirect github.com/prometheus/client_model v0.6.2 // indirect - github.com/prometheus/common v0.66.1 // indirect - github.com/prometheus/procfs v0.16.1 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/prometheus/common v0.67.5 // indirect + github.com/prometheus/procfs v0.20.1 // indirect + github.com/spf13/pflag v1.0.10 // indirect github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.27.0 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.uber.org/zap v1.27.1 // indirect + go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/crypto v0.45.0 // indirect - golang.org/x/net v0.47.0 // indirect - golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.38.0 // indirect - golang.org/x/term v0.37.0 // indirect - golang.org/x/text v0.31.0 // indirect - golang.org/x/time v0.11.0 // indirect + golang.org/x/crypto v0.49.0 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sync v0.20.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/term v0.41.0 // indirect + golang.org/x/text v0.35.0 // indirect + golang.org/x/time v0.15.0 // indirect gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect - google.golang.org/protobuf v1.36.8 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.34.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/apiextensions-apiserver v0.36.0 // indirect + k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect ) diff --git a/auto-discovery/kubernetes/go.sum b/auto-discovery/kubernetes/go.sum index d2eedd0f5f..b1dc7c608a 100644 --- a/auto-discovery/kubernetes/go.sum +++ b/auto-discovery/kubernetes/go.sum @@ -14,8 +14,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= @@ -24,24 +24,50 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= -github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= -github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= +github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= -github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= -github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= -github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= -github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/jsonpointer v0.22.5 h1:8on/0Yp4uTb9f4XvTrM2+1CPrV05QPZXu+rvu2o9jcA= +github.com/go-openapi/jsonpointer v0.22.5/go.mod h1:gyUR3sCvGSWchA2sUBJGluYMbe1zazrYWIkWPjjMUY0= +github.com/go-openapi/jsonreference v0.21.5 h1:6uCGVXU/aNF13AQNggxfysJ+5ZcU4nEAe+pJyVWRdiE= +github.com/go-openapi/jsonreference v0.21.5/go.mod h1:u25Bw85sX4E2jzFodh1FOKMTZLcfifd1Q+iKKOUxExw= +github.com/go-openapi/swag v0.25.5 h1:pNkwbUEeGwMtcgxDr+2GBPAk4kT+kJ+AaB+TMKAg+TU= +github.com/go-openapi/swag v0.25.5/go.mod h1:B3RT6l8q7X803JRxa2e59tHOiZlX1t8viplOcs9CwTA= +github.com/go-openapi/swag/cmdutils v0.25.5 h1:yh5hHrpgsw4NwM9KAEtaDTXILYzdXh/I8Whhx9hKj7c= +github.com/go-openapi/swag/cmdutils v0.25.5/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.5 h1:wAXBYEXJjoKwE5+vc9YHhpQOFj2JYBMF2DUi+tGu97g= +github.com/go-openapi/swag/conv v0.25.5/go.mod h1:CuJ1eWvh1c4ORKx7unQnFGyvBbNlRKbnRyAvDvzWA4k= +github.com/go-openapi/swag/fileutils v0.25.5 h1:B6JTdOcs2c0dBIs9HnkyTW+5gC+8NIhVBUwERkFhMWk= +github.com/go-openapi/swag/fileutils v0.25.5/go.mod h1:V3cT9UdMQIaH4WiTrUc9EPtVA4txS0TOmRURmhGF4kc= +github.com/go-openapi/swag/jsonname v0.25.5 h1:8p150i44rv/Drip4vWI3kGi9+4W9TdI3US3uUYSFhSo= +github.com/go-openapi/swag/jsonname v0.25.5/go.mod h1:jNqqikyiAK56uS7n8sLkdaNY/uq6+D2m2LANat09pKU= +github.com/go-openapi/swag/jsonutils v0.25.5 h1:XUZF8awQr75MXeC+/iaw5usY/iM7nXPDwdG3Jbl9vYo= +github.com/go-openapi/swag/jsonutils v0.25.5/go.mod h1:48FXUaz8YsDAA9s5AnaUvAmry1UcLcNVWUjY42XkrN4= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5 h1:SX6sE4FrGb4sEnnxbFL/25yZBb5Hcg1inLeErd86Y1U= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5/go.mod h1:/2KvOTrKWjVA5Xli3DZWdMCZDzz3uV/T7bXwrKWPquo= +github.com/go-openapi/swag/loading v0.25.5 h1:odQ/umlIZ1ZVRteI6ckSrvP6e2w9UTF5qgNdemJHjuU= +github.com/go-openapi/swag/loading v0.25.5/go.mod h1:I8A8RaaQ4DApxhPSWLNYWh9NvmX2YKMoB9nwvv6oW6g= +github.com/go-openapi/swag/mangling v0.25.5 h1:hyrnvbQRS7vKePQPHHDso+k6CGn5ZBs5232UqWZmJZw= +github.com/go-openapi/swag/mangling v0.25.5/go.mod h1:6hadXM/o312N/h98RwByLg088U61TPGiltQn71Iw0NY= +github.com/go-openapi/swag/netutils v0.25.5 h1:LZq2Xc2QI8+7838elRAaPCeqJnHODfSyOa7ZGfxDKlU= +github.com/go-openapi/swag/netutils v0.25.5/go.mod h1:lHbtmj4m57APG/8H7ZcMMSWzNqIQcu0RFiXrPUara14= +github.com/go-openapi/swag/stringutils v0.25.5 h1:NVkoDOA8YBgtAR/zvCx5rhJKtZF3IzXcDdwOsYzrB6M= +github.com/go-openapi/swag/stringutils v0.25.5/go.mod h1:PKK8EZdu4QJq8iezt17HM8RXnLAzY7gW0O1KKarrZII= +github.com/go-openapi/swag/typeutils v0.25.5 h1:EFJ+PCga2HfHGdo8s8VJXEVbeXRCYwzzr9u4rJk7L7E= +github.com/go-openapi/swag/typeutils v0.25.5/go.mod h1:itmFmScAYE1bSD8C4rS0W+0InZUBrB2xSPbWt6DLGuc= +github.com/go-openapi/swag/yamlutils v0.25.5 h1:kASCIS+oIeoc55j28T4o8KwlV2S4ZLPT6G0iq2SSbVQ= +github.com/go-openapi/swag/yamlutils v0.25.5/go.mod h1:Gek1/SjjfbYvM+Iq4QGwa/2lEXde9n2j4a3wI3pNuOQ= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0 h1:7SgOMTvJkM8yWrQlU8Jm18VeDPuAvB/xWrdxFJkoFag= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0/go.mod h1:14iV8jyyQlinc9StD7w1xVPW3CO3q1Gj04Jy//Kw4VM= +github.com/go-openapi/testify/v2 v2.4.0 h1:8nsPrHVCWkQ4p8h1EsRVymA2XABB4OT40gcvAu+voFM= +github.com/go-openapi/testify/v2 v2.4.0/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= @@ -49,10 +75,8 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= -github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= -github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= +github.com/google/gnostic-models v0.7.1/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -70,22 +94,16 @@ github.com/huandu/xstrings v1.5.0 h1:2ag3IFq9ZDANvthTwTiqSSZLjDc+BedvHPAp5tJy2TI github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo= -github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ= +github.com/klauspost/compress v1.18.2 h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk= +github.com/klauspost/compress v1.18.2/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= -github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= @@ -105,30 +123,31 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.25.1 h1:Fwp6crTREKM+oA6Cz4MsO8RhKQzs2/gOIVOUscMAfZY= -github.com/onsi/ginkgo/v2 v2.25.1/go.mod h1:ppTWQ1dh9KM/F1XgpeRqelR+zHVwV81DGRSDnFxK7Sk= +github.com/onsi/ginkgo/v2 v2.27.4 h1:fcEcQW/A++6aZAZQNUmNjvA9PSOzefMJBerHJ4t8v8Y= +github.com/onsi/ginkgo/v2 v2.27.4/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= -github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= +github.com/onsi/gomega v1.41.0 h1:OwKp4pXNgVxf6sCplzYo794OFNuoL2q2SBMU5NSWOjA= +github.com/onsi/gomega v1.41.0/go.mod h1:M/Uqpu/8qTjtzCLUA2zJHX9Iilrau25x1PdoSRbWh5A= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= -github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= -github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= -github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= -github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= -github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 h1:bA5TfYaqlHXqrDGAZJuIPVpC+BqUU4wKSJzrOH6V6oU= -github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589/go.mod h1:C2aY0MPPrtn+VkOpWXJKpd+2xmFogMy4sjBH406XrDA= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4= +github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw= +github.com/prometheus/procfs v0.20.1 h1:XwbrGOIplXW/AU3YhIhLODXMJYyC1isLFfYCsTEycfc= +github.com/prometheus/procfs v0.20.1/go.mod h1:o9EMBZGRyvDrSPH1RqdxhojkuXstoe4UlK79eF5TGGo= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4 h1:ykAUZDe7VqS5gJQlzFDrz8IYHy/yQX/5DVQIarW+iWM= +github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4/go.mod h1:K45+gtNFgX4paHyqQT1uESPhYy5xuPbH6F+yfYaGRyM= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -138,43 +157,39 @@ github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= -go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= -go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc= +go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= +go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= -golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= +golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= +golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= -golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= -golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -184,23 +199,21 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= -golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= -golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= -golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= +golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= -golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= +golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= +golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -213,13 +226,13 @@ google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQ google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= -google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -230,27 +243,27 @@ gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.2 h1:fsSUNZhV+bnL6Aqrp6O7lMTy6o5x2C4XLjnh//8SLYY= -k8s.io/api v0.34.2/go.mod h1:MMBPaWlED2a8w4RSeanD76f7opUoypY8TFYkSM+3XHw= -k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI= -k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= -k8s.io/apimachinery v0.34.2 h1:zQ12Uk3eMHPxrsbUJgNF8bTauTVR2WgqJsTmwTE/NW4= -k8s.io/apimachinery v0.34.2/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.2 h1:Co6XiknN+uUZqiddlfAjT68184/37PS4QAzYvQvDR8M= -k8s.io/client-go v0.34.2/go.mod h1:2VYDl1XXJsdcAxw7BenFslRQX28Dxz91U9MWKjX97fE= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= -sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +k8s.io/api v0.36.1 h1:XbL/EMj8K2aJpJtePmqUyQMsM0D4QI2pvl7YKJ20FTY= +k8s.io/api v0.36.1/go.mod h1:KOWo4ey3TINlXjeHVuwB3i+tXXnu+UcwFBHlI/9dvEo= +k8s.io/apiextensions-apiserver v0.36.0 h1:Wt7E8J+VBCbj4FjiBfDTK/neXDDjyJVJc7xfuOHImZ0= +k8s.io/apiextensions-apiserver v0.36.0/go.mod h1:kGDjH0msuiIB3tgsYRV0kS9GqpMYMUsQ3GHv7TApyug= +k8s.io/apimachinery v0.36.1 h1:G63Gjx2W+q0YD+72Vo8oY0nDnePVwnuzTmmy5ENrVSA= +k8s.io/apimachinery v0.36.1/go.mod h1:ibYOR00vW/I1kzvi5SF0dRuJ52BvKtfvRdOn35GPQ+8= +k8s.io/client-go v0.36.1 h1:FN/K8QIT2CEDt+2WB2HnWrUANZ50AP5GII43/SP2JR0= +k8s.io/client-go v0.36.1/go.mod h1:s6rAnCtTGYDQnpNjEhSaISV+2O8jwruZ6m3QOYBFbtU= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 h1:V+sn9a/1fEYDGwnllCmqXBk8x7obZ+hl869Q3Abumkg= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/controller-runtime v0.24.1 h1:miPEwrmirImAvgME1L9qebGHrOnGJoVmVdtOU9fRfo4= +sigs.k8s.io/controller-runtime v0.24.1/go.mod h1:vFkfY5fGt5xAC/sKb8IBFKgWPNKG9OUG29dR8Y2wImw= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile b/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile index b34b6ad815..399aff12f5 100644 --- a/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile +++ b/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Build the pull-secret-extractor binary -FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder +FROM --platform=$BUILDPLATFORM golang:1.26.3 AS builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/auto-discovery/kubernetes/pull-secret-extractor/Taskfile.yaml b/auto-discovery/kubernetes/pull-secret-extractor/Taskfile.yaml index 32e0f12a7d..8f6911cde3 100644 --- a/auto-discovery/kubernetes/pull-secret-extractor/Taskfile.yaml +++ b/auto-discovery/kubernetes/pull-secret-extractor/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" vars: IMG_NS: '{{default "securecodebox" .IMG_NS}}' diff --git a/auto-discovery/kubernetes/pull-secret-extractor/go.mod b/auto-discovery/kubernetes/pull-secret-extractor/go.mod index 8151c1bdc7..727e36ee37 100644 --- a/auto-discovery/kubernetes/pull-secret-extractor/go.mod +++ b/auto-discovery/kubernetes/pull-secret-extractor/go.mod @@ -4,53 +4,60 @@ module github.com/secureCodeBox/auto-discovery/kubernetes/pull-secret-extractor -go 1.24.5 +go 1.26.2 require ( - k8s.io/api v0.34.0 - k8s.io/apimachinery v0.34.0 - sigs.k8s.io/controller-runtime v0.22.1 + k8s.io/api v0.35.3 + k8s.io/apimachinery v0.35.3 + sigs.k8s.io/controller-runtime v0.23.3 ) require ( github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect - github.com/fxamacker/cbor/v2 v2.9.0 // indirect - github.com/go-logr/logr v1.4.2 // indirect - github.com/go-openapi/jsonpointer v0.21.0 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.23.0 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/google/gnostic-models v0.7.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.1 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/go-openapi/jsonpointer v0.22.5 // indirect + github.com/go-openapi/jsonreference v0.21.5 // indirect + github.com/go-openapi/swag v0.25.5 // indirect + github.com/go-openapi/swag/cmdutils v0.25.5 // indirect + github.com/go-openapi/swag/conv v0.25.5 // indirect + github.com/go-openapi/swag/fileutils v0.25.5 // indirect + github.com/go-openapi/swag/jsonname v0.25.5 // indirect + github.com/go-openapi/swag/jsonutils v0.25.5 // indirect + github.com/go-openapi/swag/loading v0.25.5 // indirect + github.com/go-openapi/swag/mangling v0.25.5 // indirect + github.com/go-openapi/swag/netutils v0.25.5 // indirect + github.com/go-openapi/swag/stringutils v0.25.5 // indirect + github.com/go-openapi/swag/typeutils v0.25.5 // indirect + github.com/go-openapi/swag/yamlutils v0.25.5 // indirect + github.com/google/gnostic-models v0.7.1 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.7 // indirect + github.com/kr/text v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pkg/errors v0.9.1 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/spf13/pflag v1.0.10 // indirect github.com/x448/float16 v0.8.4 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/net v0.38.0 // indirect - golang.org/x/oauth2 v0.27.0 // indirect - golang.org/x/sys v0.31.0 // indirect - golang.org/x/term v0.30.0 // indirect - golang.org/x/text v0.23.0 // indirect - golang.org/x/time v0.9.0 // indirect - google.golang.org/protobuf v1.36.5 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/term v0.41.0 // indirect + golang.org/x/text v0.35.0 // indirect + golang.org/x/time v0.15.0 // indirect + google.golang.org/protobuf v1.36.11 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/client-go v0.34.0 // indirect - k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/client-go v0.35.3 // indirect + k8s.io/klog/v2 v2.140.0 // indirect + k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 // indirect + k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect sigs.k8s.io/yaml v1.6.0 // indirect ) diff --git a/auto-discovery/kubernetes/pull-secret-extractor/go.sum b/auto-discovery/kubernetes/pull-secret-extractor/go.sum index 7f305f9954..b8fb66abbe 100644 --- a/auto-discovery/kubernetes/pull-secret-extractor/go.sum +++ b/auto-discovery/kubernetes/pull-secret-extractor/go.sum @@ -1,3 +1,5 @@ +github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= +github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= @@ -6,52 +8,67 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= -github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= -github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= -github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= -github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= +github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= -github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= -github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-openapi/jsonpointer v0.22.5 h1:8on/0Yp4uTb9f4XvTrM2+1CPrV05QPZXu+rvu2o9jcA= +github.com/go-openapi/jsonpointer v0.22.5/go.mod h1:gyUR3sCvGSWchA2sUBJGluYMbe1zazrYWIkWPjjMUY0= +github.com/go-openapi/jsonreference v0.21.5 h1:6uCGVXU/aNF13AQNggxfysJ+5ZcU4nEAe+pJyVWRdiE= +github.com/go-openapi/jsonreference v0.21.5/go.mod h1:u25Bw85sX4E2jzFodh1FOKMTZLcfifd1Q+iKKOUxExw= +github.com/go-openapi/swag v0.25.5 h1:pNkwbUEeGwMtcgxDr+2GBPAk4kT+kJ+AaB+TMKAg+TU= +github.com/go-openapi/swag v0.25.5/go.mod h1:B3RT6l8q7X803JRxa2e59tHOiZlX1t8viplOcs9CwTA= +github.com/go-openapi/swag/cmdutils v0.25.5 h1:yh5hHrpgsw4NwM9KAEtaDTXILYzdXh/I8Whhx9hKj7c= +github.com/go-openapi/swag/cmdutils v0.25.5/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.5 h1:wAXBYEXJjoKwE5+vc9YHhpQOFj2JYBMF2DUi+tGu97g= +github.com/go-openapi/swag/conv v0.25.5/go.mod h1:CuJ1eWvh1c4ORKx7unQnFGyvBbNlRKbnRyAvDvzWA4k= +github.com/go-openapi/swag/fileutils v0.25.5 h1:B6JTdOcs2c0dBIs9HnkyTW+5gC+8NIhVBUwERkFhMWk= +github.com/go-openapi/swag/fileutils v0.25.5/go.mod h1:V3cT9UdMQIaH4WiTrUc9EPtVA4txS0TOmRURmhGF4kc= +github.com/go-openapi/swag/jsonname v0.25.5 h1:8p150i44rv/Drip4vWI3kGi9+4W9TdI3US3uUYSFhSo= +github.com/go-openapi/swag/jsonname v0.25.5/go.mod h1:jNqqikyiAK56uS7n8sLkdaNY/uq6+D2m2LANat09pKU= +github.com/go-openapi/swag/jsonutils v0.25.5 h1:XUZF8awQr75MXeC+/iaw5usY/iM7nXPDwdG3Jbl9vYo= +github.com/go-openapi/swag/jsonutils v0.25.5/go.mod h1:48FXUaz8YsDAA9s5AnaUvAmry1UcLcNVWUjY42XkrN4= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5 h1:SX6sE4FrGb4sEnnxbFL/25yZBb5Hcg1inLeErd86Y1U= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5/go.mod h1:/2KvOTrKWjVA5Xli3DZWdMCZDzz3uV/T7bXwrKWPquo= +github.com/go-openapi/swag/loading v0.25.5 h1:odQ/umlIZ1ZVRteI6ckSrvP6e2w9UTF5qgNdemJHjuU= +github.com/go-openapi/swag/loading v0.25.5/go.mod h1:I8A8RaaQ4DApxhPSWLNYWh9NvmX2YKMoB9nwvv6oW6g= +github.com/go-openapi/swag/mangling v0.25.5 h1:hyrnvbQRS7vKePQPHHDso+k6CGn5ZBs5232UqWZmJZw= +github.com/go-openapi/swag/mangling v0.25.5/go.mod h1:6hadXM/o312N/h98RwByLg088U61TPGiltQn71Iw0NY= +github.com/go-openapi/swag/netutils v0.25.5 h1:LZq2Xc2QI8+7838elRAaPCeqJnHODfSyOa7ZGfxDKlU= +github.com/go-openapi/swag/netutils v0.25.5/go.mod h1:lHbtmj4m57APG/8H7ZcMMSWzNqIQcu0RFiXrPUara14= +github.com/go-openapi/swag/stringutils v0.25.5 h1:NVkoDOA8YBgtAR/zvCx5rhJKtZF3IzXcDdwOsYzrB6M= +github.com/go-openapi/swag/stringutils v0.25.5/go.mod h1:PKK8EZdu4QJq8iezt17HM8RXnLAzY7gW0O1KKarrZII= +github.com/go-openapi/swag/typeutils v0.25.5 h1:EFJ+PCga2HfHGdo8s8VJXEVbeXRCYwzzr9u4rJk7L7E= +github.com/go-openapi/swag/typeutils v0.25.5/go.mod h1:itmFmScAYE1bSD8C4rS0W+0InZUBrB2xSPbWt6DLGuc= +github.com/go-openapi/swag/yamlutils v0.25.5 h1:kASCIS+oIeoc55j28T4o8KwlV2S4ZLPT6G0iq2SSbVQ= +github.com/go-openapi/swag/yamlutils v0.25.5/go.mod h1:Gek1/SjjfbYvM+Iq4QGwa/2lEXde9n2j4a3wI3pNuOQ= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0 h1:7SgOMTvJkM8yWrQlU8Jm18VeDPuAvB/xWrdxFJkoFag= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0/go.mod h1:14iV8jyyQlinc9StD7w1xVPW3CO3q1Gj04Jy//Kw4VM= +github.com/go-openapi/testify/v2 v2.4.0 h1:8nsPrHVCWkQ4p8h1EsRVymA2XABB4OT40gcvAu+voFM= +github.com/go-openapi/testify/v2 v2.4.0/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= -github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= +github.com/google/gnostic-models v0.7.1/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -60,121 +77,90 @@ github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFd github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.22.0 h1:Yed107/8DjTr0lKCNt7Dn8yQ6ybuDRQoMGrNFKzMfHg= -github.com/onsi/ginkgo/v2 v2.22.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.36.1 h1:bJDPBO7ibjxcbHMgSCoo4Yj18UWbKDlLwX1x9sybDcw= -github.com/onsi/gomega v1.36.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= +github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= -github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= -github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= -github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= -github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= -github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= -github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= +github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= +github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= +github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= +github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= +github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= +github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= +github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= +go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= -golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= -golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M= -golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= -golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= -golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= -golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= -golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY= -golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= -golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= -google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= +golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= +golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= +golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= +golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= +google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= +google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.0 h1:L+JtP2wDbEYPUeNGbeSa/5GwFtIA662EmT2YSLOkAVE= -k8s.io/api v0.34.0/go.mod h1:YzgkIzOOlhl9uwWCZNqpw6RJy9L2FK4dlJeayUoydug= -k8s.io/apiextensions-apiserver v0.34.0 h1:B3hiB32jV7BcyKcMU5fDaDxk882YrJ1KU+ZSkA9Qxoc= -k8s.io/apiextensions-apiserver v0.34.0/go.mod h1:hLI4GxE1BDBy9adJKxUxCEHBGZtGfIg98Q+JmTD7+g0= -k8s.io/apimachinery v0.34.0 h1:eR1WO5fo0HyoQZt1wdISpFDffnWOvFLOOeJ7MgIv4z0= -k8s.io/apimachinery v0.34.0/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.0 h1:YoWv5r7bsBfb0Hs2jh8SOvFbKzzxyNo0nSb0zC19KZo= -k8s.io/client-go v0.34.0/go.mod h1:ozgMnEKXkRjeMvBZdV1AijMHLTh3pbACPvK7zFR+QQY= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.22.1 h1:Ah1T7I+0A7ize291nJZdS1CabF/lB4E++WizgV24Eqg= -sigs.k8s.io/controller-runtime v0.22.1/go.mod h1:FwiwRjkRPbiN+zp2QRp7wlTCzbUXxZ/D4OzuQUDwBHY= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +k8s.io/api v0.35.3 h1:pA2fiBc6+N9PDf7SAiluKGEBuScsTzd2uYBkA5RzNWQ= +k8s.io/api v0.35.3/go.mod h1:9Y9tkBcFwKNq2sxwZTQh1Njh9qHl81D0As56tu42GA4= +k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4= +k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU= +k8s.io/apimachinery v0.35.3 h1:MeaUwQCV3tjKP4bcwWGgZ/cp/vpsRnQzqO6J6tJyoF8= +k8s.io/apimachinery v0.35.3/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/client-go v0.35.3 h1:s1lZbpN4uI6IxeTM2cpdtrwHcSOBML1ODNTCCfsP1pg= +k8s.io/client-go v0.35.3/go.mod h1:RzoXkc0mzpWIDvBrRnD+VlfXP+lRzqQjCmKtiwZ8Q9c= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 h1:V+sn9a/1fEYDGwnllCmqXBk8x7obZ+hl869Q3Abumkg= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/controller-runtime v0.23.3 h1:VjB/vhoPoA9l1kEKZHBMnQF33tdCLQKJtydy4iqwZ80= +sigs.k8s.io/controller-runtime v0.23.3/go.mod h1:B6COOxKptp+YaUT5q4l6LqUJTRpizbgf9KSRNdQGns0= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/bin/package-lock.json b/bin/package-lock.json index 9447d2be42..a0b13c45e7 100644 --- a/bin/package-lock.json +++ b/bin/package-lock.json @@ -5,13 +5,13 @@ "packages": { "": { "dependencies": { - "semver": "^7.7.3" + "semver": "^7.8.0" } }, "node_modules/semver": { - "version": "7.7.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz", - "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==", + "version": "7.8.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.8.0.tgz", + "integrity": "sha512-AcM7dV/5ul4EekoQ29Agm5vri8JNqRyj39o0qpX6vDF2GZrtutZl5RwgD1XnZjiTAfncsJhMI48QQH3sN87YNA==", "bin": { "semver": "bin/semver.js" }, diff --git a/bin/package.json b/bin/package.json index ef45ab4247..e34ea99ad3 100644 --- a/bin/package.json +++ b/bin/package.json @@ -1,5 +1,5 @@ { "dependencies": { - "semver": "^7.7.3" + "semver": "^7.8.0" } } diff --git a/demo-targets/Makefile b/demo-targets/Makefile deleted file mode 100644 index ff750a056f..0000000000 --- a/demo-targets/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include ../prerequisites.mk - -.PHONY: helm-unit-tests -helm-unit-tests: - set -e; \ - for directory in ./*; do \ - if [ -d "$$directory" ]; then \ - dir_name=$$(basename "$$directory"); \ - helm unittest "$$directory"; \ - fi; \ - done \ No newline at end of file diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml index c182550429..694d386a6e 100644 --- a/demo-targets/Taskfile.yaml +++ b/demo-targets/Taskfile.yaml @@ -2,9 +2,21 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" tasks: + helm-unit-tests: + desc: "Run helm unit tests for all demo targets" + preconditions: + - msg: "Helm unittest plugin is not installed. Install it from https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + vars: + CHARTS: + sh: find {{ .TASKFILE_DIR }} -maxdepth 2 -name "Chart.yaml" -exec dirname {} \; + cmds: + - for: { var: CHARTS } + cmd: helm unittest "{{ .ITEM }}" + deploy:app: internal: true status: diff --git a/demo-targets/dummy-ssh/container/Dockerfile b/demo-targets/dummy-ssh/container/Dockerfile index 08461af1c6..98a4db70ab 100644 --- a/demo-targets/dummy-ssh/container/Dockerfile +++ b/demo-targets/dummy-ssh/container/Dockerfile @@ -4,7 +4,7 @@ # From https://gdevillele.github.io/engine/examples/running_ssh_service/ # This file is authored by Docker Inc. and is not covered by the Apache2 Licence by the secureCodeBox project. -FROM ubuntu:24.04 +FROM ubuntu:26.04 RUN apt-get update && apt-get install -y openssh-server RUN mkdir /var/run/sshd diff --git a/demo-targets/juice-shop/Chart.yaml b/demo-targets/juice-shop/Chart.yaml index f04442844b..58d6f63287 100644 --- a/demo-targets/juice-shop/Chart.yaml +++ b/demo-targets/juice-shop/Chart.yaml @@ -5,7 +5,7 @@ apiVersion: v2 version: v3.1.0-alpha3 # renovate: image=docker.io/bkimminich/juice-shop -appVersion: v19.1.1 +appVersion: v20.0.0 name: juice-shop description: "OWASP Juice Shop: Probably the most modern and sophisticated insecure web application" type: application diff --git a/demo-targets/juice-shop/README.md b/demo-targets/juice-shop/README.md index d1aaf9639b..d9a2fa2519 100644 --- a/demo-targets/juice-shop/README.md +++ b/demo-targets/juice-shop/README.md @@ -3,7 +3,7 @@ title: "OWASP JuiceShop" category: "target" type: "Website" state: "released" -appVersion: "v19.1.1" +appVersion: "v20.0.0" usecase: "Modern insecure web application" --- diff --git a/demo-targets/unsafe-https/container/Dockerfile b/demo-targets/unsafe-https/container/Dockerfile index 82760b1bf9..1e2e9e0dc9 100644 --- a/demo-targets/unsafe-https/container/Dockerfile +++ b/demo-targets/unsafe-https/container/Dockerfile @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM nginx:1.29-alpine +FROM nginx:1.31-alpine COPY index.html /usr/share/nginx/html/index.html COPY nginx.conf /etc/nginx/nginx.conf COPY site.crt /etc/nginx/my-site.com.crt diff --git a/documentation/Makefile b/documentation/Makefile deleted file mode 100644 index 0154493d2b..0000000000 --- a/documentation/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -DOCUMENTATION_DIR = $(shell pwd) -DIAGRAMS := $(shell find $(DOCUMENTATION_DIR) -type f -name '*.puml') -IMAGES := $(addsuffix .png, $(basename $(DIAGRAMS))) - -all: help - -.PHONY: puml -puml: $(IMAGES) ## Generate PlantUML images - -.PHONY: clean -clean: ## Wipe node_modules - rm -rf $(DOCUMENTATION_DIR)/node_modules - -.PHONY: install -install: ## Install Docusaurus stuff. (Needed once before you invoke start target). - npm install - -.PHONY: start -start: ## Start local Docusaurus. (Visit http://localhost:3000) - npm start - -%.png: %.puml - plantuml -tpng $^ - -.PHONY: help -help: ## Display this help screen. - @grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \ - awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/documentation/Taskfile.yaml b/documentation/Taskfile.yaml new file mode 100644 index 0000000000..f94c163484 --- /dev/null +++ b/documentation/Taskfile.yaml @@ -0,0 +1,33 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.48.0" + +tasks: + puml: + desc: "Generate PlantUML images from .puml files" + sources: + - '{{ .TASKFILE_DIR }}/**/*.puml' + cmds: + - for: sources + cmd: plantuml -tpng {{ .ITEM }} + + clean: + desc: "Remove node_modules directory" + cmds: + - rm -rf {{ .TASKFILE_DIR }}/node_modules + + install: + desc: "Install Docusaurus dependencies" + cmds: + - cd {{ .TASKFILE_DIR }} && npm install + status: + - '[ -d {{ .TASKFILE_DIR }}/node_modules ]' + + start: + desc: "Start local Docusaurus server (visit http://localhost:3000)" + deps: [install] + cmds: + - cd {{ .TASKFILE_DIR }} && npm start + interactive: true diff --git a/documentation/docs/10-security.md b/documentation/docs/10-security.md index 287bf09d48..aa06c703ad 100644 --- a/documentation/docs/10-security.md +++ b/documentation/docs/10-security.md @@ -10,16 +10,16 @@ title: "Security Policy" # Security Policy ## Supported Versions + Our _release cycle_ for new features (minor [semver](https://semver.org/) update) -is roughly every two weeks (we will usually make a new release after each review). +is roughly every four weeks (we will usually make a new release after each sprint review). | Version | Security Fixes* | Supported** | | ------- | ------------------ | ------------------ | -| 4.x.x | :white_check_mark: | :white_check_mark: | -| 3.15.x | :white_check_mark: | :white_check_mark: | -| \<= 2.9.x | :x: | :x: | -| \< 2.0 | :x: | :x: | - +| 5.x.x | :white_check_mark: | :white_check_mark: | +| 4.16.x | Critical issues only | :x: | +| \<= 3.15.x | :x: | :x: | + ### Major Release (Semver) _Upcoming major updates_ will come with a time window in which both _major versions_ (starting with v2.x.x) will receive security updates and bugfixes. The concrete support intervall will be probably a couple of months diff --git a/documentation/docs/api/crds/scan.md b/documentation/docs/api/crds/scan.md index a0574b0e53..b6a23bdf0c 100644 --- a/documentation/docs/api/crds/scan.md +++ b/documentation/docs/api/crds/scan.md @@ -370,6 +370,24 @@ ttlSecondsAfterFinished: 30 #deletes the scan after 30 seconds after completion ttlSecondsAfterFinished can also be set for the scan (as part of the [jobTemplate](https://www.securecodebox.io/docs/api/crds/scan-type#jobtemplate-required)), [parser](https://www.securecodebox.io/docs/api/crds/parse-definition) and [hook](https://www.securecodebox.io/docs/api/crds/scan-completion-hook#ttlsecondsafterfinished-optional) jobs individually. Setting these will only delete the jobs, not the entire scan. ::: +### Suspend (Optional) + +`suspend` specifies whether the Scan should be suspended. When a Scan is suspended, the reconciler will not process it, effectively pausing all operations until it is resumed. This behaves similar to the suspend field in Kubernetes Jobs. + +When set to `true`, the scan will not progress through its lifecycle states (Init, Scanning, Parsing, etc.). However, TTL-based cleanup still works on suspended scans that are in Done or Errored states to prevent accumulation of completed suspended scans. + +Defaults to `false` if not set. + +```yaml +suspend: true # Suspends the scan, preventing any operations +``` + +To resume a suspended scan, you can patch the scan resource: + +```bash +kubectl patch scan my-scan --type merge -p '{"spec":{"suspend":false}}' +``` + ## Metadata Metadata is a standard field on Kubernetes resources. It contains multiple relevant fields, e.g. the name of the resource, its namespace and a `creationTimestamp` of the resource. See more on the [Kubernetes Docs](https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) and the [Kubernetes API Reference](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/). @@ -443,4 +461,5 @@ spec: cpu: 4 memory: 4Gi ttlSecondsAfterFinished: 300 + suspend: false ``` diff --git a/documentation/docs/api/crds/scheduled-scan.md b/documentation/docs/api/crds/scheduled-scan.md index 20bf95c960..3a6a6b72cb 100644 --- a/documentation/docs/api/crds/scheduled-scan.md +++ b/documentation/docs/api/crds/scheduled-scan.md @@ -62,6 +62,24 @@ When `retriggerOnScanTypeChange` is enabled, it will automatically trigger a new Defaults to `false` if not set. +### Suspend (Optional) + +`suspend` specifies whether the ScheduledScan should be suspended. When a ScheduledScan is suspended, no new Scans will be created according to the schedule. This behaves similar to the suspend field in Kubernetes CronJobs. + +When set to `true`, the ScheduledScan will continue to reconcile (updating status and tracking the schedule), but it will skip creating new Scan resources. Any scans that are already running will continue to completion. + +Defaults to `false` if not set. + +```yaml +suspend: true # Suspends the scheduled scan, preventing new scan creation +``` + +To resume a suspended scheduled scan: + +```bash +kubectl patch scheduledscan my-scheduled-scan --type merge -p '{"spec":{"suspend":false}}' +``` + ## Example with an Interval ```yaml @@ -81,6 +99,7 @@ spec: failedJobsHistoryLimit: 5 concurrencyPolicy: "Allow" retriggerOnScanTypeChange: false + suspend: false ``` ## Example with a Cron Schedule @@ -102,4 +121,5 @@ spec: failedJobsHistoryLimit: 5 concurrencyPolicy: "Forbid" retriggerOnScanTypeChange: true + suspend: false ``` diff --git a/documentation/docs/architecture/09_architecture_decisions/adr_0018.md b/documentation/docs/architecture/09_architecture_decisions/adr_0018.md index 1ec264d600..2a34bee655 100644 --- a/documentation/docs/architecture/09_architecture_decisions/adr_0018.md +++ b/documentation/docs/architecture/09_architecture_decisions/adr_0018.md @@ -10,10 +10,14 @@ sidebar_label: "ADR-0018" | | | |----------------|----------------------------------------------------| -| **Status**: | ACCEPTED | +| **Status**: | SUPERSEDED (by migration to Taskfiles, 2026-03-04) | | **Date**: | 2022-09-20 | | **Author(s)**: | Sven Strittmatter [sven.strittmatter@iteratec.com](mailto:Sven.Strittmatter@iteratec.com) | +:::note Migration to Taskfiles +As of March 2026, secureCodeBox has migrated from Makefiles to [Taskfiles](https://taskfile.dev/), which provides better cross-platform support and properly handles file paths with spaces. This ADR is kept for historical reference, but the original problem has been resolved by the migration. +::: + ## Context We have the [issue](https://github.com/secureCodeBox/secureCodeBox/issues/1353) that most of our [make][gnu-make] targets fail, if this repository working copy is cloned into a file location which contains white spaces in its file path. diff --git a/documentation/docs/contributing/integrating-a-hook/makefile.md b/documentation/docs/contributing/integrating-a-hook/makefile.md deleted file mode 100644 index 44452650e5..0000000000 --- a/documentation/docs/contributing/integrating-a-hook/makefile.md +++ /dev/null @@ -1,88 +0,0 @@ ---- -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -title: Makefile (Deprecated) -sidebar_position: 5 ---- - -:::caution Deprecated -Makefiles have been deprecated in favor of Taskfiles. Please refer to the [Taskfile](./taskfile.md) documentation for the current approach. -::: - -To test your hook locally, you may use the following makefile. - -```makefile -#!/usr/bin/make -f - -include_guard = set -hook = finding-post-processing - -include ../../hooks.mk -``` - -See [Local Deployment](/docs/contributing/local-deployment) for examples how to use the Makefiles. - -## Available makefile targets - -| Target | Use | -| --------------------------------- | --------------------------------------------------------------------------------- | -| reset-integration-tests-namespace | Resets the integration-tests namespace | -| unit-tests | Run your hook unit tests | -| docker-build | Builds your hook | -| docker-export | Exports your hook into a .tar file | -| kind-import | Loads your hook .tar files into your local kind cluster | -| deploy | Deploys your hook helm chart into your local kind cluster | -| deploy-test-deps | Deploys your hook's test dependencies (demo-targets) into your local kind cluster | -| integration-tests | Deletes all scans and runs your integration test `scanners/SCANNER_NAME.test.js` | - -## Configuring your makefile (examples) - -### Adding test dependencies (demo-targets) - -```makefile -#!/usr/bin/make -f - -include_guard = set -hook = generic-webhook - -include ../../hooks.mk - - -deploy-test-deps: deploy-test-dep-http-webhook deploy-test-dep-test-scan - -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install ro-hook . \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="webhookUrl=http://http-webhook/hallo-welt" - -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - cd ../../tests/integration/ && npm ci && npx --yes --package jest@$(JEST_VERSION) jest --verbose --ci --colors --coverage --passWithNoTests generic/read-only-write-hook.test.js - -``` - -This adds the http-webhook demo-target to your integration tests. -`deploy-test-dep-test-scan` is a sample scanner used in most hook integration tests. - -The above makefile also overrides the `integration-test` target such that it references the generic folder as a test suite. - -### Changing the unit test language - -```makefile -#!/usr/bin/make -f - -include_guard = set -hook = persistence-defectdojo - -include ../../hooks.mk - -unit-tests: - @$(MAKE) -s unit-test-java -``` - -You can choose from: `unit-test-js` `unit-test-py` `unit-test-java`. diff --git a/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md b/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md index dfe90f70b6..974bd64a44 100644 --- a/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md +++ b/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md @@ -54,7 +54,7 @@ scanners/nmap To create a new Helm Chart for your scanner you can use the following command (replace _new-scanner_ with the name of the scanner): ```bash -make create-new-scanner NAME=new-scanner +task create-new-scanner -- NAME=new-scanner ``` This command will create a new directory named _new-scanner_ and some template files provided by `helm` to simplify the creation of Helm Charts (see [Helm | Getting Started](https://helm.sh/docs/chart_template_guide/getting_started/)). diff --git a/documentation/docs/contributing/operator.md b/documentation/docs/contributing/operator.md index 200e561bfc..4e9caf0bbd 100644 --- a/documentation/docs/contributing/operator.md +++ b/documentation/docs/contributing/operator.md @@ -72,13 +72,13 @@ make This will produce the operator as `bin/manager`. If you wonder why the operator is named _manager_ (the resulting binary). The reason for that is in Kubernetes a combination of more than one _controller_ is called _controller-manager_ or short _manager_. In contrast, _operator_ is created by the community to name a _controller-manager_ which controls _custom resources_ and hence we use _custom resources_. (see [https://book.kubebuilder.io/](https://book.kubebuilder.io/) for further information) -To run the operator locally you can simply execute `make run` in the `operator` directory of this repository: +To run the operator locally you can simply execute `task run` in the `operator` directory of this repository: _NOTICE:_ You will need to uninstall the operator with `helm -n securecodebox-system uninstall securecodebox-operator` from your local cluster, if you've installed it via helm. Unless both operators try to work on the same cluster which may cause unexpected behavior. ```bash cd operator -make run +task run ``` To run multiple operator instances locally (e.g. SCB operator and SCB Autodiscovery operator) the `metrics-bind-address` and `health-probe-bind-address` port needs to be changed via commandline arguements for one of the operators.
diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md index d33a6c62d5..ada77fe3d2 100644 --- a/documentation/docs/contributing/project-management.md +++ b/documentation/docs/contributing/project-management.md @@ -12,22 +12,64 @@ Under the topic "project management" we describe how we do the organizational st - We use GitHub for source code and issue management: - We have an own organization named [secureCodeBox](https://github.com/secureCodeBox/). - - Management of issues is done with a belonging [project](https://github.com/orgs/secureCodeBox/projects/6). + - Management of issues is done with a corresponding [project](https://github.com/orgs/secureCodeBox/projects/6). - We use the OWASP Google Workspace: - A [shared drive][google-shared-drive] to store meeting notes. - And a project calendar: - - [internal link](https://calendar.google.com/calendar/u/0?cid=Y19mODdhNThiMGNmZjNmMWMwMTk5ZjlhNDc1MjVjMmNiMGU3NjkwZmRjMTliZTI2NDlmMGU5YjlmMDA1ZTc3Mjc4QGdyb3VwLmNhbGVuZGFyLmdvb2dsZS5jb20) - - [public link](https://calendar.google.com/calendar/u/0/embed?src=c_f87a58b0cff3f1c0199f9a47525c2cb0e7690fdc19be2649f0e9b9f005e77278@group.calendar.google.com&ctz=Europe/Berlin) + - [Internal link](https://calendar.google.com/calendar/u/0?cid=Y19mODdhNThiMGNmZjNmMWMwMTk5ZjlhNDc1MjVjMmNiMGU3NjkwZmRjMTliZTI2NDlmMGU5YjlmMDA1ZTc3Mjc4QGdyb3VwLmNhbGVuZGFyLmdvb2dsZS5jb20) + - [Public link](https://calendar.google.com/calendar/u/0/embed?src=c_f87a58b0cff3f1c0199f9a47525c2cb0e7690fdc19be2649f0e9b9f005e77278@group.calendar.google.com&ctz=Europe/Berlin) +- We have registerded one domain (`securecodebox.io`) which is sponsored by [iteratec][iteratec]. + - The DNS cone is managed via [iteratec][iteratec] [Azure Portal](https://portal.azure.com/) by the _admin-team_. +- The website [https://www.securecodebox.io] is hosted on [Netlify](https://app.netlify.com/). +- We have a [Hetzner](https://www.hetzner.com/) VM sponsored by [iteratec][iteratec] to host the Helm charts and telemetry server. + +### Domains + +We use these full qualified domain names: + +- For serving our Helm charts: + - charts.securecodebox.io -> sky.securecodebox.io + - sky.securecodebox.io -> 88.99.30.123(Hetzner VM) +- For our [telemetry](https://www.securecodebox.io/docs/telemetry): + - telemetry.chase.securecodebox.io -> telemetry.securecodebox.io + - Backward compatibility: Was the old address. Old installations use this one. + - telemetry.securecodebox.io -> sky.securecodebox.io +- For our main website: + - www.securecodebox.io -> docs-securecodebox.netlify.app + +### Website + +The website and documentation is based on [Docusaurus](https://docusaurus.io/) and hosted on [Netlify](https://app.netlify.com/). The login is documented in our vault. ## Teams -In our GitHub organization we have several teams: +### GitHub -1. _admin-team_: members are the _project leads_. +In our [GitHub organization](https://github.com/secureCodeBox) we have several teams: + +1. _admin-team_: Members are the _project leads_. 2. _core-team_: Company sponsored core team. 3. _contributor-team_: Active contributors from the community. 4. _bot-team_: Team containing all bots allowed to push directly to the main branch. +### DockerHub + +In our [DockerHub organization](https://hub.docker.com/u/securecodebox) we have several teams: + +1. _adminteam_: Members are the _project leads_. +2. _coreteam_: Company sponsored core team. +3. _botteam_: Team containing all bot accounts. + +### Sonatype (Maven Central) + +In our [Sonatype organization](https://central.sonatype.com/) we have the namespace "io.securecodebox" for Java Maven artifacts. + +Users of this namespace are the _project leads_ and a bot user for deployments. + +### FOSSA + +We use [FOSSA](https://fossa.com/) in the free tier option for open source projects to check our dependencies for violating licenses. It is integrated in the repository as a webhook. Individual persons log in there using GitHub after onboarding. We onboard everyone in the _admin-team_. + ## Organizational - The _project leads_ do a regular sync meeting: @@ -37,6 +79,32 @@ In our GitHub organization we have several teams: ## On- and Off-Boarding -**TODO** Describe on-/off-boarding +For on- and off-boarding we create an issue for each member. On- and off-boardings need to be done by a member of the _admin-team_. + +### On-boarding + +- _core-team_: + - Add to our GitHub organization with following roles: + - _core-team_ + - _contributor-team_ +- _admin-team_ (additionally to the _core-team_ on-boarding): + - Add to our GitHub organization with following roles: + - admin-team + - Register user at [Sonatype](https://central.sonatype.com/) & add to namespace "io.securecodebox" + - Add to [OWASP valut](https://team-securecodebox.1password.com/). + - Invite to [FOSSA organization](https://app.fossa.com/account/settings/organization/users) with role _Admin_ (we use the OWASP mail address because GH invite didn't work when tried). + +### Off-boarding + +- _core-team_: + - Remove role: + - core-team +- _admin-team_: + - Remove role: + - admin-team + - Remove user from namespace "io.securecodebox" in [SonaType](https://central.sonatype.com/). + - Remove access to [OWASP vault](https://team-securecodebox.1password.com/). + - Remove from [FOSSA organization](https://app.fossa.com/account/settings/organization/users) -[google-shared-drive]: https://drive.google.com/drive/folders/1cwAjEyEabdj4By-Ox6ho49NiT-vQUeDq?usp=drive_link +[google-shared-drive]: https://drive.google.com/drive/folders/1cwAjEyEabdj4By-Ox6ho49NiT-vQUeDq?usp=drive_link +[iteratec]: https://www.iteratec.com/ diff --git a/documentation/docs/contributing/test-concept/operator-test.md b/documentation/docs/contributing/test-concept/operator-test.md index 81027fd245..d5e203423b 100644 --- a/documentation/docs/contributing/test-concept/operator-test.md +++ b/documentation/docs/contributing/test-concept/operator-test.md @@ -130,10 +130,10 @@ We use the `Eventually` control loop again to check for the fulfillment of our c ### How to run a test -Running the test is easy through our makefiles. In the operator folder (securecodebox/operator), it is sufficient to run +Running the test is easy through our Taskfiles. In the operator folder (securecodebox/operator), it is sufficient to run ```bash cd operator -make test +task test ``` to execute a test run of the operator. diff --git a/documentation/docs/getting-started/installation.md b/documentation/docs/getting-started/installation.md index eff5cd292e..7733bbfd94 100644 --- a/documentation/docs/getting-started/installation.md +++ b/documentation/docs/getting-started/installation.md @@ -24,7 +24,7 @@ You're now ready to install your [first scan types and start your first scans](/ ## Supported Kubernetes Version -The secureCodeBox supports the 4 latest Kubernetes releases (`v1.34`, `v1.33`, `v1.32` & `v1.31`). Older versions might also work but are not officially supported or tested. +The secureCodeBox supports the 4 latest Kubernetes releases (`v1.35`, `v1.34`, `v1.33` & `v1.32`). Older versions might also work but are not officially supported or tested. ## Accessing the included MinIO Instance diff --git a/documentation/package-lock.json b/documentation/package-lock.json index 7d790fffe7..fda0d89930 100644 --- a/documentation/package-lock.json +++ b/documentation/package-lock.json @@ -9,9 +9,9 @@ "version": "2.0.0", "license": "Apache-2.0", "dependencies": { - "@docusaurus/core": "^3.9.2", - "@docusaurus/preset-classic": "^3.9.2", - "@docusaurus/theme-live-codeblock": "^3.9.2", + "@docusaurus/core": "^3.10.1", + "@docusaurus/preset-classic": "^3.10.1", + "@docusaurus/theme-live-codeblock": "^3.10.1", "@mdx-js/react": "^3.1.1", "clsx": "^2.1.1", "colors": "^1.4.0", @@ -21,137 +21,67 @@ "mustache": "^4.2.0", "node-fetch": "^3.1.1", "prism-react-renderer": "^2.4.1", - "react": "^19.2.1", - "react-dom": "^19.2.1", - "rimraf": "^6.1.2", - "sass": "1.94" + "react": "^19.2.6", + "react-dom": "^19.2.6", + "rimraf": "^6.1.3", + "sass": "1.99" }, "devDependencies": { "@docusaurus/module-type-aliases": "^3.6.0", - "@docusaurus/tsconfig": "^3.9.2", + "@docusaurus/tsconfig": "^3.10.1", "@docusaurus/types": "^3.6.0", - "@types/node": "^24.10.1", - "@types/react": "^19.2.7", + "@types/node": "^25.7.0", + "@types/react": "^19.2.14", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", - "sass-loader": "^16.0.6", - "typescript": "^5.9.3" + "sass-loader": "^16.0.8", + "typescript": "^6.0.3" }, "engines": { "node": ">=18.0" } }, - "node_modules/@ai-sdk/gateway": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@ai-sdk/gateway/-/gateway-2.0.0.tgz", - "integrity": "sha512-Gj0PuawK7NkZuyYgO/h5kDK/l6hFOjhLdTq3/Lli1FTl47iGmwhH1IZQpAL3Z09BeFYWakcwUmn02ovIm2wy9g==", - "license": "Apache-2.0", - "dependencies": { - "@ai-sdk/provider": "2.0.0", - "@ai-sdk/provider-utils": "3.0.12", - "@vercel/oidc": "3.0.3" - }, - "engines": { - "node": ">=18" - }, - "peerDependencies": { - "zod": "^3.25.76 || ^4.1.8" - } - }, - "node_modules/@ai-sdk/provider": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@ai-sdk/provider/-/provider-2.0.0.tgz", - "integrity": "sha512-6o7Y2SeO9vFKB8lArHXehNuusnpddKPk7xqL7T2/b+OvXMRIXUO1rR4wcv1hAFUAT9avGZshty3Wlua/XA7TvA==", - "license": "Apache-2.0", - "dependencies": { - "json-schema": "^0.4.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/@ai-sdk/provider-utils": { - "version": "3.0.12", - "resolved": "https://registry.npmjs.org/@ai-sdk/provider-utils/-/provider-utils-3.0.12.tgz", - "integrity": "sha512-ZtbdvYxdMoria+2SlNarEk6Hlgyf+zzcznlD55EAl+7VZvJaSg2sqPvwArY7L6TfDEDJsnCq0fdhBSkYo0Xqdg==", - "license": "Apache-2.0", - "dependencies": { - "@ai-sdk/provider": "2.0.0", - "@standard-schema/spec": "^1.0.0", - "eventsource-parser": "^3.0.5" - }, - "engines": { - "node": ">=18" - }, - "peerDependencies": { - "zod": "^3.25.76 || ^4.1.8" - } - }, - "node_modules/@ai-sdk/react": { - "version": "2.0.76", - "resolved": "https://registry.npmjs.org/@ai-sdk/react/-/react-2.0.76.tgz", - "integrity": "sha512-ggAPzyaKJTqUWigpxMzI5DuC0Y3iEpDUPCgz6/6CpnKZY/iok+x5xiZhDemeaP0ILw5IQekV0kdgBR8JPgI8zQ==", - "license": "Apache-2.0", - "dependencies": { - "@ai-sdk/provider-utils": "3.0.12", - "ai": "5.0.76", - "swr": "^2.2.5", - "throttleit": "2.1.0" - }, - "engines": { - "node": ">=18" - }, - "peerDependencies": { - "react": "^18 || ^19 || ^19.0.0-rc", - "zod": "^3.25.76 || ^4.1.8" - }, - "peerDependenciesMeta": { - "zod": { - "optional": true - } - } - }, "node_modules/@algolia/abtesting": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/@algolia/abtesting/-/abtesting-1.6.1.tgz", - "integrity": "sha512-wV/gNRkzb7sI9vs1OneG129hwe3Q5zPj7zigz3Ps7M5Lpo2hSorrOnXNodHEOV+yXE/ks4Pd+G3CDFIjFTWhMQ==", + "version": "1.18.0", + "resolved": "https://registry.npmjs.org/@algolia/abtesting/-/abtesting-1.18.0.tgz", + "integrity": "sha512-8siuLG+FIns1AjZ/g2SDVwHz9S+ObacDQISEJvS8XsNei1zl3FXqfqQrBpmrG7ACWCyesXHbicMJtvRbg00FEw==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/autocomplete-core": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/@algolia/autocomplete-core/-/autocomplete-core-1.19.2.tgz", - "integrity": "sha512-mKv7RyuAzXvwmq+0XRK8HqZXt9iZ5Kkm2huLjgn5JoCPtDy+oh9yxUMfDDaVCw0oyzZ1isdJBc7l9nuCyyR7Nw==", + "version": "1.19.8", + "resolved": "https://registry.npmjs.org/@algolia/autocomplete-core/-/autocomplete-core-1.19.8.tgz", + "integrity": "sha512-3YEorYg44niXcm7gkft3nXYItHd44e8tmh4D33CTszPgP0QWkaLEaFywiNyJBo7UL/mqObA/G9RYuU7R8tN1IA==", "license": "MIT", "dependencies": { - "@algolia/autocomplete-plugin-algolia-insights": "1.19.2", - "@algolia/autocomplete-shared": "1.19.2" + "@algolia/autocomplete-plugin-algolia-insights": "1.19.8", + "@algolia/autocomplete-shared": "1.19.8" } }, "node_modules/@algolia/autocomplete-plugin-algolia-insights": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.19.2.tgz", - "integrity": "sha512-TjxbcC/r4vwmnZaPwrHtkXNeqvlpdyR+oR9Wi2XyfORkiGkLTVhX2j+O9SaCCINbKoDfc+c2PB8NjfOnz7+oKg==", + "version": "1.19.8", + "resolved": "https://registry.npmjs.org/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.19.8.tgz", + "integrity": "sha512-ZvJWO8ZZJDpc1LNM2TTBdmQsZBLMR4rU5iNR2OYvEeFBiaf/0ESnRSSLQbryarJY4SVxtoz6A2ZtDMNM+iQEAA==", "license": "MIT", "dependencies": { - "@algolia/autocomplete-shared": "1.19.2" + "@algolia/autocomplete-shared": "1.19.8" }, "peerDependencies": { "search-insights": ">= 1 < 3" } }, "node_modules/@algolia/autocomplete-shared": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/@algolia/autocomplete-shared/-/autocomplete-shared-1.19.2.tgz", - "integrity": "sha512-jEazxZTVD2nLrC+wYlVHQgpBoBB5KPStrJxLzsIFl6Kqd1AlG9sIAGl39V5tECLpIQzB3Qa2T6ZPJ1ChkwMK/w==", + "version": "1.19.8", + "resolved": "https://registry.npmjs.org/@algolia/autocomplete-shared/-/autocomplete-shared-1.19.8.tgz", + "integrity": "sha512-h5hf2t8ejF6vlOgvLaZzQbWs5SyH2z4PAWygNAvvD/2RI29hdQ54ldUGwqVuj9Srs+n8XUKTPUqb7fvhBhQrnQ==", "license": "MIT", "peerDependencies": { "@algolia/client-search": ">= 4.9.1 < 6", @@ -159,100 +89,99 @@ } }, "node_modules/@algolia/client-abtesting": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-abtesting/-/client-abtesting-5.40.1.tgz", - "integrity": "sha512-cxKNATPY5t+Mv8XAVTI57altkaPH+DZi4uMrnexPxPHODMljhGYY+GDZyHwv9a+8CbZHcY372OkxXrDMZA4Lnw==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-abtesting/-/client-abtesting-5.52.0.tgz", + "integrity": "sha512-wtwPgyPmO7b7sQPVgoK29c1VpfS08DnnJCmxX/oU1pV2DlMRJCzQcLN7JSloYpodyKHwM8+9wOzlAM0co3TDmA==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/client-analytics": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-analytics/-/client-analytics-5.40.1.tgz", - "integrity": "sha512-XP008aMffJCRGAY8/70t+hyEyvqqV7YKm502VPu0+Ji30oefrTn2al7LXkITz7CK6I4eYXWRhN6NaIUi65F1OA==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-analytics/-/client-analytics-5.52.0.tgz", + "integrity": "sha512-9KY36bRl4AH7RjqSeDDOKnjsz4IxQFBEOB8/fWmEbdQe+Isbs5jGzVJu9NEPQ1Tgwxlf8Uf07Swj3jZyMNUZ2g==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/client-common": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-common/-/client-common-5.40.1.tgz", - "integrity": "sha512-gWfQuQUBtzUboJv/apVGZMoxSaB0M4Imwl1c9Ap+HpCW7V0KhjBddqF2QQt5tJZCOFsfNIgBbZDGsEPaeKUosw==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-common/-/client-common-5.52.0.tgz", + "integrity": "sha512-3a/qM3dzJqqfTx7Yrw7uGQ98I3Q0rDfb4Vkv0wEzko96l7YQMxfBVz/VbLq2N+c59GweYv6Vhp8mPeqnWJSITw==", "license": "MIT", "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/client-insights": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-insights/-/client-insights-5.40.1.tgz", - "integrity": "sha512-RTLjST/t+lsLMouQ4zeLJq2Ss+UNkLGyNVu+yWHanx6kQ3LT5jv8UvPwyht9s7R6jCPnlSI77WnL80J32ZuyJg==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-insights/-/client-insights-5.52.0.tgz", + "integrity": "sha512-Rki7ACbMcvbQW0BuM84x9dkGHY47ABmv4jU6tYssat2k02p3mIUms2YOLUAMeknhmnFsj6lb6ZzOXdMWMyc1sA==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/client-personalization": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-personalization/-/client-personalization-5.40.1.tgz", - "integrity": "sha512-2FEK6bUomBzEYkTKzD0iRs7Ljtjb45rKK/VSkyHqeJnG+77qx557IeSO0qVFE3SfzapNcoytTofnZum0BQ6r3Q==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-personalization/-/client-personalization-5.52.0.tgz", + "integrity": "sha512-96s4Uzc3kk+/f4jJXIVVGWP5XlngOGNQ1x6hW9AT59pOixHlOs5tqJg+ZUS/GQ6h/iYP0ceQcmxDQeLyCLTaDQ==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/client-query-suggestions": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-query-suggestions/-/client-query-suggestions-5.40.1.tgz", - "integrity": "sha512-Nju4NtxAvXjrV2hHZNLKVJLXjOlW6jAXHef/CwNzk1b2qIrCWDO589ELi5ZHH1uiWYoYyBXDQTtHmhaOVVoyXg==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-query-suggestions/-/client-query-suggestions-5.52.0.tgz", + "integrity": "sha512-lqeycNpSPe5Qa0OUWpejVvYQjQWV5nQuLT0a4aq7XzRAvCxprV/6Lf841EygdD2nrFnuS58ok7Au1uOtXzpnkg==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/client-search": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/client-search/-/client-search-5.40.1.tgz", - "integrity": "sha512-Mw6pAUF121MfngQtcUb5quZVqMC68pSYYjCRZkSITC085S3zdk+h/g7i6FxnVdbSU6OztxikSDMh1r7Z+4iPlA==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/client-search/-/client-search-5.52.0.tgz", + "integrity": "sha512-ly1wETVGRo30cx61O7fetESN+ElL9c9K+bD/AVgnT1ar4c6v+/Yqjrhdtu6Fm4D0s4NZP081Isf6tunH1wUXHg==", "license": "MIT", - "peer": true, "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" @@ -265,81 +194,81 @@ "license": "MIT" }, "node_modules/@algolia/ingestion": { - "version": "1.40.1", - "resolved": "https://registry.npmjs.org/@algolia/ingestion/-/ingestion-1.40.1.tgz", - "integrity": "sha512-z+BPlhs45VURKJIxsR99NNBWpUEEqIgwt10v/fATlNxc4UlXvALdOsWzaFfe89/lbP5Bu4+mbO59nqBC87ZM/g==", + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/@algolia/ingestion/-/ingestion-1.52.0.tgz", + "integrity": "sha512-U4EeTvgmluRjj39ykZSAd5X+a6LD5m7/mcOWDmB7hqm1R6QY0yT8jLxpNVEjYhzgEN5hcDGW6X67EWQY8KiYGQ==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/monitoring": { - "version": "1.40.1", - "resolved": "https://registry.npmjs.org/@algolia/monitoring/-/monitoring-1.40.1.tgz", - "integrity": "sha512-VJMUMbO0wD8Rd2VVV/nlFtLJsOAQvjnVNGkMkspFiFhpBA7s/xJOb+fJvvqwKFUjbKTUA7DjiSi1ljSMYBasXg==", + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/@algolia/monitoring/-/monitoring-1.52.0.tgz", + "integrity": "sha512-FCPnDcILfpTE94u7BVlV4DmnSV5wE3+j25EEF+3dYPrVzkVCSoAHs318oWDGxnxsAgiL4HpL12Jc4XHmw9shpA==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/recommend": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/recommend/-/recommend-5.40.1.tgz", - "integrity": "sha512-ehvJLadKVwTp9Scg9NfzVSlBKH34KoWOQNTaN8i1Ac64AnO6iH2apJVSP6GOxssaghZ/s8mFQsDH3QIZoluFHA==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/recommend/-/recommend-5.52.0.tgz", + "integrity": "sha512-br3DO7n4N8CXwTRbZS0MnB4WQ9YHfNjCwkCEzVR/wek/qNTDQKDb0nROmkFaNZ8ucUqUVKZi074dbwMwRDlK8Q==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "@algolia/client-common": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/requester-browser-xhr": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/requester-browser-xhr/-/requester-browser-xhr-5.40.1.tgz", - "integrity": "sha512-PbidVsPurUSQIr6X9/7s34mgOMdJnn0i6p+N6Ab+lsNhY5eiu+S33kZEpZwkITYBCIbhzDLOvb7xZD3gDi+USA==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/requester-browser-xhr/-/requester-browser-xhr-5.52.0.tgz", + "integrity": "sha512-b0T/Ca2c9KyEslKsVrGZvbe1UrrKKSdfXhBZ2pbpKahFUzJfziRZ0urbOm7V65O0tO/jwU+Lo/+bIiiyhzGt8w==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1" + "@algolia/client-common": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/requester-fetch": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/requester-fetch/-/requester-fetch-5.40.1.tgz", - "integrity": "sha512-ThZ5j6uOZCF11fMw9IBkhigjOYdXGXQpj6h4k+T9UkZrF2RlKcPynFzDeRgaLdpYk8Yn3/MnFbwUmib7yxj5Lw==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/requester-fetch/-/requester-fetch-5.52.0.tgz", + "integrity": "sha512-ozBT8J/mtD4H4IAojw8QPirlcL2gHrI1BGuZ4/ZXXO/rTE1yQ4VIPJj4mTTbwo4FbkS1MoJsD/DsrqLzhnc4/g==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1" + "@algolia/client-common": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/@algolia/requester-node-http": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/@algolia/requester-node-http/-/requester-node-http-5.40.1.tgz", - "integrity": "sha512-H1gYPojO6krWHnUXu/T44DrEun/Wl95PJzMXRcM/szstNQczSbwq6wIFJPI9nyE95tarZfUNU3rgorT+wZ6iCQ==", + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/@algolia/requester-node-http/-/requester-node-http-5.52.0.tgz", + "integrity": "sha512-gyyWcLD22tnabmoit4iukCXuoRc5HYJuUjPSEa8a0D/f/NlRafpWi52AlAaa4Uu/rsl7saHsJFTNjTptWbu2+A==", "license": "MIT", "dependencies": { - "@algolia/client-common": "5.40.1" + "@algolia/client-common": "5.52.0" }, "engines": { "node": ">= 14.0.0" @@ -359,12 +288,12 @@ } }, "node_modules/@babel/code-frame": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", - "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", + "version": "7.29.0", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz", + "integrity": "sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==", "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.27.1", + "@babel/helper-validator-identifier": "^7.28.5", "js-tokens": "^4.0.0", "picocolors": "^1.1.1" }, @@ -386,7 +315,6 @@ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", "license": "MIT", - "peer": true, "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.26.0", @@ -422,15 +350,15 @@ } }, "node_modules/@babel/generator": { - "version": "7.27.3", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.27.3.tgz", - "integrity": "sha512-xnlJYj5zepml8NXtjkG0WquFUv8RskFqyFcVgTBp5k+NaA/8uw/K+OSVf8AMGw5e9HKP2ETd5xpK5MLZQD6b4Q==", + "version": "7.29.1", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.29.1.tgz", + "integrity": "sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==", "license": "MIT", "dependencies": { - "@babel/parser": "^7.27.3", - "@babel/types": "^7.27.3", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", + "@babel/parser": "^7.29.0", + "@babel/types": "^7.29.0", + "@jridgewell/gen-mapping": "^0.3.12", + "@jridgewell/trace-mapping": "^0.3.28", "jsesc": "^3.0.2" }, "engines": { @@ -559,6 +487,15 @@ "@babel/core": "^7.4.0 || ^8.0.0-0 <8.0.0" } }, + "node_modules/@babel/helper-globals": { + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz", + "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==", + "license": "MIT", + "engines": { + "node": ">=6.9.0" + } + }, "node_modules/@babel/helper-member-expression-to-functions": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.25.9.tgz", @@ -573,13 +510,13 @@ } }, "node_modules/@babel/helper-module-imports": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.27.1.tgz", - "integrity": "sha512-0gSFWUPNXNopqtIPQvlD5WgXYI5GY2kP2cCvoT8kczjbfcfuIljTbcWrulD1CIPIX2gt1wghbDy08yE1p+/r3w==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.28.6.tgz", + "integrity": "sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==", "license": "MIT", "dependencies": { - "@babel/traverse": "^7.27.1", - "@babel/types": "^7.27.1" + "@babel/traverse": "^7.28.6", + "@babel/types": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -615,9 +552,9 @@ } }, "node_modules/@babel/helper-plugin-utils": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.27.1.tgz", - "integrity": "sha512-1gn1Up5YXka3YYAHGKpbideQ5Yjf1tDa9qYcgysz+cNCXukyLl6DjPXhD3VRwSb8c0J9tA4b2+rHEZtc6R0tlw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.28.6.tgz", + "integrity": "sha512-S9gzZ/bz83GRysI7gAD4wPT/AI3uCnY+9xn+Mx/KPs2JwHJIz1W8PZkg2cqyt3RNOBM8ejcXhV6y8Og7ly/Dug==", "license": "MIT", "engines": { "node": ">=6.9.0" @@ -693,9 +630,9 @@ } }, "node_modules/@babel/helper-validator-identifier": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", - "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "version": "7.28.5", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz", + "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==", "license": "MIT", "engines": { "node": ">=6.9.0" @@ -738,12 +675,12 @@ } }, "node_modules/@babel/parser": { - "version": "7.27.4", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.4.tgz", - "integrity": "sha512-BRmLHGwpUqLFR2jzx9orBuX/ABDkj2jLKOXrHDTN2aOKL+jFDDKaRNo9nyYsIl9h/UE/7lMKdDjKQQyxKKDZ7g==", + "version": "7.29.2", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.2.tgz", + "integrity": "sha512-4GgRzy/+fsBa72/RZVJmGKPmZu9Byn8o4MoLpmNe1m8ZfYnz5emHLQz3U4gLud6Zwl0RZIcgiLD7Uq7ySFuDLA==", "license": "MIT", "dependencies": { - "@babel/types": "^7.27.3" + "@babel/types": "^7.29.0" }, "bin": { "parser": "bin/babel-parser.js" @@ -1662,13 +1599,13 @@ } }, "node_modules/@babel/plugin-transform-runtime": { - "version": "7.28.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.28.3.tgz", - "integrity": "sha512-Y6ab1kGqZ0u42Zv/4a7l0l72n9DKP/MKoKWaUSBylrhNZO2prYuqFOLbn5aW5SIFXwSH93yfjbgllL8lxuGKLg==", + "version": "7.29.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.29.0.tgz", + "integrity": "sha512-jlaRT5dJtMaMCV6fAuLbsQMSwz/QkvaHOHOSXRitGGwSpR1blCY4KUKoyP2tYO8vJcqYe8cEj96cqSztv3uF9w==", "license": "MIT", "dependencies": { - "@babel/helper-module-imports": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/helper-module-imports": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6", "babel-plugin-polyfill-corejs2": "^0.4.14", "babel-plugin-polyfill-corejs3": "^0.13.0", "babel-plugin-polyfill-regenerator": "^0.6.5", @@ -2018,58 +1955,46 @@ "node": ">=6.9.0" } }, - "node_modules/@babel/runtime-corejs3": { - "version": "7.28.4", - "resolved": "https://registry.npmjs.org/@babel/runtime-corejs3/-/runtime-corejs3-7.28.4.tgz", - "integrity": "sha512-h7iEYiW4HebClDEhtvFObtPmIvrd1SSfpI9EhOeKk4CtIK/ngBWFpuhCzhdmRKtg71ylcue+9I6dv54XYO1epQ==", - "license": "MIT", - "dependencies": { - "core-js-pure": "^3.43.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, "node_modules/@babel/template": { - "version": "7.27.2", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", - "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.28.6.tgz", + "integrity": "sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==", "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.27.1", - "@babel/parser": "^7.27.2", - "@babel/types": "^7.27.1" + "@babel/code-frame": "^7.28.6", + "@babel/parser": "^7.28.6", + "@babel/types": "^7.28.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/traverse": { - "version": "7.27.4", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.27.4.tgz", - "integrity": "sha512-oNcu2QbHqts9BtOWJosOVJapWjBDSxGCpFvikNR5TGDYDQf3JwpIoMzIKrvfoti93cLfPJEG4tH9SPVeyCGgdA==", + "version": "7.29.0", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.29.0.tgz", + "integrity": "sha512-4HPiQr0X7+waHfyXPZpWPfWL/J7dcN1mx9gL6WdQVMbPnF3+ZhSMs8tCxN7oHddJE9fhNE7+lxdnlyemKfJRuA==", "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.27.1", - "@babel/generator": "^7.27.3", - "@babel/parser": "^7.27.4", - "@babel/template": "^7.27.2", - "@babel/types": "^7.27.3", - "debug": "^4.3.1", - "globals": "^11.1.0" + "@babel/code-frame": "^7.29.0", + "@babel/generator": "^7.29.0", + "@babel/helper-globals": "^7.28.0", + "@babel/parser": "^7.29.0", + "@babel/template": "^7.28.6", + "@babel/types": "^7.29.0", + "debug": "^4.3.1" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/types": { - "version": "7.27.3", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.3.tgz", - "integrity": "sha512-Y1GkI4ktrtvmawoSq+4FCVHNryea6uR+qUQy0AGxLSsjCX0nVmkYQMBLHDkXZuo5hGx7eYdnIaslsdBFm7zbUw==", + "version": "7.29.0", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.0.tgz", + "integrity": "sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==", "license": "MIT", "dependencies": { "@babel/helper-string-parser": "^7.27.1", - "@babel/helper-validator-identifier": "^7.27.1" + "@babel/helper-validator-identifier": "^7.28.5" }, "engines": { "node": ">=6.9.0" @@ -2191,7 +2116,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" }, @@ -2214,7 +2138,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" } @@ -2320,11 +2243,10 @@ } }, "node_modules/@csstools/postcss-cascade-layers/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -2742,11 +2664,10 @@ } }, "node_modules/@csstools/postcss-is-pseudo-class/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -2982,9 +2903,9 @@ } }, "node_modules/@csstools/postcss-normalize-display-values": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/@csstools/postcss-normalize-display-values/-/postcss-normalize-display-values-4.0.0.tgz", - "integrity": "sha512-HlEoG0IDRoHXzXnkV4in47dzsxdsjdz6+j7MLjaACABX2NfvjFS6XVAnpaDyGesz9gK2SC7MbNwdCHusObKJ9Q==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/@csstools/postcss-normalize-display-values/-/postcss-normalize-display-values-4.0.1.tgz", + "integrity": "sha512-TQUGBuRvxdc7TgNSTevYqrL8oItxiwPDixk20qCB5me/W8uF7BPbhRrAvFuhEoywQp/woRsUZ6SJ+sU5idZAIA==", "funding": [ { "type": "github", @@ -3035,6 +2956,28 @@ "postcss": "^8.4" } }, + "node_modules/@csstools/postcss-position-area-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@csstools/postcss-position-area-property/-/postcss-position-area-property-1.0.0.tgz", + "integrity": "sha512-fUP6KR8qV2NuUZV3Cw8itx0Ep90aRjAZxAEzC3vrl6yjFv+pFsQbR18UuQctEKmA72K9O27CoYiKEgXxkqjg8Q==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/csstools" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/csstools" + } + ], + "license": "MIT-0", + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "postcss": "^8.4" + } + }, "node_modules/@csstools/postcss-progressive-custom-properties": { "version": "4.2.1", "resolved": "https://registry.npmjs.org/@csstools/postcss-progressive-custom-properties/-/postcss-progressive-custom-properties-4.2.1.tgz", @@ -3060,6 +3003,32 @@ "postcss": "^8.4" } }, + "node_modules/@csstools/postcss-property-rule-prelude-list": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@csstools/postcss-property-rule-prelude-list/-/postcss-property-rule-prelude-list-1.0.0.tgz", + "integrity": "sha512-IxuQjUXq19fobgmSSvUDO7fVwijDJaZMvWQugxfEUxmjBeDCVaDuMpsZ31MsTm5xbnhA+ElDi0+rQ7sQQGisFA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/csstools" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/csstools" + } + ], + "license": "MIT-0", + "dependencies": { + "@csstools/css-parser-algorithms": "^3.0.5", + "@csstools/css-tokenizer": "^3.0.4" + }, + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "postcss": "^8.4" + } + }, "node_modules/@csstools/postcss-random-function": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@csstools/postcss-random-function/-/postcss-random-function-2.0.1.tgz", @@ -3142,9 +3111,9 @@ } }, "node_modules/@csstools/postcss-scope-pseudo-class/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -3208,6 +3177,57 @@ "postcss": "^8.4" } }, + "node_modules/@csstools/postcss-syntax-descriptor-syntax-production": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@csstools/postcss-syntax-descriptor-syntax-production/-/postcss-syntax-descriptor-syntax-production-1.0.1.tgz", + "integrity": "sha512-GneqQWefjM//f4hJ/Kbox0C6f2T7+pi4/fqTqOFGTL3EjnvOReTqO1qUQ30CaUjkwjYq9qZ41hzarrAxCc4gow==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/csstools" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/csstools" + } + ], + "license": "MIT-0", + "dependencies": { + "@csstools/css-tokenizer": "^3.0.4" + }, + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "postcss": "^8.4" + } + }, + "node_modules/@csstools/postcss-system-ui-font-family": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@csstools/postcss-system-ui-font-family/-/postcss-system-ui-font-family-1.0.0.tgz", + "integrity": "sha512-s3xdBvfWYfoPSBsikDXbuorcMG1nN1M6GdU0qBsGfcmNR0A/qhloQZpTxjA3Xsyrk1VJvwb2pOfiOT3at/DuIQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/csstools" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/csstools" + } + ], + "license": "MIT-0", + "dependencies": { + "@csstools/css-parser-algorithms": "^3.0.5", + "@csstools/css-tokenizer": "^3.0.4" + }, + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "postcss": "^8.4" + } + }, "node_modules/@csstools/postcss-text-decoration-shorthand": { "version": "4.0.3", "resolved": "https://registry.npmjs.org/@csstools/postcss-text-decoration-shorthand/-/postcss-text-decoration-shorthand-4.0.3.tgz", @@ -3313,25 +3333,43 @@ "node": ">=10.0.0" } }, + "node_modules/@docsearch/core": { + "version": "4.6.3", + "resolved": "https://registry.npmjs.org/@docsearch/core/-/core-4.6.3.tgz", + "integrity": "sha512-rUOujwIpxJRgD7+kicVsI3D5sqBvdiRTquzWBpTEXZs8ZXfGbfzpus5HqumaNYTppN2HvH8E2yNuRwYdHJeOlA==", + "license": "MIT", + "peerDependencies": { + "@types/react": ">= 16.8.0 < 20.0.0", + "react": ">= 16.8.0 < 20.0.0", + "react-dom": ">= 16.8.0 < 20.0.0" + }, + "peerDependenciesMeta": { + "@types/react": { + "optional": true + }, + "react": { + "optional": true + }, + "react-dom": { + "optional": true + } + } + }, "node_modules/@docsearch/css": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/@docsearch/css/-/css-4.2.0.tgz", - "integrity": "sha512-65KU9Fw5fGsPPPlgIghonMcndyx1bszzrDQYLfierN+Ha29yotMHzVS94bPkZS6On9LS8dE4qmW4P/fGjtCf/g==", + "version": "4.6.3", + "resolved": "https://registry.npmjs.org/@docsearch/css/-/css-4.6.3.tgz", + "integrity": "sha512-nlOwcXcsNAptQl4vlL4MA78qNJKO0Qlds5GuBjCoePgkebTXLSf8Qt1oyZ3YBshYupKXG9VRGEsk1zr23d+bzQ==", "license": "MIT" }, "node_modules/@docsearch/react": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/@docsearch/react/-/react-4.2.0.tgz", - "integrity": "sha512-zSN/KblmtBcerf7Z87yuKIHZQmxuXvYc6/m0+qnjyNu+Ir67AVOagTa1zBqcxkVUVkmBqUExdcyrdo9hbGbqTw==", + "version": "4.6.3", + "resolved": "https://registry.npmjs.org/@docsearch/react/-/react-4.6.3.tgz", + "integrity": "sha512-Bg2wdDsoQVlNCcEKuEJAU04tvHCqgx8rIu+uIoM4pRtcx3TBKJuXutJik3LTA8LRc9YEyHkrYUrmcC0D7BYf+g==", "license": "MIT", "dependencies": { - "@ai-sdk/react": "^2.0.30", "@algolia/autocomplete-core": "1.19.2", - "@docsearch/css": "4.2.0", - "ai": "^5.0.30", - "algoliasearch": "^5.28.0", - "marked": "^16.3.0", - "zod": "^4.1.8" + "@docsearch/core": "4.6.3", + "@docsearch/css": "4.6.3" }, "peerDependencies": { "@types/react": ">= 16.8.0 < 20.0.0", @@ -3354,10 +3392,42 @@ } } }, + "node_modules/@docsearch/react/node_modules/@algolia/autocomplete-core": { + "version": "1.19.2", + "resolved": "https://registry.npmjs.org/@algolia/autocomplete-core/-/autocomplete-core-1.19.2.tgz", + "integrity": "sha512-mKv7RyuAzXvwmq+0XRK8HqZXt9iZ5Kkm2huLjgn5JoCPtDy+oh9yxUMfDDaVCw0oyzZ1isdJBc7l9nuCyyR7Nw==", + "license": "MIT", + "dependencies": { + "@algolia/autocomplete-plugin-algolia-insights": "1.19.2", + "@algolia/autocomplete-shared": "1.19.2" + } + }, + "node_modules/@docsearch/react/node_modules/@algolia/autocomplete-plugin-algolia-insights": { + "version": "1.19.2", + "resolved": "https://registry.npmjs.org/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.19.2.tgz", + "integrity": "sha512-TjxbcC/r4vwmnZaPwrHtkXNeqvlpdyR+oR9Wi2XyfORkiGkLTVhX2j+O9SaCCINbKoDfc+c2PB8NjfOnz7+oKg==", + "license": "MIT", + "dependencies": { + "@algolia/autocomplete-shared": "1.19.2" + }, + "peerDependencies": { + "search-insights": ">= 1 < 3" + } + }, + "node_modules/@docsearch/react/node_modules/@algolia/autocomplete-shared": { + "version": "1.19.2", + "resolved": "https://registry.npmjs.org/@algolia/autocomplete-shared/-/autocomplete-shared-1.19.2.tgz", + "integrity": "sha512-jEazxZTVD2nLrC+wYlVHQgpBoBB5KPStrJxLzsIFl6Kqd1AlG9sIAGl39V5tECLpIQzB3Qa2T6ZPJ1ChkwMK/w==", + "license": "MIT", + "peerDependencies": { + "@algolia/client-search": ">= 4.9.1 < 6", + "algoliasearch": ">= 4.9.1 < 6" + } + }, "node_modules/@docusaurus/babel": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/babel/-/babel-3.9.2.tgz", - "integrity": "sha512-GEANdi/SgER+L7Japs25YiGil/AUDnFFHaCGPBbundxoWtCkA2lmy7/tFmgED4y1htAy6Oi4wkJEQdGssnw9MA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/babel/-/babel-3.10.1.tgz", + "integrity": "sha512-DZzFO1K3v/GoEt1fx1DiYHF4en+PuhtQf1AkQJa5zu3CoeKSpr5cpQRUlz3jr0m44wyzmSXu9bVpfir+N4+8bg==", "license": "MIT", "dependencies": { "@babel/core": "^7.25.9", @@ -3368,10 +3438,9 @@ "@babel/preset-react": "^7.25.9", "@babel/preset-typescript": "^7.25.9", "@babel/runtime": "^7.25.9", - "@babel/runtime-corejs3": "^7.25.9", "@babel/traverse": "^7.25.9", - "@docusaurus/logger": "3.9.2", - "@docusaurus/utils": "3.9.2", + "@docusaurus/logger": "3.10.1", + "@docusaurus/utils": "3.10.1", "babel-plugin-dynamic-import-node": "^2.3.3", "fs-extra": "^11.1.1", "tslib": "^2.6.0" @@ -3381,17 +3450,17 @@ } }, "node_modules/@docusaurus/bundler": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/bundler/-/bundler-3.9.2.tgz", - "integrity": "sha512-ZOVi6GYgTcsZcUzjblpzk3wH1Fya2VNpd5jtHoCCFcJlMQ1EYXZetfAnRHLcyiFeBABaI1ltTYbOBtH/gahGVA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/bundler/-/bundler-3.10.1.tgz", + "integrity": "sha512-HIqQPvbqnnQRe4NsBd1774KRarjXqS6wHsWELtyuSs1gCfvixJO2jUGH/OEBtr1Gvzpw+ze5CjGMvSJ8UE1KUw==", "license": "MIT", "dependencies": { "@babel/core": "^7.25.9", - "@docusaurus/babel": "3.9.2", - "@docusaurus/cssnano-preset": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", + "@docusaurus/babel": "3.10.1", + "@docusaurus/cssnano-preset": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", "babel-loader": "^9.2.1", "clean-css": "^5.3.3", "copy-webpack-plugin": "^11.0.0", @@ -3409,7 +3478,7 @@ "tslib": "^2.6.0", "url-loader": "^4.1.1", "webpack": "^5.95.0", - "webpackbar": "^6.0.1" + "webpackbar": "^7.0.0" }, "engines": { "node": ">=20.0" @@ -3424,19 +3493,18 @@ } }, "node_modules/@docusaurus/core": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-3.9.2.tgz", - "integrity": "sha512-HbjwKeC+pHUFBfLMNzuSjqFE/58+rLVKmOU3lxQrpsxLBOGosYco/Q0GduBb0/jEMRiyEqjNT/01rRdOMWq5pw==", - "license": "MIT", - "peer": true, - "dependencies": { - "@docusaurus/babel": "3.9.2", - "@docusaurus/bundler": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/mdx-loader": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-3.10.1.tgz", + "integrity": "sha512-3pf2fXXw0eVk8WnC3T4LIigRDupcpvngpKo9Vy7mYyBhuddc0klDUuZAIfzMoK6z05pdlk6EFC/vBSX43+1O5w==", + "license": "MIT", + "dependencies": { + "@docusaurus/babel": "3.10.1", + "@docusaurus/bundler": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/mdx-loader": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "boxen": "^6.2.1", "chalk": "^4.1.2", "chokidar": "^3.5.3", @@ -3448,7 +3516,7 @@ "escape-html": "^1.0.3", "eta": "^2.2.0", "eval": "^0.1.8", - "execa": "5.1.1", + "execa": "^5.1.1", "fs-extra": "^11.1.1", "html-tags": "^3.3.1", "html-webpack-plugin": "^5.6.0", @@ -3459,12 +3527,12 @@ "prompts": "^2.4.2", "react-helmet-async": "npm:@slorber/react-helmet-async@1.3.0", "react-loadable": "npm:@docusaurus/react-loadable@6.0.0", - "react-loadable-ssr-addon-v5-slorber": "^1.0.1", + "react-loadable-ssr-addon-v5-slorber": "^1.0.3", "react-router": "^5.3.4", "react-router-config": "^5.1.1", "react-router-dom": "^5.3.4", "semver": "^7.5.4", - "serve-handler": "^6.1.6", + "serve-handler": "^6.1.7", "tinypool": "^1.0.2", "tslib": "^2.6.0", "update-notifier": "^6.0.2", @@ -3480,15 +3548,21 @@ "node": ">=20.0" }, "peerDependencies": { + "@docusaurus/faster": "*", "@mdx-js/react": "^3.0.0", "react": "^18.0.0 || ^19.0.0", "react-dom": "^18.0.0 || ^19.0.0" + }, + "peerDependenciesMeta": { + "@docusaurus/faster": { + "optional": true + } } }, "node_modules/@docusaurus/cssnano-preset": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/cssnano-preset/-/cssnano-preset-3.9.2.tgz", - "integrity": "sha512-8gBKup94aGttRduABsj7bpPFTX7kbwu+xh3K9NMCF5K4bWBqTFYW+REKHF6iBVDHRJ4grZdIPbvkiHd/XNKRMQ==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/cssnano-preset/-/cssnano-preset-3.10.1.tgz", + "integrity": "sha512-eNfHGcTKCSq6xmcavAkX3RRclHaE2xRCMParlDXLdXVP01/a2e/jKXMj/0ULnLFQSNwwuI62L0Ge8J+nZsR7UQ==", "license": "MIT", "dependencies": { "cssnano-preset-advanced": "^6.1.2", @@ -3501,9 +3575,9 @@ } }, "node_modules/@docusaurus/logger": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/logger/-/logger-3.9.2.tgz", - "integrity": "sha512-/SVCc57ByARzGSU60c50rMyQlBuMIJCjcsJlkphxY6B0GV4UH3tcA1994N8fFfbJ9kX3jIBe/xg3XP5qBtGDbA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/logger/-/logger-3.10.1.tgz", + "integrity": "sha512-oPjNFnfJsRCkePVjkGrxWGq4MvJKRQT0r9jOP0eRBTZ7Wr9FAbzdP/Gjs0I2Ss6YRkPoEgygKG112OkE6skvJw==", "license": "MIT", "dependencies": { "chalk": "^4.1.2", @@ -3514,14 +3588,14 @@ } }, "node_modules/@docusaurus/mdx-loader": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/mdx-loader/-/mdx-loader-3.9.2.tgz", - "integrity": "sha512-wiYoGwF9gdd6rev62xDU8AAM8JuLI/hlwOtCzMmYcspEkzecKrP8J8X+KpYnTlACBUUtXNJpSoCwFWJhLRevzQ==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/mdx-loader/-/mdx-loader-3.10.1.tgz", + "integrity": "sha512-GRmeb/wQ+iXRrFwcHBfgQhrJxGElgCsoTWZYDhccjsZVne1p8MK/EpQVIloXttz76TCe78kKD5AEG9n1xc1oxQ==", "license": "MIT", "dependencies": { - "@docusaurus/logger": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/logger": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "@mdx-js/mdx": "^3.0.0", "@slorber/remark-comment": "^1.0.0", "escape-html": "^1.0.3", @@ -3553,12 +3627,12 @@ } }, "node_modules/@docusaurus/module-type-aliases": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/module-type-aliases/-/module-type-aliases-3.9.2.tgz", - "integrity": "sha512-8qVe2QA9hVLzvnxP46ysuofJUIc/yYQ82tvA/rBTrnpXtCjNSFLxEZfd5U8cYZuJIVlkPxamsIgwd5tGZXfvew==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/module-type-aliases/-/module-type-aliases-3.10.1.tgz", + "integrity": "sha512-YoOZKUdGlp8xSYhuAkGdSo5Ydkbq4V4eK3sD8v0a2hloxCWdQbNBhkc+Ko9QyjpESc0BYcIGM5iHVAy5hdFV6w==", "license": "MIT", "dependencies": { - "@docusaurus/types": "3.9.2", + "@docusaurus/types": "3.10.1", "@types/history": "^4.7.11", "@types/react": "*", "@types/react-router-config": "*", @@ -3572,20 +3646,21 @@ } }, "node_modules/@docusaurus/plugin-content-blog": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-blog/-/plugin-content-blog-3.9.2.tgz", - "integrity": "sha512-3I2HXy3L1QcjLJLGAoTvoBnpOwa6DPUa3Q0dMK19UTY9mhPkKQg/DYhAGTiBUKcTR0f08iw7kLPqOhIgdV3eVQ==", - "license": "MIT", - "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/mdx-loader": "3.9.2", - "@docusaurus/theme-common": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-blog/-/plugin-content-blog-3.10.1.tgz", + "integrity": "sha512-mmkgE6Q2+K74tnkou7tXlpDLvoCU/qkSa2GSQ3XUiHWvcebCoDQzS670RR3tO8PmaWlIyWWISYWzZLuMfxunRA==", + "license": "MIT", + "dependencies": { + "@docusaurus/core": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/mdx-loader": "3.10.1", + "@docusaurus/theme-common": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "cheerio": "1.0.0-rc.12", + "combine-promises": "^1.1.0", "feed": "^4.2.2", "fs-extra": "^11.1.1", "lodash": "^4.17.21", @@ -3606,21 +3681,20 @@ } }, "node_modules/@docusaurus/plugin-content-docs": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-3.9.2.tgz", - "integrity": "sha512-C5wZsGuKTY8jEYsqdxhhFOe1ZDjH0uIYJ9T/jebHwkyxqnr4wW0jTkB72OMqNjsoQRcb0JN3PcSeTwFlVgzCZg==", - "license": "MIT", - "peer": true, - "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/mdx-loader": "3.9.2", - "@docusaurus/module-type-aliases": "3.9.2", - "@docusaurus/theme-common": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-3.10.1.tgz", + "integrity": "sha512-2jRVrtzjf8LClGTHQlwlwuD3wQXRx3WEoF7XUarJ8Ou+0onV+SLtejsyfY9JLpfUh9hPhXM4pbBGkyAY4Bi3HQ==", + "license": "MIT", + "dependencies": { + "@docusaurus/core": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/mdx-loader": "3.10.1", + "@docusaurus/module-type-aliases": "3.10.1", + "@docusaurus/theme-common": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "@types/react-router-config": "^5.0.7", "combine-promises": "^1.1.0", "fs-extra": "^11.1.1", @@ -3640,16 +3714,16 @@ } }, "node_modules/@docusaurus/plugin-content-pages": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-pages/-/plugin-content-pages-3.9.2.tgz", - "integrity": "sha512-s4849w/p4noXUrGpPUF0BPqIAfdAe76BLaRGAGKZ1gTDNiGxGcpsLcwJ9OTi1/V8A+AzvsmI9pkjie2zjIQZKA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-pages/-/plugin-content-pages-3.10.1.tgz", + "integrity": "sha512-huJpaRPMl42nsFwuCXvV8bVDj2MazuwRJIUylI/RSlmZeJssVoZXeCjVf1y+1Drtpa9SKcdGn8yoJ76IRJijtw==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/mdx-loader": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/mdx-loader": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "fs-extra": "^11.1.1", "tslib": "^2.6.0", "webpack": "^5.88.1" @@ -3663,15 +3737,15 @@ } }, "node_modules/@docusaurus/plugin-css-cascade-layers": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-css-cascade-layers/-/plugin-css-cascade-layers-3.9.2.tgz", - "integrity": "sha512-w1s3+Ss+eOQbscGM4cfIFBlVg/QKxyYgj26k5AnakuHkKxH6004ZtuLe5awMBotIYF2bbGDoDhpgQ4r/kcj4rQ==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-css-cascade-layers/-/plugin-css-cascade-layers-3.10.1.tgz", + "integrity": "sha512-r//fn+MNHkE1wCof8T29VAQezt1enGCpsFxoziBbvLgBM4JfXN2P3rxrBaavHmvLvm7lYkpJeitcDthwnmWCTw==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "tslib": "^2.6.0" }, "engines": { @@ -3679,14 +3753,14 @@ } }, "node_modules/@docusaurus/plugin-debug": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-debug/-/plugin-debug-3.9.2.tgz", - "integrity": "sha512-j7a5hWuAFxyQAkilZwhsQ/b3T7FfHZ+0dub6j/GxKNFJp2h9qk/P1Bp7vrGASnvA9KNQBBL1ZXTe7jlh4VdPdA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-debug/-/plugin-debug-3.10.1.tgz", + "integrity": "sha512-9KqOpKNfAyqGZykRb9LhIT/vyRF6sm/ykhjj/39JvaJahDS+jZJE0Z1Wfz9q3DUNDTMNN0Q7u/kk4rKKU+IJuA==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", "fs-extra": "^11.1.1", "react-json-view-lite": "^2.3.0", "tslib": "^2.6.0" @@ -3700,14 +3774,14 @@ } }, "node_modules/@docusaurus/plugin-google-analytics": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-3.9.2.tgz", - "integrity": "sha512-mAwwQJ1Us9jL/lVjXtErXto4p4/iaLlweC54yDUK1a97WfkC6Z2k5/769JsFgwOwOP+n5mUQGACXOEQ0XDuVUw==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-3.10.1.tgz", + "integrity": "sha512-8o0P1KtmgdYQHH+oInitPpRWI0Of5XednAX4+DMhQNSmGSRNrsEEHg1ebv35m9AgRClfAytCJ5jA9KvcASTyuA==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "tslib": "^2.6.0" }, "engines": { @@ -3719,15 +3793,15 @@ } }, "node_modules/@docusaurus/plugin-google-gtag": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-3.9.2.tgz", - "integrity": "sha512-YJ4lDCphabBtw19ooSlc1MnxtYGpjFV9rEdzjLsUnBCeis2djUyCozZaFhCg6NGEwOn7HDDyMh0yzcdRpnuIvA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-3.10.1.tgz", + "integrity": "sha512-pu3xIUo5o/zCMLfUY9BO5KOwSH0zIsAGyFRPvXHayFSA5XIhCU/SFuB0g0ZNjFn9niZLCaNvoeAuOGFJZq0fdw==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", - "@types/gtag.js": "^0.0.12", + "@docusaurus/core": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", + "@types/gtag.js": "^0.0.20", "tslib": "^2.6.0" }, "engines": { @@ -3739,14 +3813,14 @@ } }, "node_modules/@docusaurus/plugin-google-tag-manager": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-tag-manager/-/plugin-google-tag-manager-3.9.2.tgz", - "integrity": "sha512-LJtIrkZN/tuHD8NqDAW1Tnw0ekOwRTfobWPsdO15YxcicBo2ykKF0/D6n0vVBfd3srwr9Z6rzrIWYrMzBGrvNw==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-tag-manager/-/plugin-google-tag-manager-3.10.1.tgz", + "integrity": "sha512-f6fyGHiCm7kJHBtAisGQS5oNBnpnMTYQZxDXeVrnw/3zWU+LMA22pr6UHGYkBKDbN+qPC5QHG3NuOfzQLq3+Lw==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "tslib": "^2.6.0" }, "engines": { @@ -3758,17 +3832,17 @@ } }, "node_modules/@docusaurus/plugin-sitemap": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-sitemap/-/plugin-sitemap-3.9.2.tgz", - "integrity": "sha512-WLh7ymgDXjG8oPoM/T4/zUP7KcSuFYRZAUTl8vR6VzYkfc18GBM4xLhcT+AKOwun6kBivYKUJf+vlqYJkm+RHw==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-sitemap/-/plugin-sitemap-3.10.1.tgz", + "integrity": "sha512-C26MbmmqgdjkDq1htaZ3aD7LzEDKFWXfpyQpt0EOUThuq5nV77zDaedV20yHcVo9p+3ey9aZ4pbHA0D3QcZTzg==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "fs-extra": "^11.1.1", "sitemap": "^7.1.1", "tslib": "^2.6.0" @@ -3782,15 +3856,15 @@ } }, "node_modules/@docusaurus/plugin-svgr": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/plugin-svgr/-/plugin-svgr-3.9.2.tgz", - "integrity": "sha512-n+1DE+5b3Lnf27TgVU5jM1d4x5tUh2oW5LTsBxJX4PsAPV0JGcmI6p3yLYtEY0LRVEIJh+8RsdQmRE66wSV8mw==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/plugin-svgr/-/plugin-svgr-3.10.1.tgz", + "integrity": "sha512-6SFxsmjWFkVLDmBUvFK6i72QjUwqyQFe4Ovz+SUJophJjOyVG3ZZG5IQpBC/kX/Gfv1yWeU9nWauH6F6Q7QX/Q==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "@svgr/core": "8.1.0", "@svgr/webpack": "^8.1.0", "tslib": "^2.6.0", @@ -3805,26 +3879,26 @@ } }, "node_modules/@docusaurus/preset-classic": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/preset-classic/-/preset-classic-3.9.2.tgz", - "integrity": "sha512-IgyYO2Gvaigi21LuDIe+nvmN/dfGXAiMcV/murFqcpjnZc7jxFAxW+9LEjdPt61uZLxG4ByW/oUmX/DDK9t/8w==", - "license": "MIT", - "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/plugin-content-blog": "3.9.2", - "@docusaurus/plugin-content-docs": "3.9.2", - "@docusaurus/plugin-content-pages": "3.9.2", - "@docusaurus/plugin-css-cascade-layers": "3.9.2", - "@docusaurus/plugin-debug": "3.9.2", - "@docusaurus/plugin-google-analytics": "3.9.2", - "@docusaurus/plugin-google-gtag": "3.9.2", - "@docusaurus/plugin-google-tag-manager": "3.9.2", - "@docusaurus/plugin-sitemap": "3.9.2", - "@docusaurus/plugin-svgr": "3.9.2", - "@docusaurus/theme-classic": "3.9.2", - "@docusaurus/theme-common": "3.9.2", - "@docusaurus/theme-search-algolia": "3.9.2", - "@docusaurus/types": "3.9.2" + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/preset-classic/-/preset-classic-3.10.1.tgz", + "integrity": "sha512-YO/FL8v1zmbxoTso6mjMz/RDjhaTJxb1UpFFTDdY5847LLDCeyYiYlrhyTbgN1RIN3xnkLKZ9Lj1x8hUzI4JOg==", + "license": "MIT", + "dependencies": { + "@docusaurus/core": "3.10.1", + "@docusaurus/plugin-content-blog": "3.10.1", + "@docusaurus/plugin-content-docs": "3.10.1", + "@docusaurus/plugin-content-pages": "3.10.1", + "@docusaurus/plugin-css-cascade-layers": "3.10.1", + "@docusaurus/plugin-debug": "3.10.1", + "@docusaurus/plugin-google-analytics": "3.10.1", + "@docusaurus/plugin-google-gtag": "3.10.1", + "@docusaurus/plugin-google-tag-manager": "3.10.1", + "@docusaurus/plugin-sitemap": "3.10.1", + "@docusaurus/plugin-svgr": "3.10.1", + "@docusaurus/theme-classic": "3.10.1", + "@docusaurus/theme-common": "3.10.1", + "@docusaurus/theme-search-algolia": "3.10.1", + "@docusaurus/types": "3.10.1" }, "engines": { "node": ">=20.0" @@ -3835,26 +3909,27 @@ } }, "node_modules/@docusaurus/theme-classic": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/theme-classic/-/theme-classic-3.9.2.tgz", - "integrity": "sha512-IGUsArG5hhekXd7RDb11v94ycpJpFdJPkLnt10fFQWOVxAtq5/D7hT6lzc2fhyQKaaCE62qVajOMKL7OiAFAIA==", - "license": "MIT", - "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/mdx-loader": "3.9.2", - "@docusaurus/module-type-aliases": "3.9.2", - "@docusaurus/plugin-content-blog": "3.9.2", - "@docusaurus/plugin-content-docs": "3.9.2", - "@docusaurus/plugin-content-pages": "3.9.2", - "@docusaurus/theme-common": "3.9.2", - "@docusaurus/theme-translations": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/theme-classic/-/theme-classic-3.10.1.tgz", + "integrity": "sha512-VU1RK0qb2pab0si4r7HFK37cYco8VzqLj3u1PspVipSr/z/GPVKHO4/HXbnePqHoWDk8urjyGSeatH0NIMBM1A==", + "license": "MIT", + "dependencies": { + "@docusaurus/core": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/mdx-loader": "3.10.1", + "@docusaurus/module-type-aliases": "3.10.1", + "@docusaurus/plugin-content-blog": "3.10.1", + "@docusaurus/plugin-content-docs": "3.10.1", + "@docusaurus/plugin-content-pages": "3.10.1", + "@docusaurus/theme-common": "3.10.1", + "@docusaurus/theme-translations": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "@mdx-js/react": "^3.0.0", "clsx": "^2.0.0", + "copy-text-to-clipboard": "^3.2.0", "infima": "0.2.0-alpha.45", "lodash": "^4.17.21", "nprogress": "^0.2.0", @@ -3875,15 +3950,15 @@ } }, "node_modules/@docusaurus/theme-common": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/theme-common/-/theme-common-3.9.2.tgz", - "integrity": "sha512-6c4DAbR6n6nPbnZhY2V3tzpnKnGL+6aOsLvFL26VRqhlczli9eWG0VDUNoCQEPnGwDMhPS42UhSAnz5pThm5Ag==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/theme-common/-/theme-common-3.10.1.tgz", + "integrity": "sha512-0YtmIeoNo1fIw65LO8+/1dPgmDV86UmhMkow37gzjytuiCSQm9xob6PJy0L4kuQEMTLfUOGvkXvZr7GPrHquMA==", "license": "MIT", "dependencies": { - "@docusaurus/mdx-loader": "3.9.2", - "@docusaurus/module-type-aliases": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", + "@docusaurus/mdx-loader": "3.10.1", + "@docusaurus/module-type-aliases": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", "@types/history": "^4.7.11", "@types/react": "*", "@types/react-router-config": "*", @@ -3903,15 +3978,15 @@ } }, "node_modules/@docusaurus/theme-live-codeblock": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/theme-live-codeblock/-/theme-live-codeblock-3.9.2.tgz", - "integrity": "sha512-cgxxZh18dI5Q4iV0GLmwqXtgZbTLOnb0TYgZRiUh0mnIGbuNWFUhUYXXl5owKbDfIXFdFAiI/owJKM83howEAw==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/theme-live-codeblock/-/theme-live-codeblock-3.10.1.tgz", + "integrity": "sha512-MKG/0zreelS6YlupQAoKmS5nCw9RRKwDHihJg2FinsU1+rqbrOYNYVq//eQy+m649k9b8XCazEw9VUMTFhpCTg==", "license": "MIT", "dependencies": { - "@docusaurus/core": "3.9.2", - "@docusaurus/theme-common": "3.9.2", - "@docusaurus/theme-translations": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/theme-common": "3.10.1", + "@docusaurus/theme-translations": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "@philpl/buble": "^0.19.7", "clsx": "^2.0.0", "fs-extra": "^11.1.1", @@ -3927,19 +4002,20 @@ } }, "node_modules/@docusaurus/theme-search-algolia": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/theme-search-algolia/-/theme-search-algolia-3.9.2.tgz", - "integrity": "sha512-GBDSFNwjnh5/LdkxCKQHkgO2pIMX1447BxYUBG2wBiajS21uj64a+gH/qlbQjDLxmGrbrllBrtJkUHxIsiwRnw==", - "license": "MIT", - "dependencies": { - "@docsearch/react": "^3.9.0 || ^4.1.0", - "@docusaurus/core": "3.9.2", - "@docusaurus/logger": "3.9.2", - "@docusaurus/plugin-content-docs": "3.9.2", - "@docusaurus/theme-common": "3.9.2", - "@docusaurus/theme-translations": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-validation": "3.9.2", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/theme-search-algolia/-/theme-search-algolia-3.10.1.tgz", + "integrity": "sha512-OTaARARVZj2GvkJQjB+1jOIxntRaXea+G+fMsNqrZBAU1O1vJKDW22R7kECOHW27oJCLFN9HKaZeRrfAUyviug==", + "license": "MIT", + "dependencies": { + "@algolia/autocomplete-core": "^1.19.2", + "@docsearch/react": "^3.9.0 || ^4.3.2", + "@docusaurus/core": "3.10.1", + "@docusaurus/logger": "3.10.1", + "@docusaurus/plugin-content-docs": "3.10.1", + "@docusaurus/theme-common": "3.10.1", + "@docusaurus/theme-translations": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-validation": "3.10.1", "algoliasearch": "^5.37.0", "algoliasearch-helper": "^3.26.0", "clsx": "^2.0.0", @@ -3958,9 +4034,9 @@ } }, "node_modules/@docusaurus/theme-translations": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/theme-translations/-/theme-translations-3.9.2.tgz", - "integrity": "sha512-vIryvpP18ON9T9rjgMRFLr2xJVDpw1rtagEGf8Ccce4CkTrvM/fRB8N2nyWYOW5u3DdjkwKw5fBa+3tbn9P4PA==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/theme-translations/-/theme-translations-3.10.1.tgz", + "integrity": "sha512-cLMyaKivjBVWKMJuWqyFVVgtqe8DPJNPkog0bn8W1MDVAKcPdxRFycBfC1We1RaNp7Rdk513bmtW78RR6OBxBw==", "license": "MIT", "dependencies": { "fs-extra": "^11.1.1", @@ -3971,16 +4047,16 @@ } }, "node_modules/@docusaurus/tsconfig": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/tsconfig/-/tsconfig-3.9.2.tgz", - "integrity": "sha512-j6/Fp4Rlpxsc632cnRnl5HpOWeb6ZKssDj6/XzzAzVGXXfm9Eptx3rxCC+fDzySn9fHTS+CWJjPineCR1bB5WQ==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/tsconfig/-/tsconfig-3.10.1.tgz", + "integrity": "sha512-rYvB7yqkdqWIpAbDzQljGfM4cDBkLTbhmagZBEcsyj6oPUsz47lmW2pYdN1j+7sGFgltbAmQH62xfbrij4Eh6Q==", "dev": true, "license": "MIT" }, "node_modules/@docusaurus/types": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/types/-/types-3.9.2.tgz", - "integrity": "sha512-Ux1JUNswg+EfUEmajJjyhIohKceitY/yzjRUpu04WXgvVz+fbhVC0p+R0JhvEu4ytw8zIAys2hrdpQPBHRIa8Q==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/types/-/types-3.10.1.tgz", + "integrity": "sha512-XYMK8k1szDCFMw2V+Xyen0g7Kee1sP3dtFnl7vkGkZOkeAJ/oPDQPL8iz4HBKOo/cwU8QeV6onVjMqtP+tFzsw==", "license": "MIT", "dependencies": { "@mdx-js/mdx": "^3.0.0", @@ -4013,16 +4089,16 @@ } }, "node_modules/@docusaurus/utils": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/utils/-/utils-3.9.2.tgz", - "integrity": "sha512-lBSBiRruFurFKXr5Hbsl2thmGweAPmddhF3jb99U4EMDA5L+e5Y1rAkOS07Nvrup7HUMBDrCV45meaxZnt28nQ==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/utils/-/utils-3.10.1.tgz", + "integrity": "sha512-3ojeJry9xBYdJO6qoyyzqeJFSJBVx2mXhyDzSdjwL2+URFQMf+h25gG38iswGImicK0ELjTd1EL2xzk8hf3QPw==", "license": "MIT", "dependencies": { - "@docusaurus/logger": "3.9.2", - "@docusaurus/types": "3.9.2", - "@docusaurus/utils-common": "3.9.2", + "@docusaurus/logger": "3.10.1", + "@docusaurus/types": "3.10.1", + "@docusaurus/utils-common": "3.10.1", "escape-string-regexp": "^4.0.0", - "execa": "5.1.1", + "execa": "^5.1.1", "file-loader": "^6.2.0", "fs-extra": "^11.1.1", "github-slugger": "^1.5.0", @@ -4045,12 +4121,12 @@ } }, "node_modules/@docusaurus/utils-common": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/utils-common/-/utils-common-3.9.2.tgz", - "integrity": "sha512-I53UC1QctruA6SWLvbjbhCpAw7+X7PePoe5pYcwTOEXD/PxeP8LnECAhTHHwWCblyUX5bMi4QLRkxvyZ+IT8Aw==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/utils-common/-/utils-common-3.10.1.tgz", + "integrity": "sha512-5mFSgEADtnFxFH7RLw02QA5MpU5JVUCj0MPeIvi/aF4Fi45tQRIuTwXoXDqJ+1VfQJuYJGz3SI63wmGz4HvXzA==", "license": "MIT", "dependencies": { - "@docusaurus/types": "3.9.2", + "@docusaurus/types": "3.10.1", "tslib": "^2.6.0" }, "engines": { @@ -4058,14 +4134,14 @@ } }, "node_modules/@docusaurus/utils-validation": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@docusaurus/utils-validation/-/utils-validation-3.9.2.tgz", - "integrity": "sha512-l7yk3X5VnNmATbwijJkexdhulNsQaNDwoagiwujXoxFbWLcxHQqNQ+c/IAlzrfMMOfa/8xSBZ7KEKDesE/2J7A==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/@docusaurus/utils-validation/-/utils-validation-3.10.1.tgz", + "integrity": "sha512-cRv1X69jwaWv47waglllgZVWzeBFLhl53XT/XED/83BerVBTC5FTP8WTcVl8Z6sZOegDSwitu/wpCSPCDOT6lg==", "license": "MIT", "dependencies": { - "@docusaurus/logger": "3.9.2", - "@docusaurus/utils": "3.9.2", - "@docusaurus/utils-common": "3.9.2", + "@docusaurus/logger": "3.10.1", + "@docusaurus/utils": "3.10.1", + "@docusaurus/utils-common": "3.10.1", "fs-extra": "^11.2.0", "joi": "^17.9.2", "js-yaml": "^4.1.0", @@ -4091,27 +4167,6 @@ "@hapi/hoek": "^9.0.0" } }, - "node_modules/@isaacs/balanced-match": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz", - "integrity": "sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==", - "license": "MIT", - "engines": { - "node": "20 || >=22" - } - }, - "node_modules/@isaacs/brace-expansion": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz", - "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==", - "license": "MIT", - "dependencies": { - "@isaacs/balanced-match": "^4.0.1" - }, - "engines": { - "node": "20 || >=22" - } - }, "node_modules/@isaacs/cliui": { "version": "8.0.2", "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", @@ -4183,17 +4238,13 @@ } }, "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", + "version": "0.3.13", + "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz", + "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==", "license": "MIT", "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", + "@jridgewell/sourcemap-codec": "^1.5.0", "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" } }, "node_modules/@jridgewell/resolve-uri": { @@ -4204,15 +4255,6 @@ "node": ">=6.0.0" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "license": "MIT", - "engines": { - "node": ">=6.0.0" - } - }, "node_modules/@jridgewell/source-map": { "version": "0.3.5", "resolved": "https://registry.npmjs.org/@jridgewell/source-map/-/source-map-0.3.5.tgz", @@ -4223,14 +4265,15 @@ } }, "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==" + "version": "1.5.5", + "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz", + "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==", + "license": "MIT" }, "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "version": "0.3.31", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz", + "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==", "license": "MIT", "dependencies": { "@jridgewell/resolve-uri": "^3.1.0", @@ -4397,7 +4440,6 @@ "resolved": "https://registry.npmjs.org/@mdx-js/react/-/react-3.1.1.tgz", "integrity": "sha512-f++rKLQgUVYDAtECQ6fn/is15GkEH9+nZPM3MS0RcxVqoTfawHvDlSCH7JbMhAM6uJ32v3eXLvLmLvjGu7PTQw==", "license": "MIT", - "peer": true, "dependencies": { "@types/mdx": "^2.0.0" }, @@ -4442,15 +4484,6 @@ "node": ">= 8" } }, - "node_modules/@opentelemetry/api": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", - "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", - "license": "Apache-2.0", - "engines": { - "node": ">=8.0.0" - } - }, "node_modules/@parcel/watcher": { "version": "2.5.0", "resolved": "https://registry.npmjs.org/@parcel/watcher/-/watcher-2.5.0.tgz", @@ -4935,9 +4968,9 @@ "license": "BSD-3-Clause" }, "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", + "version": "0.27.10", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.10.tgz", + "integrity": "sha512-MTBk/3jGLNB2tVxv6uLlFh1iu64iYOQ2PbdOSK3NW8JZsmlaOh2q6sdtKowBhfw8QFLmYNzTW4/oK4uATIi6ZA==", "license": "MIT" }, "node_modules/@sindresorhus/is": { @@ -4961,12 +4994,6 @@ "micromark-util-symbol": "^1.0.1" } }, - "node_modules/@standard-schema/spec": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@standard-schema/spec/-/spec-1.0.0.tgz", - "integrity": "sha512-m2bOd0f2RT9k8QJx1JN85cZYyH1RqFBdlwtkSlf4tBDYLCiiZnv1fIIwacK6cqwXavOydf0NPToMQgpKq+dVlA==", - "license": "MIT" - }, "node_modules/@svgr/babel-plugin-add-jsx-attribute": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-add-jsx-attribute/-/babel-plugin-add-jsx-attribute-8.0.0.tgz", @@ -5126,7 +5153,6 @@ "resolved": "https://registry.npmjs.org/@svgr/core/-/core-8.1.0.tgz", "integrity": "sha512-8QqtOQT5ACVlmsvKOJNEaWmRPmcojMOzCz4Hs2BGG/toAp/K38LcsMRyLp349glq5AzJbCEeimEoxaX6v/fLrA==", "license": "MIT", - "peer": true, "dependencies": { "@babel/core": "^7.21.3", "@svgr/babel-preset": "8.1.0", @@ -5236,15 +5262,6 @@ "node": ">=14.16" } }, - "node_modules/@trysound/sax": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/@trysound/sax/-/sax-0.2.0.tgz", - "integrity": "sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA==", - "license": "ISC", - "engines": { - "node": ">=10.13.0" - } - }, "node_modules/@types/acorn": { "version": "4.0.6", "resolved": "https://registry.npmjs.org/@types/acorn/-/acorn-4.0.6.tgz", @@ -5320,9 +5337,9 @@ } }, "node_modules/@types/estree": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz", - "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz", + "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==", "license": "MIT" }, "node_modules/@types/estree-jsx": { @@ -5359,9 +5376,9 @@ } }, "node_modules/@types/gtag.js": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/@types/gtag.js/-/gtag.js-0.0.12.tgz", - "integrity": "sha512-YQV9bUsemkzG81Ea295/nF/5GijnD2Af7QhEofh7xu+kvCN6RdodgNwwGWXB5GMI3NoyvQo0odNctoH/qLMIpg==", + "version": "0.0.20", + "resolved": "https://registry.npmjs.org/@types/gtag.js/-/gtag.js-0.0.20.tgz", + "integrity": "sha512-wwAbk3SA2QeU67unN7zPxjEHmPmlXwZXZvQEpbEUQuMCRGgKyE1m6XDuTUA9b6pCGb/GqJmdfMOY5LuDjJSbbg==", "license": "MIT" }, "node_modules/@types/hast": { @@ -5459,12 +5476,12 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "24.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz", - "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==", + "version": "25.7.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz", + "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==", "license": "MIT", "dependencies": { - "undici-types": "~7.16.0" + "undici-types": "~7.21.0" } }, "node_modules/@types/node-forge": { @@ -5500,11 +5517,10 @@ "license": "MIT" }, "node_modules/@types/react": { - "version": "19.2.7", - "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.7.tgz", - "integrity": "sha512-MWtvHrGZLFttgeEj28VXHxpmwYbor/ATPYbBfSFZEIRK0ecCFLl2Qo55z52Hss+UV9CRN7trSeq1zbgx7YDWWg==", + "version": "19.2.14", + "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.14.tgz", + "integrity": "sha512-ilcTH/UniCkMdtexkoCN0bI7pMcJDvmQFPvuPvmEaYA/NSfFTAgdUSLAoVjaRJm7+6PvcM+q1zYOwS4wTYMF9w==", "license": "MIT", - "peer": true, "dependencies": { "csstype": "^3.2.2" } @@ -5617,9 +5633,9 @@ } }, "node_modules/@types/yargs": { - "version": "17.0.33", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", - "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", + "version": "17.0.35", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz", + "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==", "license": "MIT", "dependencies": { "@types/yargs-parser": "*" @@ -5636,15 +5652,6 @@ "resolved": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", "integrity": "sha512-zuVdFrMJiuCDQUMCzQaD6KL28MjnqqN8XnAqiEq9PNm/hCPTSGfrXCOfwj1ow4LFb/tNymJPwsNbVePc1xFqrQ==" }, - "node_modules/@vercel/oidc": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@vercel/oidc/-/oidc-3.0.3.tgz", - "integrity": "sha512-yNEQvPcVrK9sIe637+I0jD6leluPxzwJKx/Haw6F4H77CdDsszUn5V3o96LPziXkSNE2B83+Z3mjqGKBK/R6Gg==", - "license": "Apache-2.0", - "engines": { - "node": ">= 20" - } - }, "node_modules/@webassemblyjs/ast": { "version": "1.14.1", "resolved": "https://registry.npmjs.org/@webassemblyjs/ast/-/ast-1.14.1.tgz", @@ -5856,7 +5863,6 @@ "version": "6.4.2", "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.2.tgz", "integrity": "sha512-XtGIhXwF8YM8bJhGxG5kXgjkEuNGLTkoYqVE+KMR+aspr4KGYmKYg7yUe3KghyQ9yheNwLnjmzh/7+gfDBmHCQ==", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -5935,29 +5941,11 @@ "node": ">=8" } }, - "node_modules/ai": { - "version": "5.0.76", - "resolved": "https://registry.npmjs.org/ai/-/ai-5.0.76.tgz", - "integrity": "sha512-ZCxi1vrpyCUnDbtYrO/W8GLvyacV9689f00yshTIQ3mFFphbD7eIv40a2AOZBv3GGRA7SSRYIDnr56wcS/gyQg==", - "license": "Apache-2.0", - "dependencies": { - "@ai-sdk/gateway": "2.0.0", - "@ai-sdk/provider": "2.0.0", - "@ai-sdk/provider-utils": "3.0.12", - "@opentelemetry/api": "1.9.0" - }, - "engines": { - "node": ">=18" - }, - "peerDependencies": { - "zod": "^3.25.76 || ^4.1.8" - } - }, "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "peer": true, + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz", + "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==", + "license": "MIT", "dependencies": { "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", @@ -5987,9 +5975,9 @@ } }, "node_modules/ajv-formats/node_modules/ajv": { - "version": "8.17.1", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", - "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "version": "8.18.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.18.0.tgz", + "integrity": "sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==", "license": "MIT", "dependencies": { "fast-deep-equal": "^3.1.3", @@ -6017,35 +6005,34 @@ } }, "node_modules/algoliasearch": { - "version": "5.40.1", - "resolved": "https://registry.npmjs.org/algoliasearch/-/algoliasearch-5.40.1.tgz", - "integrity": "sha512-iUNxcXUNg9085TJx0HJLjqtDE0r1RZ0GOGrt8KNQqQT5ugu8lZsHuMUYW/e0lHhq6xBvmktU9Bw4CXP9VQeKrg==", - "license": "MIT", - "peer": true, - "dependencies": { - "@algolia/abtesting": "1.6.1", - "@algolia/client-abtesting": "5.40.1", - "@algolia/client-analytics": "5.40.1", - "@algolia/client-common": "5.40.1", - "@algolia/client-insights": "5.40.1", - "@algolia/client-personalization": "5.40.1", - "@algolia/client-query-suggestions": "5.40.1", - "@algolia/client-search": "5.40.1", - "@algolia/ingestion": "1.40.1", - "@algolia/monitoring": "1.40.1", - "@algolia/recommend": "5.40.1", - "@algolia/requester-browser-xhr": "5.40.1", - "@algolia/requester-fetch": "5.40.1", - "@algolia/requester-node-http": "5.40.1" + "version": "5.52.0", + "resolved": "https://registry.npmjs.org/algoliasearch/-/algoliasearch-5.52.0.tgz", + "integrity": "sha512-0ZzY9mjqV7gop/AH8pIBiAS8giXP7WcSiUfoFYIzYAK9QC5c37E4SIVtJVBMwlURc0/uNt2o4RcNRvdHa4CJ5w==", + "license": "MIT", + "dependencies": { + "@algolia/abtesting": "1.18.0", + "@algolia/client-abtesting": "5.52.0", + "@algolia/client-analytics": "5.52.0", + "@algolia/client-common": "5.52.0", + "@algolia/client-insights": "5.52.0", + "@algolia/client-personalization": "5.52.0", + "@algolia/client-query-suggestions": "5.52.0", + "@algolia/client-search": "5.52.0", + "@algolia/ingestion": "1.52.0", + "@algolia/monitoring": "1.52.0", + "@algolia/recommend": "5.52.0", + "@algolia/requester-browser-xhr": "5.52.0", + "@algolia/requester-fetch": "5.52.0", + "@algolia/requester-node-http": "5.52.0" }, "engines": { "node": ">= 14.0.0" } }, "node_modules/algoliasearch-helper": { - "version": "3.26.0", - "resolved": "https://registry.npmjs.org/algoliasearch-helper/-/algoliasearch-helper-3.26.0.tgz", - "integrity": "sha512-Rv2x3GXleQ3ygwhkhJubhhYGsICmShLAiqtUuJTUkr9uOCOXyF2E71LVT4XDnVffbknv8XgScP4U0Oxtgm+hIw==", + "version": "3.28.2", + "resolved": "https://registry.npmjs.org/algoliasearch-helper/-/algoliasearch-helper-3.28.2.tgz", + "integrity": "sha512-sexVcXLHrJN54+S0wXD52xV3ySeGZA5T6HMDkb84wT+3UcXCd8af/k2vU5qJTbHv7DoBb4mISJHdyQ2JOo3Aig==", "license": "MIT", "dependencies": { "@algolia/events": "^4.0.1" @@ -6080,33 +6067,6 @@ "node": ">=8" } }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "license": "MIT", - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-escapes/node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "license": "(MIT OR CC0-1.0)", - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/ansi-html-community": { "version": "0.0.8", "resolved": "https://registry.npmjs.org/ansi-html-community/-/ansi-html-community-0.0.8.tgz", @@ -6141,6 +6101,15 @@ "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, + "node_modules/ansis": { + "version": "3.17.0", + "resolved": "https://registry.npmjs.org/ansis/-/ansis-3.17.0.tgz", + "integrity": "sha512-0qWUglt9JEqLFr3w1I1pbrChn1grhaiAR2ocX1PP/flRmxgtwTzPFFFnfIlD6aMOLQZgSuCRlidD70lvx8yhzg==", + "license": "ISC", + "engines": { + "node": ">=14" + } + }, "node_modules/any-promise": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz", @@ -6209,9 +6178,9 @@ } }, "node_modules/autoprefixer": { - "version": "10.4.21", - "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.21.tgz", - "integrity": "sha512-O+A6LWV5LDHSJD3LjHYoNi4VLsj/Whi7k6zG12xTYaU4cQ8oxQGckXNX8cRHK5yOZ/ppVHe0ZBXGzSV9jXdVbQ==", + "version": "10.5.0", + "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.5.0.tgz", + "integrity": "sha512-FMhOoZV4+qR6aTUALKX2rEqGG+oyATvwBt9IIzVR5rMa2HRWPkxf+P+PAJLD1I/H5/II+HuZcBJYEFBpq39ong==", "funding": [ { "type": "opencollective", @@ -6228,10 +6197,9 @@ ], "license": "MIT", "dependencies": { - "browserslist": "^4.24.4", - "caniuse-lite": "^1.0.30001702", - "fraction.js": "^4.3.7", - "normalize-range": "^0.1.2", + "browserslist": "^4.28.2", + "caniuse-lite": "^1.0.30001787", + "fraction.js": "^5.3.4", "picocolors": "^1.1.1", "postcss-value-parser": "^4.2.0" }, @@ -6335,12 +6303,15 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" }, "node_modules/baseline-browser-mapping": { - "version": "2.8.9", - "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.8.9.tgz", - "integrity": "sha512-hY/u2lxLrbecMEWSB0IpGzGyDyeoMFQhCvZd2jGFSE5I17Fh01sYUBPCJtkWERw7zrac9+cIghxm/ytJa2X8iA==", + "version": "2.10.18", + "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.10.18.tgz", + "integrity": "sha512-VSnGQAOLtP5mib/DPyg2/t+Tlv65NTBz83BJBJvmLVHHuKJVaDOBvJJykiT5TR++em5nfAySPccDZDa4oSrn8A==", "license": "Apache-2.0", "bin": { - "baseline-browser-mapping": "dist/cli.js" + "baseline-browser-mapping": "dist/cli.cjs" + }, + "engines": { + "node": ">=6.0.0" } }, "node_modules/batch": { @@ -6380,23 +6351,23 @@ } }, "node_modules/body-parser": { - "version": "1.20.3", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", - "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", + "version": "1.20.4", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.4.tgz", + "integrity": "sha512-ZTgYYLMOXY9qKU/57FAo8F+HA2dGX7bqGc71txDRC1rS4frdFI5R7NhluHxH6M0YItAP0sHB4uqAOcYKxO6uGA==", "license": "MIT", "dependencies": { - "bytes": "3.1.2", + "bytes": "~3.1.2", "content-type": "~1.0.5", "debug": "2.6.9", "depd": "2.0.0", - "destroy": "1.2.0", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "on-finished": "2.4.1", - "qs": "6.13.0", - "raw-body": "2.5.2", + "destroy": "~1.2.0", + "http-errors": "~2.0.1", + "iconv-lite": "~0.4.24", + "on-finished": "~2.4.1", + "qs": "~6.14.0", + "raw-body": "~2.5.3", "type-is": "~1.6.18", - "unpipe": "1.0.0" + "unpipe": "~1.0.0" }, "engines": { "node": ">= 0.8", @@ -6421,12 +6392,41 @@ "ms": "2.0.0" } }, + "node_modules/body-parser/node_modules/http-errors": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz", + "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==", + "license": "MIT", + "dependencies": { + "depd": "~2.0.0", + "inherits": "~2.0.4", + "setprototypeof": "~1.2.0", + "statuses": "~2.0.2", + "toidentifier": "~1.0.1" + }, + "engines": { + "node": ">= 0.8" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" + } + }, "node_modules/body-parser/node_modules/ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "license": "MIT" }, + "node_modules/body-parser/node_modules/statuses": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz", + "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==", + "license": "MIT", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/bonjour-service": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/bonjour-service/-/bonjour-service-1.3.0.tgz", @@ -6464,9 +6464,9 @@ } }, "node_modules/brace-expansion": { - "version": "1.1.12", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", - "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.13.tgz", + "integrity": "sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==", "license": "MIT", "dependencies": { "balanced-match": "^1.0.0", @@ -6485,9 +6485,9 @@ } }, "node_modules/browserslist": { - "version": "4.26.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.26.2.tgz", - "integrity": "sha512-ECFzp6uFOSB+dcZ5BK/IBaGWssbSYBHvuMeMt3MMFyhI0Z8SqGgEkBLARgpRH3hutIgPVsALcMwbDrJqPxQ65A==", + "version": "4.28.2", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.28.2.tgz", + "integrity": "sha512-48xSriZYYg+8qXna9kwqjIVzuQxi+KYWp2+5nCYnYKPTr0LvD89Jqk2Or5ogxz0NUMfIjhh2lIUX/LyX9B4oIg==", "funding": [ { "type": "opencollective", @@ -6503,13 +6503,12 @@ } ], "license": "MIT", - "peer": true, "dependencies": { - "baseline-browser-mapping": "^2.8.3", - "caniuse-lite": "^1.0.30001741", - "electron-to-chromium": "^1.5.218", - "node-releases": "^2.0.21", - "update-browserslist-db": "^1.1.3" + "baseline-browser-mapping": "^2.10.12", + "caniuse-lite": "^1.0.30001782", + "electron-to-chromium": "^1.5.328", + "node-releases": "^2.0.36", + "update-browserslist-db": "^1.2.3" }, "bin": { "browserslist": "cli.js" @@ -6572,14 +6571,14 @@ } }, "node_modules/call-bind": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.8.tgz", - "integrity": "sha512-oKlSFMcMwpUg2ednkhQ454wfWiU/ul3CkJe/PEHcTKuiX6RpbehUiFMXu13HalGZxfUwCQzZG747YXBn1im9ww==", + "version": "1.0.9", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.9.tgz", + "integrity": "sha512-a/hy+pNsFUTR+Iz8TCJvXudKVLAnz/DyeSUo10I5yvFDQJBFU2s9uqQpoSrJlroHUKoKqzg+epxyP9lqFdzfBQ==", "license": "MIT", "dependencies": { - "call-bind-apply-helpers": "^1.0.0", - "es-define-property": "^1.0.0", - "get-intrinsic": "^1.2.4", + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "get-intrinsic": "^1.3.0", "set-function-length": "^1.2.2" }, "engines": { @@ -6659,9 +6658,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001745", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001745.tgz", - "integrity": "sha512-ywt6i8FzvdgrrrGbr1jZVObnVv6adj+0if2/omv9cmR2oiZs30zL4DIyaptKcbOrBdOIc74QTMoJvSE2QHh5UQ==", + "version": "1.0.30001788", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001788.tgz", + "integrity": "sha512-6q8HFp+lOQtcf7wBK+uEenxymVWkGKkjFpCvw5W25cmMwEDU45p1xQFBQv8JDlMMry7eNxyBaR+qxgmTUZkIRQ==", "funding": [ { "type": "opencollective", @@ -7172,6 +7171,18 @@ "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==", "license": "MIT" }, + "node_modules/copy-text-to-clipboard": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/copy-text-to-clipboard/-/copy-text-to-clipboard-3.2.2.tgz", + "integrity": "sha512-T6SqyLd1iLuqPA90J5N4cTalrtovCySh58iiZDGJ6FGznbclKh4UI+FGacQSgFzwKG77W7XT5gwbVEbd9cIH1A==", + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/copy-webpack-plugin": { "version": "11.0.0", "resolved": "https://registry.npmjs.org/copy-webpack-plugin/-/copy-webpack-plugin-11.0.0.tgz", @@ -7262,17 +7273,6 @@ "url": "https://opencollective.com/core-js" } }, - "node_modules/core-js-pure": { - "version": "3.46.0", - "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.46.0.tgz", - "integrity": "sha512-NMCW30bHNofuhwLhYPt66OLOKTMbOhgTTatKVbaQC3KRHpTCiRIBYvtshr+NBYSnBxwAFhjW/RfJ0XbIjS16rw==", - "hasInstallScript": true, - "license": "MIT", - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/core-js" - } - }, "node_modules/core-util-is": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", @@ -7369,9 +7369,9 @@ } }, "node_modules/css-blank-pseudo/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -7382,9 +7382,9 @@ } }, "node_modules/css-declaration-sorter": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/css-declaration-sorter/-/css-declaration-sorter-7.3.0.tgz", - "integrity": "sha512-LQF6N/3vkAMYF4xoHLJfG718HRJh34Z8BnNhd6bosOMIVjMlhuZK5++oZa3uYAgrI5+7x2o27gUqTR2U/KjUOQ==", + "version": "7.4.0", + "resolved": "https://registry.npmjs.org/css-declaration-sorter/-/css-declaration-sorter-7.4.0.tgz", + "integrity": "sha512-LTuzjPoyA2vMGKKcaOqKSp7Ub2eGrNfKiZH4LpezxpNrsICGCSFvsQOI29psISxNZtaXibkC2CXzrQ5enMeGGw==", "license": "ISC", "engines": { "node": "^14 || ^16 || >=18" @@ -7443,11 +7443,10 @@ } }, "node_modules/css-has-pseudo/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -7603,9 +7602,9 @@ } }, "node_modules/cssdb": { - "version": "8.4.2", - "resolved": "https://registry.npmjs.org/cssdb/-/cssdb-8.4.2.tgz", - "integrity": "sha512-PzjkRkRUS+IHDJohtxkIczlxPPZqRo0nXplsYXOMBRPjcVRjj1W4DfvRgshUYTVuUigU7ptVYkFJQ7abUB0nyg==", + "version": "8.8.0", + "resolved": "https://registry.npmjs.org/cssdb/-/cssdb-8.8.0.tgz", + "integrity": "sha512-QbLeyz2Bgso1iRlh7IpWk6OKa3lLNGXsujVjDMPl9rOZpxKeiG69icLpbLCFxeURwmcdIfZqQyhlooKJYM4f8Q==", "funding": [ { "type": "opencollective", @@ -8311,9 +8310,9 @@ "license": "MIT" }, "node_modules/electron-to-chromium": { - "version": "1.5.227", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.227.tgz", - "integrity": "sha512-ITxuoPfJu3lsNWUi2lBM2PaBPYgH3uqmxut5vmBxgYvyI4AlJ6P3Cai1O76mOrkJCBzq0IxWg/NtqOrpu/0gKA==", + "version": "1.5.336", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.336.tgz", + "integrity": "sha512-AbH9q9J455r/nLmdNZes0G0ZKcRX73FicwowalLs6ijwOmCJSRRrLX63lcAlzy9ux3dWK1w1+1nsBJEWN11hcQ==", "license": "ISC" }, "node_modules/emoji-regex": { @@ -8353,13 +8352,13 @@ } }, "node_modules/enhanced-resolve": { - "version": "5.17.1", - "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.17.1.tgz", - "integrity": "sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==", + "version": "5.19.0", + "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.19.0.tgz", + "integrity": "sha512-phv3E1Xl4tQOShqSte26C7Fl84EwUdZsyOuSSk9qtAGyyQs2s3jJzComh+Abf4g187lUUAvH+H26omrqia2aGg==", "license": "MIT", "dependencies": { "graceful-fs": "^4.2.4", - "tapable": "^2.2.0" + "tapable": "^2.3.0" }, "engines": { "node": ">=10.13.0" @@ -8403,9 +8402,10 @@ } }, "node_modules/es-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.4.1.tgz", - "integrity": "sha512-cXLGjP0c4T3flZJKQSuziYoq7MlT+rnvfZjfp7h+I7K9BNX54kP9nyWvdbwjQ4u1iWbOL4u96fgeZLToQlZC7w==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-2.0.0.tgz", + "integrity": "sha512-5POEcUuZybH7IdmGsD8wlf0AI55wMecM9rVBTI/qEAy2c1kTOm3DjFYjrBdI2K3BaJjJYfYFeRtM0t9ssnRuxw==", + "license": "MIT" }, "node_modules/es-object-atoms": { "version": "1.1.1", @@ -8686,15 +8686,6 @@ "node": ">=0.8.x" } }, - "node_modules/eventsource-parser": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/eventsource-parser/-/eventsource-parser-3.0.6.tgz", - "integrity": "sha512-Vo1ab+QXPzZ4tCa8SwIHJFaSzy4R6SHf7BY79rFBDf0idraZWAkYrDjDj8uWaSm3S2TK+hJ7/t1CEmZ7jXw+pg==", - "license": "MIT", - "engines": { - "node": ">=18.0.0" - } - }, "node_modules/execa": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", @@ -8718,39 +8709,39 @@ } }, "node_modules/express": { - "version": "4.21.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", - "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", + "version": "4.22.1", + "resolved": "https://registry.npmjs.org/express/-/express-4.22.1.tgz", + "integrity": "sha512-F2X8g9P1X7uCPZMA3MVf9wcTqlyNp7IhH5qPCI0izhaOIYXaW9L535tGA3qmjRzpH+bZczqq7hVKxTR4NWnu+g==", "license": "MIT", "dependencies": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.3", - "content-disposition": "0.5.4", + "body-parser": "~1.20.3", + "content-disposition": "~0.5.4", "content-type": "~1.0.4", - "cookie": "0.7.1", - "cookie-signature": "1.0.6", + "cookie": "~0.7.1", + "cookie-signature": "~1.0.6", "debug": "2.6.9", "depd": "2.0.0", "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "etag": "~1.8.1", - "finalhandler": "1.3.1", - "fresh": "0.5.2", - "http-errors": "2.0.0", + "finalhandler": "~1.3.1", + "fresh": "~0.5.2", + "http-errors": "~2.0.0", "merge-descriptors": "1.0.3", "methods": "~1.1.2", - "on-finished": "2.4.1", + "on-finished": "~2.4.1", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.12", + "path-to-regexp": "~0.1.12", "proxy-addr": "~2.0.7", - "qs": "6.13.0", + "qs": "~6.14.0", "range-parser": "~1.2.1", "safe-buffer": "5.2.1", - "send": "0.19.0", - "serve-static": "1.16.2", + "send": "~0.19.0", + "serve-static": "~1.16.2", "setprototypeof": "1.2.0", - "statuses": "2.0.1", + "statuses": "~2.0.1", "type-is": "~1.6.18", "utils-merge": "1.0.1", "vary": "~1.1.2" @@ -8791,9 +8782,9 @@ "license": "MIT" }, "node_modules/express/node_modules/path-to-regexp": { - "version": "0.1.12", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz", - "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==", + "version": "0.1.13", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.13.tgz", + "integrity": "sha512-A/AGNMFN3c8bOlvV9RreMdrv7jsmF9XIfDeCd87+I8RNg6s78BhJxMu69NEMHBSJFxKidViTEdruRwEk/WIKqA==", "license": "MIT" }, "node_modules/express/node_modules/range-parser": { @@ -8848,9 +8839,9 @@ "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" }, "node_modules/fast-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz", - "integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz", + "integrity": "sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==", "funding": [ { "type": "github", @@ -8929,30 +8920,6 @@ "node": "^12.20 || >= 14.13" } }, - "node_modules/figures": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", - "integrity": "sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg==", - "license": "MIT", - "dependencies": { - "escape-string-regexp": "^1.0.5" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/figures/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "license": "MIT", - "engines": { - "node": ">=0.8.0" - } - }, "node_modules/file-loader": { "version": "6.2.0", "resolved": "https://registry.npmjs.org/file-loader/-/file-loader-6.2.0.tgz", @@ -9077,9 +9044,9 @@ } }, "node_modules/follow-redirects": { - "version": "1.15.11", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz", - "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==", + "version": "1.16.0", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.16.0.tgz", + "integrity": "sha512-y5rN/uOsadFT/JfYwhxRS5R7Qce+g3zG97+JrtFZlC9klX/W5hD7iiLzScI4nZqUS7DNUdhPgw4xI8W2LuXlUw==", "funding": [ { "type": "individual", @@ -9160,15 +9127,15 @@ } }, "node_modules/fraction.js": { - "version": "4.3.7", - "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.3.7.tgz", - "integrity": "sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==", + "version": "5.3.4", + "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-5.3.4.tgz", + "integrity": "sha512-1X1NTtiJphryn/uLQz3whtY6jK3fTqoE3ohKs0tT+Ujr1W59oopxmoEh7Lu5p6vBaPbgoM0bzveAW4Qi5RyWDQ==", "license": "MIT", "engines": { "node": "*" }, "funding": { - "type": "patreon", + "type": "github", "url": "https://github.com/sponsors/rawify" } }, @@ -9328,12 +9295,12 @@ "license": "ISC" }, "node_modules/glob": { - "version": "13.0.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-13.0.0.tgz", - "integrity": "sha512-tvZgpqk6fz4BaNZ66ZsRaZnbHvP/jG3uKJvAZOwEVUL4RTA5nJeeLYfyN9/VA8NX/V3IBG+hkeuGpKjvELkVhA==", + "version": "13.0.4", + "resolved": "https://registry.npmjs.org/glob/-/glob-13.0.4.tgz", + "integrity": "sha512-KACie1EOs9BIOMtenFaxwmYODWA3/fTfGSUnLhMJpXRntu1g+uL/Xvub5f8SCTppvo9q62Qy4LeOoUiaL54G5A==", "license": "BlueOak-1.0.0", "dependencies": { - "minimatch": "^10.1.1", + "minimatch": "^10.2.1", "minipass": "^7.1.2", "path-scurry": "^2.0.0" }, @@ -9377,25 +9344,49 @@ "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==", "license": "BSD-2-Clause" }, + "node_modules/glob/node_modules/balanced-match": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.2.tgz", + "integrity": "sha512-x0K50QvKQ97fdEz2kPehIerj+YTeptKF9hyYkKf6egnwmMWAkADiO0QCzSp0R5xN8FTZgYaBfSaue46Ej62nMg==", + "license": "MIT", + "dependencies": { + "jackspeak": "^4.2.3" + }, + "engines": { + "node": "20 || >=22" + } + }, + "node_modules/glob/node_modules/brace-expansion": { + "version": "5.0.5", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz", + "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==", + "license": "MIT", + "dependencies": { + "balanced-match": "^4.0.2" + }, + "engines": { + "node": "18 || 20 || >=22" + } + }, "node_modules/glob/node_modules/lru-cache": { - "version": "11.2.2", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.2.tgz", - "integrity": "sha512-F9ODfyqML2coTIsQpSkRHnLSZMtkU8Q+mSfcaIyKwy58u+8k5nvAYeiNhsyMARvzNcXJ9QfWVrcPsC9e9rAxtg==", - "license": "ISC", + "version": "11.2.6", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.6.tgz", + "integrity": "sha512-ESL2CrkS/2wTPfuend7Zhkzo2u0daGJ/A2VucJOgQ/C48S/zB8MMeMHSGKYpXhIjbPxfuezITkaBH1wqv00DDQ==", + "license": "BlueOak-1.0.0", "engines": { "node": "20 || >=22" } }, "node_modules/glob/node_modules/minimatch": { - "version": "10.1.1", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.1.1.tgz", - "integrity": "sha512-enIvLvRAFZYXJzkCYG5RKmPfrFArdLv+R+lbQ53BmIMLIry74bjKzX6iHAm8WYamJkhSSEabrWN5D97XnKObjQ==", + "version": "10.2.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz", + "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==", "license": "BlueOak-1.0.0", "dependencies": { - "@isaacs/brace-expansion": "^5.0.0" + "brace-expansion": "^5.0.2" }, "engines": { - "node": "20 || >=22" + "node": "18 || 20 || >=22" }, "funding": { "url": "https://github.com/sponsors/isaacs" @@ -10361,9 +10352,10 @@ "license": "MIT" }, "node_modules/immutable": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/immutable/-/immutable-5.0.3.tgz", - "integrity": "sha512-P8IdPQHq3lA1xVeBRi5VPqUm5HDgKnx0Ru51wZz5mjxHr5n3RWhjIpOFU7ybkUxfB+5IToy+OLaHYDBIWsv+uw==" + "version": "5.1.5", + "resolved": "https://registry.npmjs.org/immutable/-/immutable-5.1.5.tgz", + "integrity": "sha512-t7xcm2siw+hlUM68I+UEOK+z84RzmN59as9DZ7P1l0994DKUWV7UXBMQZVxaoMSRQ+PBZbHCOoBt7a2wxOMt+A==", + "license": "MIT" }, "node_modules/import-fresh": { "version": "3.3.0", @@ -10790,6 +10782,30 @@ "node": ">=0.10.0" } }, + "node_modules/jackspeak": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.2.3.tgz", + "integrity": "sha512-ykkVRwrYvFm1nb2AJfKKYPr0emF6IiXDYUaFx4Zn9ZuIH7MrzEZ3sD5RlqGXNRpHtvUHJyOnCEFxOlNDtGo7wg==", + "license": "BlueOak-1.0.0", + "dependencies": { + "@isaacs/cliui": "^9.0.0" + }, + "engines": { + "node": "20 || >=22" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/jackspeak/node_modules/@isaacs/cliui": { + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-9.0.0.tgz", + "integrity": "sha512-AokJm4tuBHillT+FpMtxQ60n8ObyXBatq7jD2/JA9dxbDDokKQm8KMht5ibGzLVU9IJDIKK4TPKgMHEYMn3lMg==", + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=18" + } + }, "node_modules/jest-util": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", @@ -10898,12 +10914,6 @@ "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "license": "(AFL-2.1 OR BSD-3-Clause)" - }, "node_modules/json-schema-traverse": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", @@ -11005,11 +11015,16 @@ "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==" }, "node_modules/loader-runner": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/loader-runner/-/loader-runner-4.3.0.tgz", - "integrity": "sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/loader-runner/-/loader-runner-4.3.1.tgz", + "integrity": "sha512-IWqP2SCPhyVFTBtRcgMHdzlf9ul25NwaFx4wCEH/KjAXuuHY4yNjvPXsBokp8jCB936PyWRaPKUNh8NvylLp2Q==", + "license": "MIT", "engines": { "node": ">=6.11.5" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/webpack" } }, "node_modules/loader-utils": { @@ -11041,9 +11056,10 @@ } }, "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "version": "4.18.1", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz", + "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==", + "license": "MIT" }, "node_modules/lodash.debounce": { "version": "4.0.8", @@ -11158,18 +11174,6 @@ "url": "https://github.com/sponsors/wooorm" } }, - "node_modules/marked": { - "version": "16.4.1", - "resolved": "https://registry.npmjs.org/marked/-/marked-16.4.1.tgz", - "integrity": "sha512-ntROs7RaN3EvWfy3EZi14H4YxmT6A5YvywfhO+0pm+cH/dnSQRmdAmoFIc3B9aiwTehyk7pESH4ofyBY+V5hZg==", - "license": "MIT", - "bin": { - "marked": "bin/marked.js" - }, - "engines": { - "node": ">= 20" - } - }, "node_modules/math-intrinsics": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", @@ -13462,9 +13466,9 @@ } }, "node_modules/mini-css-extract-plugin": { - "version": "2.9.4", - "resolved": "https://registry.npmjs.org/mini-css-extract-plugin/-/mini-css-extract-plugin-2.9.4.tgz", - "integrity": "sha512-ZWYT7ln73Hptxqxk2DxPU9MmapXRhxkJD6tkSR04dnQxm8BGu2hzgKLugK5yySD97u/8yy7Ma7E76k9ZdvtjkQ==", + "version": "2.10.2", + "resolved": "https://registry.npmjs.org/mini-css-extract-plugin/-/mini-css-extract-plugin-2.10.2.tgz", + "integrity": "sha512-AOSS0IdEB95ayVkxn5oGzNQwqAi2J0Jb/kKm43t7H73s8+f5873g0yuj0PNvK4dO75mu5DHg4nlgp4k6Kga8eg==", "license": "MIT", "dependencies": { "schema-utils": "^4.0.0", @@ -13488,9 +13492,10 @@ "license": "ISC" }, "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz", + "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==", + "license": "ISC", "dependencies": { "brace-expansion": "^1.1.7" }, @@ -13668,18 +13673,18 @@ } }, "node_modules/node-forge": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.2.tgz", - "integrity": "sha512-6xKiQ+cph9KImrRh0VsjH2d8/GXA4FIMlgU4B757iI1ApvcyA9VlouP0yZJha01V+huImO+kKMU7ih+2+E14fw==", + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.4.0.tgz", + "integrity": "sha512-LarFH0+6VfriEhqMMcLX2F7SwSXeWwnEAJEsYm5QKWchiVYVvJyV9v7UDvUv+w5HO23ZpQTXDv/GxdDdMyOuoQ==", "license": "(BSD-3-Clause OR GPL-2.0)", "engines": { "node": ">= 6.13.0" } }, "node_modules/node-releases": { - "version": "2.0.21", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.21.tgz", - "integrity": "sha512-5b0pgg78U3hwXkCM8Z9b2FJdPZlr9Psr9V2gQPESdGHqbntyFJKFW4r5TeWGFzafGY3hzs1JC62VEQMbl1JFkw==", + "version": "2.0.37", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.37.tgz", + "integrity": "sha512-1h5gKZCF+pO/o3Iqt5Jp7wc9rH3eJJ0+nh/CIoiRwjRxde/hAHyLPXYN4V3CqKAbiZPSeJFSWHmJsbkicta0Eg==", "license": "MIT" }, "node_modules/nopt": { @@ -13706,15 +13711,6 @@ "node": ">=0.10.0" } }, - "node_modules/normalize-range": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/normalize-range/-/normalize-range-0.1.2.tgz", - "integrity": "sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==", - "license": "MIT", - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/normalize-url": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-8.0.1.tgz", @@ -14232,9 +14228,10 @@ "license": "ISC" }, "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz", + "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==", + "license": "MIT", "engines": { "node": ">=8.6" }, @@ -14284,7 +14281,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "nanoid": "^3.3.11", "picocolors": "^1.1.1", @@ -14320,9 +14316,9 @@ } }, "node_modules/postcss-attribute-case-insensitive/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -14564,9 +14560,9 @@ } }, "node_modules/postcss-custom-selectors/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -14602,9 +14598,9 @@ } }, "node_modules/postcss-dir-pseudo-class/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -14730,9 +14726,9 @@ } }, "node_modules/postcss-focus-visible/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -14768,9 +14764,9 @@ } }, "node_modules/postcss-focus-within/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -15057,9 +15053,9 @@ } }, "node_modules/postcss-modules-local-by-default/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -15085,9 +15081,9 @@ } }, "node_modules/postcss-modules-scope/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -15184,11 +15180,10 @@ } }, "node_modules/postcss-nesting/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -15428,9 +15423,9 @@ } }, "node_modules/postcss-preset-env": { - "version": "10.4.0", - "resolved": "https://registry.npmjs.org/postcss-preset-env/-/postcss-preset-env-10.4.0.tgz", - "integrity": "sha512-2kqpOthQ6JhxqQq1FSAAZGe9COQv75Aw8WbsOvQVNJ2nSevc9Yx/IKZGuZ7XJ+iOTtVon7LfO7ELRzg8AZ+sdw==", + "version": "10.6.1", + "resolved": "https://registry.npmjs.org/postcss-preset-env/-/postcss-preset-env-10.6.1.tgz", + "integrity": "sha512-yrk74d9EvY+W7+lO9Aj1QmjWY9q5NsKjK2V9drkOPZB/X6KZ0B3igKsHUYakb7oYVhnioWypQX3xGuePf89f3g==", "funding": [ { "type": "github", @@ -15468,23 +15463,27 @@ "@csstools/postcss-media-minmax": "^2.0.9", "@csstools/postcss-media-queries-aspect-ratio-number-values": "^3.0.5", "@csstools/postcss-nested-calc": "^4.0.0", - "@csstools/postcss-normalize-display-values": "^4.0.0", + "@csstools/postcss-normalize-display-values": "^4.0.1", "@csstools/postcss-oklab-function": "^4.0.12", + "@csstools/postcss-position-area-property": "^1.0.0", "@csstools/postcss-progressive-custom-properties": "^4.2.1", + "@csstools/postcss-property-rule-prelude-list": "^1.0.0", "@csstools/postcss-random-function": "^2.0.1", "@csstools/postcss-relative-color-syntax": "^3.0.12", "@csstools/postcss-scope-pseudo-class": "^4.0.1", "@csstools/postcss-sign-functions": "^1.1.4", "@csstools/postcss-stepped-value-functions": "^4.0.9", + "@csstools/postcss-syntax-descriptor-syntax-production": "^1.0.1", + "@csstools/postcss-system-ui-font-family": "^1.0.0", "@csstools/postcss-text-decoration-shorthand": "^4.0.3", "@csstools/postcss-trigonometric-functions": "^4.0.9", "@csstools/postcss-unset-value": "^4.0.0", - "autoprefixer": "^10.4.21", - "browserslist": "^4.26.0", + "autoprefixer": "^10.4.23", + "browserslist": "^4.28.1", "css-blank-pseudo": "^7.0.1", "css-has-pseudo": "^7.0.3", "css-prefers-color-scheme": "^10.0.0", - "cssdb": "^8.4.2", + "cssdb": "^8.6.0", "postcss-attribute-case-insensitive": "^7.0.1", "postcss-clamp": "^4.1.0", "postcss-color-functional-notation": "^7.0.12", @@ -15544,9 +15543,9 @@ } }, "node_modules/postcss-pseudo-class-any-link/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -15637,9 +15636,9 @@ } }, "node_modules/postcss-selector-not/node_modules/postcss-selector-parser": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", - "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz", + "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "license": "MIT", "dependencies": { "cssesc": "^3.0.0", @@ -15845,12 +15844,12 @@ } }, "node_modules/qs": { - "version": "6.13.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", - "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", + "version": "6.14.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz", + "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==", "license": "BSD-3-Clause", "dependencies": { - "side-channel": "^1.0.6" + "side-channel": "^1.1.0" }, "engines": { "node": ">=0.6" @@ -15906,15 +15905,15 @@ } }, "node_modules/raw-body": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", - "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==", + "version": "2.5.3", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.3.tgz", + "integrity": "sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==", "license": "MIT", "dependencies": { - "bytes": "3.1.2", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "unpipe": "1.0.0" + "bytes": "~3.1.2", + "http-errors": "~2.0.1", + "iconv-lite": "~0.4.24", + "unpipe": "~1.0.0" }, "engines": { "node": ">= 0.8" @@ -15929,6 +15928,35 @@ "node": ">= 0.8" } }, + "node_modules/raw-body/node_modules/http-errors": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz", + "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==", + "license": "MIT", + "dependencies": { + "depd": "~2.0.0", + "inherits": "~2.0.4", + "setprototypeof": "~1.2.0", + "statuses": "~2.0.2", + "toidentifier": "~1.0.1" + }, + "engines": { + "node": ">= 0.8" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" + } + }, + "node_modules/raw-body/node_modules/statuses": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz", + "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==", + "license": "MIT", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/rc": { "version": "1.2.8", "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", @@ -15952,26 +15980,24 @@ } }, "node_modules/react": { - "version": "19.2.1", - "resolved": "https://registry.npmjs.org/react/-/react-19.2.1.tgz", - "integrity": "sha512-DGrYcCWK7tvYMnWh79yrPHt+vdx9tY+1gPZa7nJQtO/p8bLTDaHp4dzwEhQB7pZ4Xe3ok4XKuEPrVuc+wlpkmw==", + "version": "19.2.6", + "resolved": "https://registry.npmjs.org/react/-/react-19.2.6.tgz", + "integrity": "sha512-sfWGGfavi0xr8Pg0sVsyHMAOziVYKgPLNrS7ig+ivMNb3wbCBw3KxtflsGBAwD3gYQlE/AEZsTLgToRrSCjb0Q==", "license": "MIT", - "peer": true, "engines": { "node": ">=0.10.0" } }, "node_modules/react-dom": { - "version": "19.2.1", - "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.1.tgz", - "integrity": "sha512-ibrK8llX2a4eOskq1mXKu/TGZj9qzomO+sNfO98M6d9zIPOEhlBkMkBUBLd1vgS0gQsLDBzA+8jJBVXDnfHmJg==", + "version": "19.2.6", + "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.6.tgz", + "integrity": "sha512-0prMI+hvBbPjsWnxDLxlCGyM8PN6UuWjEUCYmZhO67xIV9Xasa/r/vDnq+Xyq4Lo27g8QSbO5YzARu0D1Sps3g==", "license": "MIT", - "peer": true, "dependencies": { "scheduler": "^0.27.0" }, "peerDependencies": { - "react": "^19.2.1" + "react": "^19.2.6" } }, "node_modules/react-fast-compare": { @@ -16037,7 +16063,6 @@ "resolved": "https://registry.npmjs.org/@docusaurus/react-loadable/-/react-loadable-6.0.0.tgz", "integrity": "sha512-YMMxTUQV/QFSnbgrP3tjDzLHRg7vsbMn8e9HAa8o/1iXoiomo48b7sk/kkmWEuWNDPJVlKSJRB6Y2fHqdJk+SQ==", "license": "MIT", - "peer": true, "dependencies": { "@types/react": "*" }, @@ -16046,9 +16071,10 @@ } }, "node_modules/react-loadable-ssr-addon-v5-slorber": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/react-loadable-ssr-addon-v5-slorber/-/react-loadable-ssr-addon-v5-slorber-1.0.1.tgz", - "integrity": "sha512-lq3Lyw1lGku8zUEJPDxsNm1AfYHBrO9Y1+olAYwpUJ2IGFBskM0DMKok97A6LWUpHm+o7IvQBOWu9MLenp9Z+A==", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/react-loadable-ssr-addon-v5-slorber/-/react-loadable-ssr-addon-v5-slorber-1.0.3.tgz", + "integrity": "sha512-GXfh9VLwB5ERaCsU6RULh7tkemeX15aNh6wuMEBtfdyMa7fFG8TXrhXlx1SoEK2Ty/l6XIkzzYIQmyaWW3JgdQ==", + "license": "MIT", "dependencies": { "@babel/runtime": "^7.10.3" }, @@ -16064,7 +16090,6 @@ "version": "5.3.4", "resolved": "https://registry.npmjs.org/react-router/-/react-router-5.3.4.tgz", "integrity": "sha512-Ys9K+ppnJah3QuaRiLxk+jDWOR1MekYQrlytiXxC1RyfbdsZkS5pvKAzCCr031xHixZwpnsYNT5xysdFHQaYsA==", - "peer": true, "dependencies": { "@babel/runtime": "^7.12.13", "history": "^4.9.0", @@ -16827,12 +16852,12 @@ } }, "node_modules/rimraf": { - "version": "6.1.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-6.1.2.tgz", - "integrity": "sha512-cFCkPslJv7BAXJsYlK1dZsbP8/ZNLkCAQ0bi1hf5EKX2QHegmDFEFA6QhuYJlk7UDdc+02JjO80YSOrWPpw06g==", + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-6.1.3.tgz", + "integrity": "sha512-LKg+Cr2ZF61fkcaK1UdkH2yEBBKnYjTyWzTJT6KNPcSPaiT7HSdhtMXQuN5wkTX0Xu72KQ1l8S42rlmexS2hSA==", "license": "BlueOak-1.0.0", "dependencies": { - "glob": "^13.0.0", + "glob": "^13.0.3", "package-json-from-dist": "^1.0.1" }, "bin": { @@ -16923,14 +16948,13 @@ "license": "MIT" }, "node_modules/sass": { - "version": "1.94.2", - "resolved": "https://registry.npmjs.org/sass/-/sass-1.94.2.tgz", - "integrity": "sha512-N+7WK20/wOr7CzA2snJcUSSNTCzeCGUTFY3OgeQP3mZ1aj9NMQ0mSTXwlrnd89j33zzQJGqIN52GIOmYrfq46A==", + "version": "1.99.0", + "resolved": "https://registry.npmjs.org/sass/-/sass-1.99.0.tgz", + "integrity": "sha512-kgW13M54DUB7IsIRM5LvJkNlpH+WhMpooUcaWGFARkF1Tc82v9mIWkCbCYf+MBvpIUBSeSOTilpZjEPr2VYE6Q==", "license": "MIT", - "peer": true, "dependencies": { "chokidar": "^4.0.0", - "immutable": "^5.0.2", + "immutable": "^5.1.5", "source-map-js": ">=0.6.2 <2.0.0" }, "bin": { @@ -16944,9 +16968,9 @@ } }, "node_modules/sass-loader": { - "version": "16.0.6", - "resolved": "https://registry.npmjs.org/sass-loader/-/sass-loader-16.0.6.tgz", - "integrity": "sha512-sglGzId5gmlfxNs4gK2U3h7HlVRfx278YK6Ono5lwzuvi1jxig80YiuHkaDBVsYIKFhx8wN7XSCI0M2IDS/3qA==", + "version": "16.0.8", + "resolved": "https://registry.npmjs.org/sass-loader/-/sass-loader-16.0.8.tgz", + "integrity": "sha512-hcov4ZwZJIGbEuyNr9EmiTmZueyrxSToE6GOzoZnq5JM7ecRO7ttyvilPn+VmRsqiP16+VYZzVnGZj/hzZgKBA==", "license": "MIT", "dependencies": { "neo-async": "^2.6.2" @@ -16959,7 +16983,7 @@ "url": "https://opencollective.com/webpack" }, "peerDependencies": { - "@rspack/core": "0.x || 1.x", + "@rspack/core": "0.x || ^1.0.0 || ^2.0.0-0", "node-sass": "^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 || ^9.0.0", "sass": "^1.3.0", "sass-embedded": "*", @@ -17010,10 +17034,13 @@ } }, "node_modules/sax": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/sax/-/sax-1.4.1.tgz", - "integrity": "sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==", - "license": "ISC" + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/sax/-/sax-1.5.0.tgz", + "integrity": "sha512-21IYA3Q5cQf089Z6tgaUTr7lDAyzoTPx5HRtbhsME8Udispad8dC/+sziTNugOEx54ilvatQ9YCzl4KQLPcRHA==", + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=11.0.0" + } }, "node_modules/scheduler": { "version": "0.27.0", @@ -17028,9 +17055,9 @@ "license": "Apache-2.0" }, "node_modules/schema-utils": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.2.tgz", - "integrity": "sha512-Gn/JaSk/Mt9gYubxTtSn/QCV4em9mpAPiR1rqy/Ocu19u/G9J5WWdNoUT4SiV6mFC3y6cxyFcFwdzPM3FgxGAQ==", + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.3.tgz", + "integrity": "sha512-eflK8wEtyOE6+hsaRVPxvUKYCpRgzLqDTb8krvAsRIwOGlHoSgYLgBXoubGgLd2fT41/OUYdb48v4k4WWHQurA==", "license": "MIT", "dependencies": { "@types/json-schema": "^7.0.9", @@ -17047,11 +17074,10 @@ } }, "node_modules/schema-utils/node_modules/ajv": { - "version": "8.17.1", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", - "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "version": "8.18.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.18.0.tgz", + "integrity": "sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==", "license": "MIT", - "peer": true, "dependencies": { "fast-deep-equal": "^3.1.3", "fast-uri": "^3.0.1", @@ -17211,14 +17237,15 @@ } }, "node_modules/serve-handler": { - "version": "6.1.6", - "resolved": "https://registry.npmjs.org/serve-handler/-/serve-handler-6.1.6.tgz", - "integrity": "sha512-x5RL9Y2p5+Sh3D38Fh9i/iQ5ZK+e4xuXRd/pGbM4D13tgo/MGwbttUk8emytcr1YYzBYs+apnUngBDFYfpjPuQ==", + "version": "6.1.7", + "resolved": "https://registry.npmjs.org/serve-handler/-/serve-handler-6.1.7.tgz", + "integrity": "sha512-CinAq1xWb0vR3twAv9evEU8cNWkXCb9kd5ePAHUKJBkOsUpR1wt/CvGdeca7vqumL1U5cSaeVQ6zZMxiJ3yWsg==", + "license": "MIT", "dependencies": { "bytes": "3.0.0", "content-disposition": "0.5.2", "mime-types": "2.1.18", - "minimatch": "3.1.2", + "minimatch": "3.1.5", "path-is-inside": "1.0.2", "path-to-regexp": "3.3.0", "range-parser": "1.2.0" @@ -17489,9 +17516,9 @@ "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==" }, "node_modules/sitemap": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/sitemap/-/sitemap-7.1.2.tgz", - "integrity": "sha512-ARCqzHJ0p4gWt+j7NlU5eDlIO9+Rkr/JhPFZKKQ1l5GCus7rJH4UdrlVAh0xC/gDS/Qir2UMxqYNHtsKr2rpCw==", + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/sitemap/-/sitemap-7.1.3.tgz", + "integrity": "sha512-tAjEd+wt/YwnEbfNB2ht51ybBJxbEWwe5ki/Z//Wh0rpBFTCUSj46GnxUKEWzhfuJTsee8x3lybHxFgUMig2hw==", "license": "MIT", "dependencies": { "@types/node": "^17.0.5", @@ -17869,9 +17896,9 @@ } }, "node_modules/sucrase/node_modules/brace-expansion": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", - "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.3.tgz", + "integrity": "sha512-MCV/fYJEbqx68aE58kv2cA/kiky1G8vux3OR6/jbS+jIMe/6fJWa0DTzJU7dqijOWYwHi1t29FlfYI9uytqlpA==", "license": "MIT", "dependencies": { "balanced-match": "^1.0.0" @@ -17920,11 +17947,12 @@ } }, "node_modules/sucrase/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", + "version": "9.0.9", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz", + "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==", + "license": "ISC", "dependencies": { - "brace-expansion": "^2.0.1" + "brace-expansion": "^2.0.2" }, "engines": { "node": ">=16 || 14 >=14.17" @@ -17963,18 +17991,18 @@ "license": "MIT" }, "node_modules/svgo": { - "version": "3.3.2", - "resolved": "https://registry.npmjs.org/svgo/-/svgo-3.3.2.tgz", - "integrity": "sha512-OoohrmuUlBs8B8o6MB2Aevn+pRIH9zDALSR+6hhqVfa6fRwG/Qw9VUMSMW9VNg2CFc/MTIfabtdOVl9ODIJjpw==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/svgo/-/svgo-3.3.3.tgz", + "integrity": "sha512-+wn7I4p7YgJhHs38k2TNjy1vCfPIfLIJWR5MnCStsN8WuuTcBnRKcMHQLMM2ijxGZmDoZwNv8ipl5aTTen62ng==", "license": "MIT", "dependencies": { - "@trysound/sax": "0.2.0", "commander": "^7.2.0", "css-select": "^5.1.0", "css-tree": "^2.3.1", "css-what": "^6.1.0", "csso": "^5.0.5", - "picocolors": "^1.0.0" + "picocolors": "^1.0.0", + "sax": "^1.5.0" }, "bin": { "svgo": "bin/svgo" @@ -17996,25 +18024,17 @@ "node": ">= 10" } }, - "node_modules/swr": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/swr/-/swr-2.3.6.tgz", - "integrity": "sha512-wfHRmHWk/isGNMwlLGlZX5Gzz/uTgo0o2IRuTMcf4CPuPFJZlq0rDaKUx+ozB5nBOReNV1kiOyzMfj+MBMikLw==", - "license": "MIT", - "dependencies": { - "dequal": "^2.0.3", - "use-sync-external-store": "^1.4.0" - }, - "peerDependencies": { - "react": "^16.11.0 || ^17.0.0 || ^18.0.0 || ^19.0.0" - } - }, "node_modules/tapable": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.1.tgz", - "integrity": "sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==", + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.3.0.tgz", + "integrity": "sha512-g9ljZiwki/LfxmQADO3dEY1CbpmXT5Hm2fJ+QaGKwSXUylMybePR7/67YW7jOrrvjEgL1Fmz5kzyAjWVWLlucg==", + "license": "MIT", "engines": { "node": ">=6" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/webpack" } }, "node_modules/terser": { @@ -18036,16 +18056,16 @@ } }, "node_modules/terser-webpack-plugin": { - "version": "5.3.10", - "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.10.tgz", - "integrity": "sha512-BKFPWlPDndPs+NGGCr1U59t0XScL5317Y0UReNrHaw9/FwhPENlq6bfgs+4yPfyP51vqC1bQ4rp1EfXW5ZSH9w==", + "version": "5.3.16", + "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.16.tgz", + "integrity": "sha512-h9oBFCWrq78NyWWVcSwZarJkZ01c2AyGrzs1crmHZO3QUg9D61Wu4NPjBy69n7JqylFF5y+CsUZYmYEIZ3mR+Q==", "license": "MIT", "dependencies": { - "@jridgewell/trace-mapping": "^0.3.20", + "@jridgewell/trace-mapping": "^0.3.25", "jest-worker": "^27.4.5", - "schema-utils": "^3.1.1", - "serialize-javascript": "^6.0.1", - "terser": "^5.26.0" + "schema-utils": "^4.3.0", + "serialize-javascript": "^6.0.2", + "terser": "^5.31.1" }, "engines": { "node": ">= 10.13.0" @@ -18082,23 +18102,6 @@ "node": ">= 10.13.0" } }, - "node_modules/terser-webpack-plugin/node_modules/schema-utils": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz", - "integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==", - "dependencies": { - "@types/json-schema": "^7.0.8", - "ajv": "^6.12.5", - "ajv-keywords": "^3.5.2" - }, - "engines": { - "node": ">= 10.13.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/webpack" - } - }, "node_modules/terser-webpack-plugin/node_modules/supports-color": { "version": "8.1.1", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", @@ -18164,18 +18167,6 @@ "tslib": "^2" } }, - "node_modules/throttleit": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/throttleit/-/throttleit-2.1.0.tgz", - "integrity": "sha512-nt6AMGKW1p/70DF/hGBdJB57B8Tspmbp5gfJ8ilhLnt7kkr2ye7hzD6NVG8GGErk2HWF34igrL2CXmNIkzKqKw==", - "license": "MIT", - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/thunky": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/thunky/-/thunky-1.1.0.tgz", @@ -18336,8 +18327,7 @@ "node_modules/tslib": { "version": "2.8.1", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "peer": true + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" }, "node_modules/type-fest": { "version": "2.19.0", @@ -18393,12 +18383,11 @@ } }, "node_modules/typescript": { - "version": "5.9.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz", - "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz", + "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==", "devOptional": true, "license": "Apache-2.0", - "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -18408,9 +18397,9 @@ } }, "node_modules/undici-types": { - "version": "7.16.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", - "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", + "version": "7.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz", + "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==", "license": "MIT" }, "node_modules/unicode-canonical-property-names-ecmascript": { @@ -18612,9 +18601,9 @@ } }, "node_modules/update-browserslist-db": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.3.tgz", - "integrity": "sha512-UxhIZQ+QInVdunkDAaiazvvT/+fXL5Osr0JZlJulepYu6Jd7qJtDZjlur0emRlT71EN3ScPoE7gvsuIKKNavKw==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.3.tgz", + "integrity": "sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==", "funding": [ { "type": "opencollective", @@ -18801,15 +18790,6 @@ "react": ">= 16.8.0" } }, - "node_modules/use-sync-external-store": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.6.0.tgz", - "integrity": "sha512-Pp6GSwGP/NrPIrxVFAIkOQeyw8lFenOHijQWkUTrDvrF4ALqylP2C/KCkeS9dpUM3KvYRQhna5vt7IL95+ZQ9w==", - "license": "MIT", - "peerDependencies": { - "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0" - } - }, "node_modules/util-deprecate": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", @@ -18904,9 +18884,9 @@ } }, "node_modules/watchpack": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.2.tgz", - "integrity": "sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==", + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.5.1.tgz", + "integrity": "sha512-Zn5uXdcFNIA1+1Ei5McRd+iRzfhENPCe7LeABkJtNulSxjma+l7ltNx55BWZkRlwRnpOgHqxnjyaDgJnNXnqzg==", "license": "MIT", "dependencies": { "glob-to-regexp": "^0.4.1", @@ -18943,35 +18923,36 @@ } }, "node_modules/webpack": { - "version": "5.96.1", - "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.96.1.tgz", - "integrity": "sha512-l2LlBSvVZGhL4ZrPwyr8+37AunkcYj5qh8o6u2/2rzoPc8gxFJkLj1WxNgooi9pnoc06jh0BjuXnamM4qlujZA==", + "version": "5.105.0", + "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.105.0.tgz", + "integrity": "sha512-gX/dMkRQc7QOMzgTe6KsYFM7DxeIONQSui1s0n/0xht36HvrgbxtM1xBlgx596NbpHuQU8P7QpKwrZYwUX48nw==", "license": "MIT", - "peer": true, "dependencies": { "@types/eslint-scope": "^3.7.7", - "@types/estree": "^1.0.6", - "@webassemblyjs/ast": "^1.12.1", - "@webassemblyjs/wasm-edit": "^1.12.1", - "@webassemblyjs/wasm-parser": "^1.12.1", - "acorn": "^8.14.0", - "browserslist": "^4.24.0", + "@types/estree": "^1.0.8", + "@types/json-schema": "^7.0.15", + "@webassemblyjs/ast": "^1.14.1", + "@webassemblyjs/wasm-edit": "^1.14.1", + "@webassemblyjs/wasm-parser": "^1.14.1", + "acorn": "^8.15.0", + "acorn-import-phases": "^1.0.3", + "browserslist": "^4.28.1", "chrome-trace-event": "^1.0.2", - "enhanced-resolve": "^5.17.1", - "es-module-lexer": "^1.2.1", + "enhanced-resolve": "^5.19.0", + "es-module-lexer": "^2.0.0", "eslint-scope": "5.1.1", "events": "^3.2.0", "glob-to-regexp": "^0.4.1", "graceful-fs": "^4.2.11", "json-parse-even-better-errors": "^2.3.1", - "loader-runner": "^4.2.0", + "loader-runner": "^4.3.1", "mime-types": "^2.1.27", "neo-async": "^2.6.2", - "schema-utils": "^3.2.0", - "tapable": "^2.1.1", - "terser-webpack-plugin": "^5.3.10", - "watchpack": "^2.4.1", - "webpack-sources": "^3.2.3" + "schema-utils": "^4.3.3", + "tapable": "^2.3.0", + "terser-webpack-plugin": "^5.3.16", + "watchpack": "^2.5.1", + "webpack-sources": "^3.3.3" }, "bin": { "webpack": "bin/webpack.js" @@ -19214,17 +19195,18 @@ } }, "node_modules/webpack-sources": { - "version": "3.2.3", - "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.2.3.tgz", - "integrity": "sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.3.3.tgz", + "integrity": "sha512-yd1RBzSGanHkitROoPFd6qsrxt+oFhg/129YzheDGqeustzX0vTZJZsSsQjVQC4yzBQ56K55XU8gaNCtIzOnTg==", + "license": "MIT", "engines": { "node": ">=10.13.0" } }, "node_modules/webpack/node_modules/acorn": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz", - "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", + "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "license": "MIT", "bin": { "acorn": "bin/acorn" @@ -19233,6 +19215,18 @@ "node": ">=0.4.0" } }, + "node_modules/webpack/node_modules/acorn-import-phases": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/acorn-import-phases/-/acorn-import-phases-1.0.4.tgz", + "integrity": "sha512-wKmbr/DDiIXzEOiWrTTUcDm24kQ2vGfZQvM2fwg2vXqR5uW6aapr7ObPtj1th32b9u90/Pf4AItvdTh42fBmVQ==", + "license": "MIT", + "engines": { + "node": ">=10.13.0" + }, + "peerDependencies": { + "acorn": "^8.14.0" + } + }, "node_modules/webpack/node_modules/eslint-scope": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", @@ -19272,93 +19266,31 @@ "node": ">= 0.6" } }, - "node_modules/webpack/node_modules/schema-utils": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz", - "integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==", - "dependencies": { - "@types/json-schema": "^7.0.8", - "ajv": "^6.12.5", - "ajv-keywords": "^3.5.2" - }, - "engines": { - "node": ">= 10.13.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/webpack" - } - }, "node_modules/webpackbar": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/webpackbar/-/webpackbar-6.0.1.tgz", - "integrity": "sha512-TnErZpmuKdwWBdMoexjio3KKX6ZtoKHRVvLIU0A47R0VVBDtx3ZyOJDktgYixhoJokZTYTt1Z37OkO9pnGJa9Q==", + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/webpackbar/-/webpackbar-7.0.0.tgz", + "integrity": "sha512-aS9soqSO2iCHgqHoCrj4LbfGQUboDCYJPSFOAchEK+9psIjNrfSWW4Y0YEz67MKURNvMmfo0ycOg9d/+OOf9/Q==", "license": "MIT", "dependencies": { - "ansi-escapes": "^4.3.2", - "chalk": "^4.1.2", + "ansis": "^3.2.0", "consola": "^3.2.3", - "figures": "^3.2.0", - "markdown-table": "^2.0.0", "pretty-time": "^1.1.0", - "std-env": "^3.7.0", - "wrap-ansi": "^7.0.0" + "std-env": "^3.7.0" }, "engines": { "node": ">=14.21.3" }, "peerDependencies": { + "@rspack/core": "*", "webpack": "3 || 4 || 5" - } - }, - "node_modules/webpackbar/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "license": "MIT" - }, - "node_modules/webpackbar/node_modules/markdown-table": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/markdown-table/-/markdown-table-2.0.0.tgz", - "integrity": "sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==", - "license": "MIT", - "dependencies": { - "repeat-string": "^1.0.0" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/wooorm" - } - }, - "node_modules/webpackbar/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "license": "MIT", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" }, - "engines": { - "node": ">=8" - } - }, - "node_modules/webpackbar/node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "license": "MIT", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "peerDependenciesMeta": { + "@rspack/core": { + "optional": true + }, + "webpack": { + "optional": true + } } }, "node_modules/websocket-driver": { @@ -19634,9 +19566,9 @@ "license": "ISC" }, "node_modules/yocto-queue": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-1.2.1.tgz", - "integrity": "sha512-AyeEbWOu/TAXdxlV9wmGcR0+yh2j3vYPGOECcIj2S7MkrLyC7ne+oye2BKTItt0ii2PHk4cDy+95+LshzbXnGg==", + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-1.2.2.tgz", + "integrity": "sha512-4LCcse/U2MHZ63HAJVE+v71o7yOdIe4cZ70Wpf8D/IyjDKYQLV5GD46B+hSTjJsvV5PztjvHoU580EftxjDZFQ==", "license": "MIT", "engines": { "node": ">=12.20" @@ -19645,16 +19577,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/zod": { - "version": "4.1.12", - "resolved": "https://registry.npmjs.org/zod/-/zod-4.1.12.tgz", - "integrity": "sha512-JInaHOamG8pt5+Ey8kGmdcAcg3OL9reK8ltczgHTAwNhMys/6ThXHityHxVV2p3fkw/c+MAvBHFVYHFZDmjMCQ==", - "license": "MIT", - "peer": true, - "funding": { - "url": "https://github.com/sponsors/colinhacks" - } - }, "node_modules/zwitch": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/zwitch/-/zwitch-2.0.4.tgz", diff --git a/documentation/package.json b/documentation/package.json index 6634d834f5..ddc58e1fe3 100644 --- a/documentation/package.json +++ b/documentation/package.json @@ -19,10 +19,10 @@ "serve": "docusaurus serve" }, "dependencies": { - "@docusaurus/core": "^3.9.2", + "@docusaurus/core": "^3.10.1", "docusaurus-lunr-search": "^3.6.0", - "@docusaurus/preset-classic": "^3.9.2", - "@docusaurus/theme-live-codeblock": "^3.9.2", + "@docusaurus/preset-classic": "^3.10.1", + "@docusaurus/theme-live-codeblock": "^3.10.1", "@mdx-js/react": "^3.1.1", "clsx": "^2.1.1", "colors": "^1.4.0", @@ -31,10 +31,10 @@ "mustache": "^4.2.0", "node-fetch": "^3.1.1", "prism-react-renderer": "^2.4.1", - "react": "^19.2.1", - "react-dom": "^19.2.1", - "rimraf": "^6.1.2", - "sass": "1.94" + "react": "^19.2.6", + "react-dom": "^19.2.6", + "rimraf": "^6.1.3", + "sass": "1.99" }, "browserslist": { "production": [ @@ -50,14 +50,14 @@ }, "devDependencies": { "@docusaurus/module-type-aliases": "^3.6.0", - "@docusaurus/tsconfig": "^3.9.2", + "@docusaurus/tsconfig": "^3.10.1", "@docusaurus/types": "^3.6.0", - "@types/node": "^24.10.1", - "@types/react": "^19.2.7", + "@types/node": "^25.7.0", + "@types/react": "^19.2.14", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", - "sass-loader": "^16.0.6", - "typescript": "^5.9.3" + "sass-loader": "^16.0.8", + "typescript": "^6.0.3" }, "engines": { "node": ">=18.0" diff --git a/env-paths.mk b/env-paths.mk deleted file mode 100644 index 40ca7e6c62..0000000000 --- a/env-paths.mk +++ /dev/null @@ -1,22 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -PROJECT_DIR = $(shell pwd) -BIN_DIR = $(PROJECT_DIR)/bin -SCANNERS_DIR = $(PROJECT_DIR)/scanners -HOOKS_DIR = $(PROJECT_DIR)/hooks -DEMO_TARGETS_DIR = $(PROJECT_DIR)/demo-targets -OPERATOR_DIR = $(PROJECT_DIR)/operator -PARSER_SDK_DIR = $(PROJECT_DIR)/parser-sdk/nodejs -HOOK_SDK_DIR = $(PROJECT_DIR)/hook-sdk/nodejs -AUTO_DISCOVERY_DIR = $(PROJECT_DIR)/auto-discovery -HELM_DOCS_DIR = $(PROJECT_DIR)/.helm-docs -TEMPLATES_DIR = $(PROJECT_DIR)/.templates -TESTS_HELPERS_DIR = $(PROJECT_DIR)/tests/integration - -SCANNERS_CHART_LIST := $(sort $(wildcard $(SCANNERS_DIR)/*/Chart.yaml)) -SCANNERS_TEST_LIST := $(sort $(wildcard $(SCANNERS_DIR)/*/Makefile)) -HOOKS_CHART_LIST := $(sort $(wildcard $(HOOKS_DIR)/*/Chart.yaml)) -HOOKS_TEST_LIST := $(sort $(wildcard $(HOOKS_DIR)/*/Makefile)) -DEMO_TARGETS_CHART_LIST := $(sort $(wildcard $(DEMO_TARGETS_DIR)/*/Chart.yaml)) diff --git a/hook-sdk/nodejs/Makefile b/hook-sdk/nodejs/Makefile deleted file mode 100644 index b8f588dca2..0000000000 --- a/hook-sdk/nodejs/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -sdk = hook-sdk -include_guard = set -include ../../sdk.mk diff --git a/hook-sdk/nodejs/Taskfile.yaml b/hook-sdk/nodejs/Taskfile.yaml new file mode 100644 index 0000000000..a7492de8bb --- /dev/null +++ b/hook-sdk/nodejs/Taskfile.yaml @@ -0,0 +1,39 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.48.0" + +env: + IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +vars: + SDK_NAME: hook-sdk + +tasks: + docker-build: + desc: "Build the hook-sdk Docker image" + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + cmds: + - 'echo "Building {{ .SDK_NAME }}-nodejs image with tag ${IMG_TAG}"' + - docker build -t ${IMG_NS}/{{ .SDK_NAME }}-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }} + status: + - docker images | grep -q "${IMG_NS}/{{ .SDK_NAME }}-nodejs:${IMG_TAG}" || false + + docker-export: + desc: "Export the hook-sdk Docker image to a tar file" + deps: [docker-build] + cmds: + - 'echo "Exporting {{ .SDK_NAME }}-nodejs image to tar file"' + - docker save ${IMG_NS}/{{ .SDK_NAME }}-nodejs:${IMG_TAG} -o {{ .SDK_NAME }}.tar + + kind-import: + desc: "Import the hook-sdk Docker image into kind cluster" + deps: [docker-export] + cmds: + - 'echo "Importing {{ .SDK_NAME }}.tar to local kind cluster"' + - kind load image-archive ./{{ .SDK_NAME }}.tar diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json index 9c5d645efe..2b36c28534 100644 --- a/hook-sdk/nodejs/package-lock.json +++ b/hook-sdk/nodejs/package-lock.json @@ -66,9 +66,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "24.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz", - "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==", + "version": "24.12.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.12.4.tgz", + "integrity": "sha512-GUUEShf+PBCGW2KaXwcIt3Yk+e3pkKwWKb9GSyM9WQVE+ep2jzmHdGsHzu4wgcZy5fN9FBdVzjpBQsYlpfpgLA==", "dependencies": { "undici-types": "~7.16.0" } @@ -420,14 +420,10 @@ } }, "node_modules/ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "version": "10.2.0", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", + "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==", "license": "MIT", - "dependencies": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - }, "engines": { "node": ">= 12" } @@ -459,12 +455,6 @@ "js-yaml": "bin/js-yaml.js" } }, - "node_modules/jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", - "license": "MIT" - }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", @@ -600,12 +590,12 @@ } }, "node_modules/socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.8.tgz", + "integrity": "sha512-NlGELfPrgX2f1TAAcz0WawlLn+0r3FyhhCRpFFK2CemXenPYvzMWWZINv3eDNo9ucdwme7oCHRY0Jnbs4aIkog==", "license": "MIT", "dependencies": { - "ip-address": "^9.0.5", + "ip-address": "^10.1.1", "smart-buffer": "^4.2.0" }, "engines": { @@ -627,12 +617,6 @@ "node": ">= 14" } }, - "node_modules/sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", - "license": "BSD-3-Clause" - }, "node_modules/stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", @@ -722,9 +706,9 @@ "license": "ISC" }, "node_modules/ws": { - "version": "8.18.3", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", - "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "version": "8.20.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz", + "integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==", "license": "MIT", "engines": { "node": ">=10.0.0" diff --git a/hooks.mk b/hooks.mk deleted file mode 100644 index 5dee78f711..0000000000 --- a/hooks.mk +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# This include is a base for all hooks make files. - -module = hook -prefix = hook -name = ${hook} - -include ../../test-base.mk -include ../../env-paths.mk -# Telling the env-paths file where the root project dir is. This is done to allow the generation of the paths of the -# different project folders relative to where the makefile is being run from. So BIN_DIR= $(PROJECT_DIR)/bin will be -# BIN_DIR=../../bin -PROJECT_DIR=../.. - -module = $(hook-prefix) - -.PHONY: docker-build -docker-build: | common-docker-build - -.PHONY: docker-export -docker-export: | common-docker-export - -.PHONY: kind-import -kind-import: | common-kind-import - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-js - -.PHONY: helm-unit-tests -helm-unit-tests: - echo "Running helm unit tests for $(name)"; \ - helm unittest . \ - -.PHONY: deploy -deploy: ## 💾 Deploy this module via HelmChart into namespace "integration-tests" - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" - -.PHONY: integration-tests -integration-tests: ## 🩺 Start integration test for this module in the namespace "integration-tests" - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - @if [ -d "$(hook-prefix)/integration-tests" ]; then \ - kubectl -n integration-tests delete scans --all; \ - npm ci --prefix $(TESTS_HELPERS_DIR); \ - cd $(hook-prefix)/integration-tests && npm ci && npm run test:integration \ - else \ - echo ".: 🚫 Integration tests folder for $(name) does not exist, skipped."; \ - fi - - - diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml index b55830e652..f45396f6f7 100644 --- a/hooks/Taskfile.yaml +++ b/hooks/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: demo-targets: @@ -26,6 +26,8 @@ env: tasks: build: desc: Build the Docker image for the {{ .hookName }} hook + requires: + vars: [hookName] status: - docker images | grep -q "docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG}" || false preconditions: @@ -65,28 +67,30 @@ tasks: # test:setup tasks test:setup:hook-sdk: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}/../hook-sdk/nodejs' status: - - "[ -d {{ .TASKFILE_DIR }}/../hook-sdk/nodejs/node_modules ] || false" + - test -d node_modules cmds: - - cd {{ .TASKFILE_DIR }}/../hook-sdk/nodejs/ && bun install + - bun install test:setup:test-helpers: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}/../tests/integration' status: - - "[ -d {{ .TASKFILE_DIR }}/../tests/integration/node_modules ] || false" + - test -d node_modules cmds: - - cd {{ .TASKFILE_DIR }}/../tests/integration && bun install + - bun install test:setup:hook-deps: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}/{{ .hookName }}/hook' status: - - "[ -d {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/node_modules ] || false" + - '{{ if eq "true" .hookUsesNpmDependencies }}test -d node_modules{{ else }}true{{ end }}' cmds: - - | - {{ if eq "true" .hookUsesNpmDependencies }} - cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ && bun install - {{ else }} - echo "Hook has no custom dependencies. Skipping." - {{ end }} + - '{{ if eq "true" .hookUsesNpmDependencies }}bun install{{ else }}echo "Hook has no custom dependencies. Skipping."{{ end }}' test:setup: + run: once cmds: - task: test:setup:hook-sdk - task: test:setup:test-helpers @@ -141,6 +145,6 @@ tasks: test: desc: Run all tests for the {{ .hookName }} hook cmds: - - task test:unit - - task test:helm - - task test:integration + - task: test:unit + - task: test:helm + - task: test:integration diff --git a/hooks/cascading-scans/Taskfile.yaml b/hooks/cascading-scans/Taskfile.yaml index c1307fd720..f05ffc8143 100644 --- a/hooks/cascading-scans/Taskfile.yaml +++ b/hooks/cascading-scans/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json index 4169c86b35..e3801cdb65 100644 --- a/hooks/cascading-scans/hook/package-lock.json +++ b/hooks/cascading-scans/hook/package-lock.json @@ -10,8 +10,8 @@ "license": "Apache-2.0", "dependencies": { "@kubernetes/client-node": "^1.3.0", - "ip-address": "^10.0.1", - "lodash-es": "^4.17.21", + "ip-address": "^10.2.0", + "lodash-es": "^4.18.1", "matcher": "^5.0.0", "mustache": "^4.2.0", "parse-domain": "^8.2.2" @@ -1007,10 +1007,9 @@ } }, "node_modules/ip-address": { - "version": "10.0.1", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", - "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==", - "license": "MIT", + "version": "10.2.0", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", + "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==", "engines": { "node": ">= 12" } @@ -1084,12 +1083,6 @@ "js-yaml": "bin/js-yaml.js" } }, - "node_modules/jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", - "license": "MIT" - }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", @@ -1118,10 +1111,9 @@ } }, "node_modules/lodash-es": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", - "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", - "license": "MIT" + "version": "4.18.1", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.18.1.tgz", + "integrity": "sha512-J8xewKD/Gk22OZbhpOVSwcs60zhd95ESDwezOFuA3/099925PdHJ7OFHNTGtajL3AlZkykD32HykiMo+BIBI8A==" }, "node_modules/matcher": { "version": "5.0.0", @@ -1272,12 +1264,11 @@ } }, "node_modules/socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", - "license": "MIT", + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.8.tgz", + "integrity": "sha512-NlGELfPrgX2f1TAAcz0WawlLn+0r3FyhhCRpFFK2CemXenPYvzMWWZINv3eDNo9ucdwme7oCHRY0Jnbs4aIkog==", "dependencies": { - "ip-address": "^9.0.5", + "ip-address": "^10.1.1", "smart-buffer": "^4.2.0" }, "engines": { @@ -1299,25 +1290,6 @@ "node": ">= 14" } }, - "node_modules/socks/node_modules/ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", - "license": "MIT", - "dependencies": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - }, - "engines": { - "node": ">= 12" - } - }, - "node_modules/sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", - "license": "BSD-3-Clause" - }, "node_modules/stream-buffers": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.3.tgz", @@ -1448,10 +1420,9 @@ "license": "ISC" }, "node_modules/ws": { - "version": "8.18.3", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", - "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", - "license": "MIT", + "version": "8.20.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz", + "integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==", "engines": { "node": ">=10.0.0" }, diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index be0ccea304..36237b95ae 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -39,8 +39,8 @@ "license": "Apache-2.0", "dependencies": { "@kubernetes/client-node": "^1.3.0", - "ip-address": "^10.0.1", - "lodash-es": "^4.17.21", + "ip-address": "^10.2.0", + "lodash-es": "^4.18.1", "matcher": "^5.0.0", "mustache": "^4.2.0", "parse-domain": "^8.2.2" diff --git a/hooks/cascading-scans/templates/cascading-scans-hook.yaml b/hooks/cascading-scans/templates/cascading-scans-hook.yaml index 368c1c9b2e..9436fbf909 100644 --- a/hooks/cascading-scans/templates/cascading-scans-hook.yaml +++ b/hooks/cascading-scans/templates/cascading-scans-hook.yaml @@ -10,7 +10,7 @@ metadata: {{- include "cascading-scans.labels" . | nindent 4 }} securecodebox.io/internal: "true" {{- with .Values.hook.labels }} - {{ toYaml . }} + {{ toYaml . | nindent 4 }} {{- end }} spec: priority: {{ .Values.hook.priority }} diff --git a/hooks/finding-post-processing/Taskfile.yaml b/hooks/finding-post-processing/Taskfile.yaml index dbd1d3674e..18e7cca951 100644 --- a/hooks/finding-post-processing/Taskfile.yaml +++ b/hooks/finding-post-processing/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/hooks/finding-post-processing/hook/package-lock.json b/hooks/finding-post-processing/hook/package-lock.json index 6b0acb282f..edd36fcf5f 100644 --- a/hooks/finding-post-processing/hook/package-lock.json +++ b/hooks/finding-post-processing/hook/package-lock.json @@ -9,22 +9,21 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash-es": "^4.17.21" + "lodash-es": "^4.18.1" }, "devDependencies": {} }, "node_modules/lodash-es": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", - "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", - "license": "MIT" + "version": "4.18.1", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.18.1.tgz", + "integrity": "sha512-J8xewKD/Gk22OZbhpOVSwcs60zhd95ESDwezOFuA3/099925PdHJ7OFHNTGtajL3AlZkykD32HykiMo+BIBI8A==" } }, "dependencies": { "lodash-es": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", - "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" + "version": "4.18.1", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.18.1.tgz", + "integrity": "sha512-J8xewKD/Gk22OZbhpOVSwcs60zhd95ESDwezOFuA3/099925PdHJ7OFHNTGtajL3AlZkykD32HykiMo+BIBI8A==" } } } diff --git a/hooks/finding-post-processing/hook/package.json b/hooks/finding-post-processing/hook/package.json index 9d7a938e68..63defbfe3c 100644 --- a/hooks/finding-post-processing/hook/package.json +++ b/hooks/finding-post-processing/hook/package.json @@ -30,7 +30,7 @@ }, "homepage": "https://www.secureCodeBox.io", "dependencies": { - "lodash-es": "^4.17.21" + "lodash-es": "^4.18.1" }, "devDependencies": { } diff --git a/hooks/generic-webhook/Taskfile.yaml b/hooks/generic-webhook/Taskfile.yaml index 506312ea12..eeb5d74db1 100644 --- a/hooks/generic-webhook/Taskfile.yaml +++ b/hooks/generic-webhook/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/hooks/notification/Taskfile.yaml b/hooks/notification/Taskfile.yaml index 782e978bd0..bd6994607c 100644 --- a/hooks/notification/Taskfile.yaml +++ b/hooks/notification/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/hooks/notification/hook/package-lock.json b/hooks/notification/hook/package-lock.json index f41944635a..511b335468 100644 --- a/hooks/notification/hook/package-lock.json +++ b/hooks/notification/hook/package-lock.json @@ -11,8 +11,8 @@ "dependencies": { "@types/js-yaml": "^4.0.2", "js-yaml": "^4.1.1", - "lodash-es": "^4.17.21", - "nodemailer": "^7.0.11", + "lodash-es": "^4.17.23", + "nodemailer": "^8.0.5", "nunjucks": "^3.2.4" }, "devDependencies": { @@ -1614,10 +1614,9 @@ } }, "node_modules/lodash-es": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", - "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", - "license": "MIT" + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.23.tgz", + "integrity": "sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg==" }, "node_modules/math-intrinsics": { "version": "1.1.0", @@ -1706,9 +1705,9 @@ } }, "node_modules/nodemailer": { - "version": "7.0.11", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-7.0.11.tgz", - "integrity": "sha512-gnXhNRE0FNhD7wPSCGhdNh46Hs6nm+uTyg+Kq0cZukNQiYdnCsoQjodNP9BQVG9XrcK/v6/MgpAPBUFyzh9pvw==", + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-8.0.5.tgz", + "integrity": "sha512-0PF8Yb1yZuQfQbq+5/pZJrtF6WQcjTd5/S4JOHs9PGFxuTqoB/icwuB44pOdURHJbRKX1PPoJZtY7R4VUoCC8w==", "engines": { "node": ">=6.0.0" } @@ -3035,9 +3034,9 @@ } }, "lodash-es": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", - "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.23.tgz", + "integrity": "sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg==" }, "math-intrinsics": { "version": "1.1.0", @@ -3094,9 +3093,9 @@ } }, "nodemailer": { - "version": "7.0.11", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-7.0.11.tgz", - "integrity": "sha512-gnXhNRE0FNhD7wPSCGhdNh46Hs6nm+uTyg+Kq0cZukNQiYdnCsoQjodNP9BQVG9XrcK/v6/MgpAPBUFyzh9pvw==" + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-8.0.5.tgz", + "integrity": "sha512-0PF8Yb1yZuQfQbq+5/pZJrtF6WQcjTd5/S4JOHs9PGFxuTqoB/icwuB44pOdURHJbRKX1PPoJZtY7R4VUoCC8w==" }, "nunjucks": { "version": "3.2.4", diff --git a/hooks/notification/hook/package.json b/hooks/notification/hook/package.json index ff8998029c..a0d6c81306 100644 --- a/hooks/notification/hook/package.json +++ b/hooks/notification/hook/package.json @@ -36,8 +36,8 @@ "dependencies": { "@types/js-yaml": "^4.0.2", "js-yaml": "^4.1.1", - "lodash-es": "^4.17.21", - "nodemailer": "^7.0.11", + "lodash-es": "^4.17.23", + "nodemailer": "^8.0.5", "nunjucks": "^3.2.4" } } diff --git a/hooks/persistence-azure-monitor/Taskfile.yaml b/hooks/persistence-azure-monitor/Taskfile.yaml index 8e3bc1385f..d3af66fecc 100644 --- a/hooks/persistence-azure-monitor/Taskfile.yaml +++ b/hooks/persistence-azure-monitor/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/hooks/persistence-defectdojo/Taskfile.yaml b/hooks/persistence-defectdojo/Taskfile.yaml index 7fc8ed8490..91b5d50425 100644 --- a/hooks/persistence-defectdojo/Taskfile.yaml +++ b/hooks/persistence-defectdojo/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle index 98ae54974a..c1e11a2614 100644 --- a/hooks/persistence-defectdojo/hook/build.gradle +++ b/hooks/persistence-defectdojo/hook/build.gradle @@ -4,11 +4,11 @@ plugins { id "java" - id "io.freefair.lombok" version "9.1.0" + id "io.freefair.lombok" version "9.4.0" // https://github.com/ben-manes/gradle-versions-plugin // Run: ./gradlew dependencyUpdates -Drevision=release - id "com.github.ben-manes.versions" version "0.53.0" - id "org.sonarqube" version "7.2.0.6526" + id "com.github.ben-manes.versions" version "0.54.0" + id "org.sonarqube" version "7.2.3.7755" } group = "io.securecodebox" @@ -24,9 +24,11 @@ repositories { dependencies { implementation group: "io.securecodebox", name: "defectdojo-client", version: "2.0.1" implementation group: "io.kubernetes", name: "client-java", version: "20.0.1" - implementation group: "org.springframework", name: "spring-web", version: "7.0.1" + // will not be updated to 7.0.0 because it no longer implements a class + // so it causes issues with the version in the defectdojo client + implementation group: "org.springframework", name: "spring-web", version: "6.2.12" // https://github.com/FasterXML/jackson-bom - implementation platform("com.fasterxml.jackson:jackson-bom:2.20.1") + implementation platform("com.fasterxml.jackson:jackson-bom:2.21.2") implementation "com.fasterxml.jackson.core:jackson-core" implementation "com.fasterxml.jackson.core:jackson-annotations" implementation "com.fasterxml.jackson.core:jackson-databind" @@ -36,10 +38,10 @@ dependencies { // If I try to notate this like the others (with separate strings) I got errors. No idea why sh... Gradle // want it like this. It is the official documented example: // https://github.com/junit-team/junit5-samples/blob/r5.10.0/junit5-jupiter-starter-gradle/build.gradle - testImplementation(platform("org.junit:junit-bom:6.0.1")) + testImplementation(platform("org.junit:junit-bom:6.0.3")) testImplementation("org.junit.jupiter:junit-jupiter") - testImplementation group: "org.mockito", name: "mockito-core", version: "5.20.0" - testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.20.0" + testImplementation group: "org.mockito", name: "mockito-core", version: "5.23.0" + testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.23.0" testImplementation group: 'org.hamcrest', name: 'java-hamcrest', version: '2.0.0.0' testImplementation group: 'uk.org.webcompere', name: 'system-stubs-jupiter', version: '2.1.8' testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine") diff --git a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar index d64cd49177..d997cfc60f 100644 Binary files a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar and b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar differ diff --git a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties index ed4c299adb..c82ad3ff01 100644 --- a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties +++ b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-all.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-9.4.1-all.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/hooks/persistence-defectdojo/hook/gradlew b/hooks/persistence-defectdojo/hook/gradlew index 1aa94a4269..739907dfd1 100755 --- a/hooks/persistence-defectdojo/hook/gradlew +++ b/hooks/persistence-defectdojo/hook/gradlew @@ -1,7 +1,7 @@ #!/bin/sh # -# Copyright © 2015-2021 the original authors. +# Copyright © 2015 the original authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +15,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +# SPDX-License-Identifier: Apache-2.0 +# ############################################################################## # @@ -55,7 +57,7 @@ # Darwin, MinGW, and NonStop. # # (3) This script is generated from the Groovy template -# https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# https://github.com/gradle/gradle/blob/2d6327017519d23b96af35865dc997fcb544fb40/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt # within the Gradle project. # # You can find Gradle at https://github.com/gradle/gradle/. @@ -84,7 +86,7 @@ done # shellcheck disable=SC2034 APP_BASE_NAME=${0##*/} # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) -APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD=maximum @@ -112,7 +114,6 @@ case "$( uname )" in #( NONSTOP* ) nonstop=true ;; esac -CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar # Determine the Java command to use to start the JVM. @@ -170,7 +171,6 @@ fi # For Cygwin or MSYS, switch paths to Windows format before running java if "$cygwin" || "$msys" ; then APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) - CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) JAVACMD=$( cygpath --unix "$JAVACMD" ) @@ -203,15 +203,14 @@ fi DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' # Collect all arguments for the java command: -# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, # and any embedded shellness will be escaped. # * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be # treated as '${Hostname}' itself on the command line. set -- \ "-Dorg.gradle.appname=$APP_BASE_NAME" \ - -classpath "$CLASSPATH" \ - org.gradle.wrapper.GradleWrapperMain \ + -jar "$APP_HOME/gradle/wrapper/gradle-wrapper.jar" \ "$@" # Stop when "xargs" is not available. diff --git a/hooks/persistence-defectdojo/hook/gradlew.bat b/hooks/persistence-defectdojo/hook/gradlew.bat old mode 100644 new mode 100755 index 7101f8e467..e509b2dd8f --- a/hooks/persistence-defectdojo/hook/gradlew.bat +++ b/hooks/persistence-defectdojo/hook/gradlew.bat @@ -13,6 +13,8 @@ @rem See the License for the specific language governing permissions and @rem limitations under the License. @rem +@rem SPDX-License-Identifier: Apache-2.0 +@rem @if "%DEBUG%"=="" @echo off @rem ########################################################################## @@ -68,11 +70,10 @@ goto fail :execute @rem Setup the command line -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar @rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -jar "%APP_HOME%\gradle\wrapper\gradle-wrapper.jar" %* :end @rem End local scope for the variables with windows NT shell diff --git a/hooks/persistence-dependencytrack/Taskfile.yaml b/hooks/persistence-dependencytrack/Taskfile.yaml index 0f5dd6e616..2c07c6c11f 100644 --- a/hooks/persistence-dependencytrack/Taskfile.yaml +++ b/hooks/persistence-dependencytrack/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/hooks/persistence-elastic/Taskfile.yaml b/hooks/persistence-elastic/Taskfile.yaml index b652974104..a1753e6db6 100644 --- a/hooks/persistence-elastic/Taskfile.yaml +++ b/hooks/persistence-elastic/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/hooks/persistence-elastic/hook/package-lock.json b/hooks/persistence-elastic/hook/package-lock.json index e8d449db22..965d3939e6 100644 --- a/hooks/persistence-elastic/hook/package-lock.json +++ b/hooks/persistence-elastic/hook/package-lock.json @@ -837,10 +837,9 @@ } }, "node_modules/undici": { - "version": "6.21.3", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz", - "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==", - "license": "MIT", + "version": "6.24.1", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz", + "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==", "engines": { "node": ">=18.17" } @@ -1431,9 +1430,9 @@ "integrity": "sha512-ya4mg/30vm+DOWfBg4YK3j2WD6TWtRkCbasOJr40CseYENzCUby/7rIvXA99JGsQHeNxLbnXdyLLxKSv3tauFw==" }, "undici": { - "version": "6.21.3", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz", - "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==" + "version": "6.24.1", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz", + "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==" }, "undici-types": { "version": "6.19.8", diff --git a/hooks/update-field-hook/Taskfile.yaml b/hooks/update-field-hook/Taskfile.yaml index 5013f4d600..300b4b94ed 100644 --- a/hooks/update-field-hook/Taskfile.yaml +++ b/hooks/update-field-hook/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: hook: diff --git a/lurker/Dockerfile b/lurker/Dockerfile index 5f655da42d..5fb1df8908 100644 --- a/lurker/Dockerfile +++ b/lurker/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder +FROM --platform=$BUILDPLATFORM golang:1.26.3 AS builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/lurker/go.mod b/lurker/go.mod index 6e06e17d09..21cb13eda7 100644 --- a/lurker/go.mod +++ b/lurker/go.mod @@ -4,50 +4,57 @@ module github.com/secureCodeBox/secureCodeBox/lurker -go 1.24.5 +go 1.26.2 require ( - k8s.io/api v0.34.2 - k8s.io/apimachinery v0.34.2 - k8s.io/client-go v0.34.2 + k8s.io/api v0.36.1 + k8s.io/apimachinery v0.36.1 + k8s.io/client-go v0.36.1 ) require ( github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/emicklei/go-restful/v3 v3.12.2 // indirect - github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.1 // indirect github.com/go-logr/logr v1.4.3 // indirect - github.com/go-openapi/jsonpointer v0.21.1 // indirect - github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/google/gnostic-models v0.7.0 // indirect + github.com/go-openapi/jsonpointer v0.22.5 // indirect + github.com/go-openapi/jsonreference v0.21.5 // indirect + github.com/go-openapi/swag v0.25.5 // indirect + github.com/go-openapi/swag/cmdutils v0.25.5 // indirect + github.com/go-openapi/swag/conv v0.25.5 // indirect + github.com/go-openapi/swag/fileutils v0.25.5 // indirect + github.com/go-openapi/swag/jsonname v0.25.5 // indirect + github.com/go-openapi/swag/jsonutils v0.25.5 // indirect + github.com/go-openapi/swag/loading v0.25.5 // indirect + github.com/go-openapi/swag/mangling v0.25.5 // indirect + github.com/go-openapi/swag/netutils v0.25.5 // indirect + github.com/go-openapi/swag/stringutils v0.25.5 // indirect + github.com/go-openapi/swag/typeutils v0.25.5 // indirect + github.com/go-openapi/swag/yamlutils v0.25.5 // indirect + github.com/google/gnostic-models v0.7.1 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.9.0 // indirect + github.com/kr/text v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/x448/float16 v0.8.4 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/net v0.39.0 // indirect - golang.org/x/oauth2 v0.29.0 // indirect - golang.org/x/sys v0.32.0 // indirect - golang.org/x/term v0.31.0 // indirect - golang.org/x/text v0.24.0 // indirect - golang.org/x/time v0.11.0 // indirect - google.golang.org/protobuf v1.36.6 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/term v0.41.0 // indirect + golang.org/x/text v0.35.0 // indirect + golang.org/x/time v0.15.0 // indirect + google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/klog/v2 v2.140.0 // indirect + k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 // indirect + k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect sigs.k8s.io/yaml v1.6.0 // indirect ) diff --git a/lurker/go.sum b/lurker/go.sum index e260bb3f84..08ec26bf26 100644 --- a/lurker/go.sum +++ b/lurker/go.sum @@ -1,44 +1,61 @@ +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= -github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= +github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= -github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= -github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= -github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= -github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= -github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= -github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= -github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/go-openapi/jsonpointer v0.22.5 h1:8on/0Yp4uTb9f4XvTrM2+1CPrV05QPZXu+rvu2o9jcA= +github.com/go-openapi/jsonpointer v0.22.5/go.mod h1:gyUR3sCvGSWchA2sUBJGluYMbe1zazrYWIkWPjjMUY0= +github.com/go-openapi/jsonreference v0.21.5 h1:6uCGVXU/aNF13AQNggxfysJ+5ZcU4nEAe+pJyVWRdiE= +github.com/go-openapi/jsonreference v0.21.5/go.mod h1:u25Bw85sX4E2jzFodh1FOKMTZLcfifd1Q+iKKOUxExw= +github.com/go-openapi/swag v0.25.5 h1:pNkwbUEeGwMtcgxDr+2GBPAk4kT+kJ+AaB+TMKAg+TU= +github.com/go-openapi/swag v0.25.5/go.mod h1:B3RT6l8q7X803JRxa2e59tHOiZlX1t8viplOcs9CwTA= +github.com/go-openapi/swag/cmdutils v0.25.5 h1:yh5hHrpgsw4NwM9KAEtaDTXILYzdXh/I8Whhx9hKj7c= +github.com/go-openapi/swag/cmdutils v0.25.5/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.5 h1:wAXBYEXJjoKwE5+vc9YHhpQOFj2JYBMF2DUi+tGu97g= +github.com/go-openapi/swag/conv v0.25.5/go.mod h1:CuJ1eWvh1c4ORKx7unQnFGyvBbNlRKbnRyAvDvzWA4k= +github.com/go-openapi/swag/fileutils v0.25.5 h1:B6JTdOcs2c0dBIs9HnkyTW+5gC+8NIhVBUwERkFhMWk= +github.com/go-openapi/swag/fileutils v0.25.5/go.mod h1:V3cT9UdMQIaH4WiTrUc9EPtVA4txS0TOmRURmhGF4kc= +github.com/go-openapi/swag/jsonname v0.25.5 h1:8p150i44rv/Drip4vWI3kGi9+4W9TdI3US3uUYSFhSo= +github.com/go-openapi/swag/jsonname v0.25.5/go.mod h1:jNqqikyiAK56uS7n8sLkdaNY/uq6+D2m2LANat09pKU= +github.com/go-openapi/swag/jsonutils v0.25.5 h1:XUZF8awQr75MXeC+/iaw5usY/iM7nXPDwdG3Jbl9vYo= +github.com/go-openapi/swag/jsonutils v0.25.5/go.mod h1:48FXUaz8YsDAA9s5AnaUvAmry1UcLcNVWUjY42XkrN4= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5 h1:SX6sE4FrGb4sEnnxbFL/25yZBb5Hcg1inLeErd86Y1U= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5/go.mod h1:/2KvOTrKWjVA5Xli3DZWdMCZDzz3uV/T7bXwrKWPquo= +github.com/go-openapi/swag/loading v0.25.5 h1:odQ/umlIZ1ZVRteI6ckSrvP6e2w9UTF5qgNdemJHjuU= +github.com/go-openapi/swag/loading v0.25.5/go.mod h1:I8A8RaaQ4DApxhPSWLNYWh9NvmX2YKMoB9nwvv6oW6g= +github.com/go-openapi/swag/mangling v0.25.5 h1:hyrnvbQRS7vKePQPHHDso+k6CGn5ZBs5232UqWZmJZw= +github.com/go-openapi/swag/mangling v0.25.5/go.mod h1:6hadXM/o312N/h98RwByLg088U61TPGiltQn71Iw0NY= +github.com/go-openapi/swag/netutils v0.25.5 h1:LZq2Xc2QI8+7838elRAaPCeqJnHODfSyOa7ZGfxDKlU= +github.com/go-openapi/swag/netutils v0.25.5/go.mod h1:lHbtmj4m57APG/8H7ZcMMSWzNqIQcu0RFiXrPUara14= +github.com/go-openapi/swag/stringutils v0.25.5 h1:NVkoDOA8YBgtAR/zvCx5rhJKtZF3IzXcDdwOsYzrB6M= +github.com/go-openapi/swag/stringutils v0.25.5/go.mod h1:PKK8EZdu4QJq8iezt17HM8RXnLAzY7gW0O1KKarrZII= +github.com/go-openapi/swag/typeutils v0.25.5 h1:EFJ+PCga2HfHGdo8s8VJXEVbeXRCYwzzr9u4rJk7L7E= +github.com/go-openapi/swag/typeutils v0.25.5/go.mod h1:itmFmScAYE1bSD8C4rS0W+0InZUBrB2xSPbWt6DLGuc= +github.com/go-openapi/swag/yamlutils v0.25.5 h1:kASCIS+oIeoc55j28T4o8KwlV2S4ZLPT6G0iq2SSbVQ= +github.com/go-openapi/swag/yamlutils v0.25.5/go.mod h1:Gek1/SjjfbYvM+Iq4QGwa/2lEXde9n2j4a3wI3pNuOQ= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0 h1:7SgOMTvJkM8yWrQlU8Jm18VeDPuAvB/xWrdxFJkoFag= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0/go.mod h1:14iV8jyyQlinc9StD7w1xVPW3CO3q1Gj04Jy//Kw4VM= +github.com/go-openapi/testify/v2 v2.4.0 h1:8nsPrHVCWkQ4p8h1EsRVymA2XABB4OT40gcvAu+voFM= +github.com/go-openapi/testify/v2 v2.4.0/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= +github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= +github.com/google/gnostic-models v0.7.1/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= -github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -47,99 +64,65 @@ github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFd github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= -github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= -github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= +go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY= -golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E= -golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98= -golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20= -golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o= -golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0= -golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= -golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= -google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= +golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.2 h1:fsSUNZhV+bnL6Aqrp6O7lMTy6o5x2C4XLjnh//8SLYY= -k8s.io/api v0.34.2/go.mod h1:MMBPaWlED2a8w4RSeanD76f7opUoypY8TFYkSM+3XHw= -k8s.io/apimachinery v0.34.2 h1:zQ12Uk3eMHPxrsbUJgNF8bTauTVR2WgqJsTmwTE/NW4= -k8s.io/apimachinery v0.34.2/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.2 h1:Co6XiknN+uUZqiddlfAjT68184/37PS4QAzYvQvDR8M= -k8s.io/client-go v0.34.2/go.mod h1:2VYDl1XXJsdcAxw7BenFslRQX28Dxz91U9MWKjX97fE= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +k8s.io/api v0.36.1 h1:XbL/EMj8K2aJpJtePmqUyQMsM0D4QI2pvl7YKJ20FTY= +k8s.io/api v0.36.1/go.mod h1:KOWo4ey3TINlXjeHVuwB3i+tXXnu+UcwFBHlI/9dvEo= +k8s.io/apimachinery v0.36.1 h1:G63Gjx2W+q0YD+72Vo8oY0nDnePVwnuzTmmy5ENrVSA= +k8s.io/apimachinery v0.36.1/go.mod h1:ibYOR00vW/I1kzvi5SF0dRuJ52BvKtfvRdOn35GPQ+8= +k8s.io/client-go v0.36.1 h1:FN/K8QIT2CEDt+2WB2HnWrUANZ50AP5GII43/SP2JR0= +k8s.io/client-go v0.36.1/go.mod h1:s6rAnCtTGYDQnpNjEhSaISV+2O8jwruZ6m3QOYBFbtU= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 h1:V+sn9a/1fEYDGwnllCmqXBk8x7obZ+hl869Q3Abumkg= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/netlify.toml b/netlify.toml new file mode 100644 index 0000000000..f1abb4b6f1 --- /dev/null +++ b/netlify.toml @@ -0,0 +1,19 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +# https://docs.netlify.com/build/configure-builds/file-based-configuration/ + +[build] + base = "documentation" + command = "npm install && npm run build" + publish = "build" + functions = "netlify/functions" + +# To make this work we point a DNS A record with name securecodebox.io to the Netlify load balancer (75.2.60.5) +# See https://docs.netlify.com/manage/domains/configure-domains/bring-a-domain-to-netlify/ +[[redirects]] + from = "https://securecodebox.io/*" + to = "https://www.securecodebox.io/:splat" + status = 302 + force = true diff --git a/operator/Dockerfile b/operator/Dockerfile index 3545a7948a..db268cb435 100644 --- a/operator/Dockerfile +++ b/operator/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder +FROM --platform=$BUILDPLATFORM golang:1.26.3 AS builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/operator/Makefile b/operator/Makefile deleted file mode 100644 index 31da384e5e..0000000000 --- a/operator/Makefile +++ /dev/null @@ -1,206 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include ../prerequisites.mk -include ../env-paths.mk -## Telling the env-paths file where the root project dir is. This is done to allow the generation of the paths of the different project folders relative to where the makefile is being run from. -## So BIN_DIR= $(PROJECT_DIR)/bin will be BIN_DIR=../bin -PROJECT_DIR=.. - -IMG_NS ?= securecodebox - -# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. -ENVTEST_K8S_VERSION = 1.33.0 - -# Image URL to use all building/pushing image targets for the operator -OPERATOR_IMG ?= operator - -# Image URL to use all building/pushing image targets for the lurker -LURKER_IMG ?= lurker - -# Tag used for the images -IMG_TAG ?= sha-$$(git rev-parse --short HEAD) - -# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq (,$(shell go env GOBIN)) -GOBIN=$(shell go env GOPATH)/bin -else -GOBIN=$(shell go env GOBIN) -endif - -# Setting SHELL to bash allows bash commands to be executed by recipes. -# This is a requirement for 'setup-envtest.sh' in the test target. -# Options are set to exit when a recipe line exits non-zero or a piped command fails. -SHELL = /usr/bin/env bash -o pipefail -.SHELLFLAGS = -ec - -all: build - -##@ General - -# The help target prints out all targets with their descriptions organized -# beneath their categories. The categories are represented by '##@' and the -# target descriptions by '##'. The awk commands is responsible for reading the -# entire set of makefiles included in this invocation, looking for lines of the -# file as xyz: ## something, and then pretty-format the target and help. Then, -# if there's a line with ##@ something, that gets pretty-printed as a category. -# More info on the usage of ANSI control characters for terminal formatting: -# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters -# More info on the awk command: -# http://linuxcommand.org/lc3_adv_awk.php - -.PHONY: help -help: ## Display this help. - @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) - -##@ Development - -.PHONY: manifests -manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName="securecodebox-manager-role",headerFile="hack/boilerplate.yaml.txt" crd:maxDescLen=256,headerFile="hack/boilerplate.yaml.txt" webhook paths="./..." output:crd:artifacts:config=crds output:rbac:artifacts:config=templates/rbac - -.PHONY: generate -generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. - $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." - -.PHONY: fmt -fmt: ## Run go fmt against code. - go fmt ./... - -.PHONY: vet -vet: ## Run go vet against code. - go vet ./... - -.PHONY: test -test: manifests generate fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test -tags="fast slow" ./... -coverprofile cover.out - -.PHONY: test-fast -test-fast: manifests generate fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test -tags="fast" ./... -coverprofile cover.out - -.PHONY: view-coverage -view-coverage: - go tool cover -html=cover.out - -## Helm unit tests -.PHONY: helm-unit-tests -helm-unit-tests: - echo "Running helm unit tests for operator"; \ - helm unittest . \ - -##@ Build - -.PHONY: build -build: generate fmt vet ## Build manager binary. - go build -o bin/manager main.go - -.PHONY: run -run: manifests generate fmt vet ## Run a controller from your host. - go run ./main.go - -.PHONY: docker-build -docker-build: ## Build docker image with the manager. - @echo ".: ⚙️ Build Container Images" - docker build -t $(IMG_NS)/${OPERATOR_IMG}:${IMG_TAG} . - cd $(PROJECT_DIR)/lurker && docker build -t $(IMG_NS)/$(LURKER_IMG):$(IMG_TAG) . - -.PHONY: docker-push -docker-push: ## Push docker image with the manager. - docker push $(IMG_NS)/${OPERATOR_IMG}:${IMG_TAG} - docker push $(IMG_NS)/$(LURKER_IMG):$(IMG_TAG) - -.PHONY: docker-export -docker-export: - $(MAKE) docker-export-operator - $(MAKE) docker-export-lurker - -.PHONY: docker-export-operator -docker-export-operator: - @echo ".: 💾 Export Operator Image" - docker save $(IMG_NS)/$(OPERATOR_IMG):$(IMG_TAG) > $(OPERATOR_IMG).tar - -.PHONY: docker-export-lurker -docker-export-lurker: - @echo ".: 💾 Export Lurker Image" - docker save $(IMG_NS)/$(LURKER_IMG):$(IMG_TAG) > $(LURKER_IMG).tar - -##@ Deployment - -.PHONY: kind-import -kind-import: - @echo ".: 💾 Importing the image archive to local kind cluster." - kind load image-archive ./$(OPERATOR_IMG).tar - kind load image-archive ./$(LURKER_IMG).tar - -.PHONY: helm-deploy -helm-deploy: - @echo ".: ⚙️ Deploying Operator with the Image tag '$(IMG_TAG)' into kind." - # If not exists create namespace where the tests will be executed - kubectl create namespace integration-tests --dry-run=client -o yaml | kubectl apply -f - - # If not exists create secureCodeBox operator namespace - kubectl create namespace securecodebox-system --dry-run=client -o yaml | kubectl apply -f - - - MINIO_ROOT_USER=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.root-user}' | base64 --decode) - MINIO_ROOT_PASSWORD=$(kubectl get secret --namespace "securecodebox-system" securecodebox-operator-minio -o jsonpath="{.data.root-password}" | base64 -d) - - helm -n securecodebox-system upgrade --install securecodebox-operator ./ --wait \ - --set="image.repository=docker.io/$(IMG_NS)/$(OPERATOR_IMG)" \ - --set="image.tag=$(IMG_TAG)" \ - --set="image.pullPolicy=IfNotPresent" \ - --set="lurker.image.repository=docker.io/$(IMG_NS)/$(LURKER_IMG)" \ - --set="lurker.image.tag=$(IMG_TAG)" \ - --set="lurker.image.pullPolicy=IfNotPresent" \ - --set="minio.auth.rootUser = $(MINIO_ROOT_USER)" \ - --set="minio.auth.rootPassword = $(MINIO_ROOT_PASSWORD)" - -.PHONY: install -install: manifests ## Install CRDs into the K8s cluster specified in ~/.kube/config. - kubectl apply -f ./crds/ - -.PHONY: uninstall -uninstall: manifests ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. - kubectl delete -f ./crds/ - -##@ Build Dependencies - -## Location to install dependencies to -LOCALBIN ?= $(shell pwd)/bin -$(LOCALBIN): - mkdir -p $(LOCALBIN) - -## Tool Binaries -CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen-$(CONTROLLER_TOOLS_VERSION) -ENVTEST ?= $(LOCALBIN)/setup-envtest-$(ENVTEST_VERSION) - -## Tool Versions -CONTROLLER_TOOLS_VERSION ?= v0.18.0 -ENVTEST_VERSION ?= release-0.21 - -.PHONY: controller-gen -controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. -$(CONTROLLER_GEN): $(LOCALBIN) - $(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen,$(CONTROLLER_TOOLS_VERSION)) - -.PHONY: envtest -envtest: $(ENVTEST) ## Download setup-envtest locally if necessary. -$(ENVTEST): $(LOCALBIN) - $(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,$(ENVTEST_VERSION)) - -# go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist -# $1 - target path with name of binary (ideally with version) -# $2 - package url which can be installed -# $3 - specific version of package -define go-install-tool -@[ -f $(1) ] || { \ -set -e; \ -package=$(2)@$(3) ;\ -echo "Downloading $${package}" ;\ -GOBIN=$(LOCALBIN) go install $${package} ;\ -mv "$$(echo "$(1)" | sed "s/-$(3)$$//")" $(1) ;\ -} -endef diff --git a/operator/README.md b/operator/README.md index dbe5d527ba..172c938f96 100644 --- a/operator/README.md +++ b/operator/README.md @@ -73,6 +73,8 @@ helm install securecodebox-operator oci://ghcr.io/securecodebox/helm/operator | customCACertificate | object | `{"certificate":"public.crt","existingCertificate":null}` | Setup for Custom CA certificates. These are automatically mounted into every secureCodeBox component (lurker, parser & hooks). Requires that every namespace has a configmap with the CA certificate(s) | | customCACertificate.certificate | string | `"public.crt"` | key in the configmap holding the certificate(s) | | customCACertificate.existingCertificate | string | `nil` | name of the configMap holding the ca certificate(s), needs to be the same across all namespaces | +| extraVolumeMounts | list | `[]` | Additional volume mounts to be mounted to the operator deployment | +| extraVolumes | list | `[]` | Additional volumes to be mounted to the operator deployment | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | | image.repository | string | `"docker.io/securecodebox/operator"` | The operator image repository | | image.tag | string | defaults to the charts version | Parser image tag | diff --git a/operator/Taskfile.yaml b/operator/Taskfile.yaml new file mode 100644 index 0000000000..b226568f54 --- /dev/null +++ b/operator/Taskfile.yaml @@ -0,0 +1,232 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.48.0" + +env: + IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +vars: + OPERATOR_IMG: operator + LURKER_IMG: lurker + CONTROLLER_TOOLS_VERSION: v0.18.0 + ENVTEST_K8S_VERSION: + sh: cd {{ .TASKFILE_DIR }} && go list -m -f '{{"{{"}}.Version{{"}}"}}' k8s.io/api 2>/dev/null | sed -E 's/^v?[0-9]+\.([0-9]+).*/1.\1/' + ENVTEST_VERSION: + sh: cd {{ .TASKFILE_DIR }} && go list -m -f '{{"{{"}}.Version{{"}}"}}' sigs.k8s.io/controller-runtime 2>/dev/null | sed -E 's/^v?([0-9]+)\.([0-9]+).*/release-\1.\2/' + LOCALBIN: '{{ .TASKFILE_DIR }}/bin' + +tasks: + controller-gen: + desc: "Download controller-gen locally if necessary" + run: once + dir: '{{ .TASKFILE_DIR }}' + generates: + - '{{ .LOCALBIN }}/controller-gen' + - '{{ .LOCALBIN }}/.controller-gen.version' + cmds: + - mkdir -p {{ .LOCALBIN }} + - rm -f {{ .LOCALBIN }}/controller-gen + - GOBIN={{ .LOCALBIN }} go install sigs.k8s.io/controller-tools/cmd/controller-gen@{{ .CONTROLLER_TOOLS_VERSION }} + - echo "{{ .CONTROLLER_TOOLS_VERSION }}" > {{ .LOCALBIN }}/.controller-gen.version + status: + - test -f {{ .LOCALBIN }}/controller-gen + - grep -qxF "{{ .CONTROLLER_TOOLS_VERSION }}" {{ .LOCALBIN }}/.controller-gen.version 2>/dev/null + + envtest: + desc: "Download setup-envtest locally if necessary" + run: once + dir: '{{ .TASKFILE_DIR }}' + generates: + - '{{ .LOCALBIN }}/setup-envtest' + - '{{ .LOCALBIN }}/.setup-envtest.version' + cmds: + - mkdir -p {{ .LOCALBIN }} + - rm -f {{ .LOCALBIN }}/setup-envtest + - GOBIN={{ .LOCALBIN }} go install sigs.k8s.io/controller-runtime/tools/setup-envtest@{{ .ENVTEST_VERSION }} + - echo "{{ .ENVTEST_VERSION }}" > {{ .LOCALBIN }}/.setup-envtest.version + status: + - test -f {{ .LOCALBIN }}/setup-envtest + - grep -qxF "{{ .ENVTEST_VERSION }}" {{ .LOCALBIN }}/.setup-envtest.version 2>/dev/null + + manifests: + desc: "Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects" + deps: [controller-gen] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + {{ .LOCALBIN }}/controller-gen rbac:roleName="securecodebox-manager-role",headerFile="hack/boilerplate.yaml.txt" \ + crd:maxDescLen=256,headerFile="hack/boilerplate.yaml.txt" \ + webhook paths="./..." \ + output:crd:artifacts:config=crds \ + output:rbac:artifacts:config=templates/rbac + + generate: + desc: "Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations" + deps: [controller-gen] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - '{{ .LOCALBIN }}/controller-gen object:headerFile="hack/boilerplate.go.txt" paths="./..."' + + fmt: + desc: "Run go fmt against code" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go fmt ./... + + vet: + desc: "Run go vet against code" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go vet ./... + + test: + desc: "Run all tests (fast and slow)" + deps: [manifests, generate, fmt, vet, envtest] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + KUBEBUILDER_ASSETS="$({{ .LOCALBIN }}/setup-envtest use {{ .ENVTEST_K8S_VERSION }} --bin-dir {{ .LOCALBIN }} -p path)" \ + go test -tags="fast slow" ./... -coverprofile cover.out + + test-fast: + desc: "Run fast tests only" + deps: [manifests, generate, fmt, vet, envtest] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - | + KUBEBUILDER_ASSETS="$({{ .LOCALBIN }}/setup-envtest use {{ .ENVTEST_K8S_VERSION }} -p path)" \ + go test -tags="fast" ./... -coverprofile cover.out + + view-coverage: + desc: "View test coverage in browser" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go tool cover -html=cover.out + + helm-unit-tests: + desc: "Run helm unit tests for operator" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "Helm unittest plugin is not installed. Install it from https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - 'echo "Running helm unit tests for operator"' + - helm unittest . + + build: + desc: "Build manager binary" + deps: [generate, fmt, vet] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go build -o bin/manager main.go + + run: + desc: "Run the controller from your host" + deps: [manifests, generate, fmt, vet] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - go run ./main.go + + docker-build: + desc: "Build Docker images for operator and lurker" + dir: '{{ .TASKFILE_DIR }}' + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + cmds: + - 'echo "Building Container Images"' + - docker build -t ${IMG_NS}/{{ .OPERATOR_IMG }}:${IMG_TAG} {{ .TASKFILE_DIR }} + - docker build -t ${IMG_NS}/{{ .LURKER_IMG }}:${IMG_TAG} {{ .TASKFILE_DIR }}/../lurker + status: + - docker images | grep -q "${IMG_NS}/{{ .OPERATOR_IMG }}:${IMG_TAG}" || false + - docker images | grep -q "${IMG_NS}/{{ .LURKER_IMG }}:${IMG_TAG}" || false + + docker-push: + desc: "Push Docker images for operator and lurker" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - docker push ${IMG_NS}/{{ .OPERATOR_IMG }}:${IMG_TAG} + - docker push ${IMG_NS}/{{ .LURKER_IMG }}:${IMG_TAG} + + docker-export: + desc: "Export Docker images to tar files" + deps: [docker-build] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - task: docker-export-operator + - task: docker-export-lurker + + docker-export-operator: + desc: "Export operator Docker image to tar file" + deps: [docker-build] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - 'echo "Exporting Operator Image"' + - docker save ${IMG_NS}/{{ .OPERATOR_IMG }}:${IMG_TAG} > {{ .OPERATOR_IMG }}.tar + + docker-export-lurker: + desc: "Export lurker Docker image to tar file" + deps: [docker-build] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - 'echo "Exporting Lurker Image"' + - docker save ${IMG_NS}/{{ .LURKER_IMG }}:${IMG_TAG} > {{ .LURKER_IMG }}.tar + + kind-import: + desc: "Import Docker images into kind cluster" + deps: [docker-export] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - 'echo "Importing image archives to local kind cluster"' + - kind load image-archive ./{{ .OPERATOR_IMG }}.tar + - kind load image-archive ./{{ .LURKER_IMG }}.tar + + helm-deploy: + desc: "Deploy operator to kind cluster using Helm" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - 'echo "Deploying Operator with image tag ${IMG_TAG} into kind"' + - kubectl create namespace integration-tests --dry-run=client -o yaml | kubectl apply -f - + - kubectl create namespace securecodebox-system --dry-run=client -o yaml | kubectl apply -f - + - | + MINIO_ROOT_USER=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.root-user}' 2>/dev/null | base64 --decode || echo "") + MINIO_ROOT_PASSWORD=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.root-password}' 2>/dev/null | base64 --decode || echo "") + + MINIO_ARGS="" + if [ -n "$MINIO_ROOT_USER" ] && [ -n "$MINIO_ROOT_PASSWORD" ]; then + MINIO_ARGS="--set=minio.auth.rootUser=$MINIO_ROOT_USER --set=minio.auth.rootPassword=$MINIO_ROOT_PASSWORD" + fi + + helm -n securecodebox-system upgrade --install securecodebox-operator ./ --wait \ + --set="image.repository=docker.io/${IMG_NS}/{{ .OPERATOR_IMG }}" \ + --set="image.tag=${IMG_TAG}" \ + --set="image.pullPolicy=IfNotPresent" \ + --set="lurker.image.repository=docker.io/${IMG_NS}/{{ .LURKER_IMG }}" \ + --set="lurker.image.tag=${IMG_TAG}" \ + --set="lurker.image.pullPolicy=IfNotPresent" \ + $MINIO_ARGS + + kind-deploy: + desc: "Import and deploy Docker images to kind" + dir: '{{ .TASKFILE_DIR }}' + cmds: + - task: kind-import + - task: helm-deploy + + install: + desc: "Install CRDs into the K8s cluster specified in ~/.kube/config" + deps: [manifests] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - kubectl apply -f ./crds/ + + uninstall: + desc: "Uninstall CRDs from the K8s cluster specified in ~/.kube/config" + deps: [manifests] + dir: '{{ .TASKFILE_DIR }}' + cmds: + - kubectl delete -f ./crds/ diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go index ff1869675d..467428a640 100644 --- a/operator/apis/execution/v1/scan_types.go +++ b/operator/apis/execution/v1/scan_types.go @@ -148,6 +148,10 @@ type ScanSpec struct { Resources corev1.ResourceRequirements `json:"resources,omitempty"` // ttlSecondsAfterFinished limits the lifetime of a Scan that has finished execution (either Done or Errored). If this field is set ttlSecondsAfterFinished after the Scan finishes, it is eligible to be automatically deleted. When the Scan is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Scan won't be automatically deleted. If this is set to zero, the Scan becomes eligible to be deleted immediately after it finishes. TTLSecondsAfterFinished *int32 `json:"ttlSecondsAfterFinished,omitempty"` + // Suspend specifies whether the Scan should be suspended. When a Scan is suspended, the reconciler will not process it, effectively pausing all operations until it is resumed. This behaves similar to the suspend field in Kubernetes Jobs. TTL-based cleanup still works on suspended scans that are Done or Errored. + // +kubebuilder:validation:Optional + // +kubebuilder:default=false + Suspend *bool `json:"suspend,omitempty"` } type ScanState string diff --git a/operator/apis/execution/v1/scheduledscan_types.go b/operator/apis/execution/v1/scheduledscan_types.go index 052d2048aa..a8cada6a84 100644 --- a/operator/apis/execution/v1/scheduledscan_types.go +++ b/operator/apis/execution/v1/scheduledscan_types.go @@ -50,6 +50,11 @@ type ScheduledScanSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=false RetriggerOnScanTypeChange bool `json:"retriggerOnScanTypeChange,omitempty"` + + // Suspend specifies whether the ScheduledScan should be suspended. When a ScheduledScan is suspended, no new Scans will be created according to the schedule. This behaves similar to the suspend field in Kubernetes CronJobs. + // +kubebuilder:validation:Optional + // +kubebuilder:default=false + Suspend *bool `json:"suspend,omitempty"` } // ConcurrencyPolicy describes how the job will be handled. diff --git a/operator/apis/execution/v1/zz_generated.deepcopy.go b/operator/apis/execution/v1/zz_generated.deepcopy.go index 7669a340c6..f8b3ab1cb4 100644 --- a/operator/apis/execution/v1/zz_generated.deepcopy.go +++ b/operator/apis/execution/v1/zz_generated.deepcopy.go @@ -716,6 +716,11 @@ func (in *ScanSpec) DeepCopyInto(out *ScanSpec) { *out = new(int32) **out = **in } + if in.Suspend != nil { + in, out := &in.Suspend, &out.Suspend + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanSpec. @@ -939,6 +944,11 @@ func (in *ScheduledScanSpec) DeepCopyInto(out *ScheduledScanSpec) { *out = new(ScanSpec) (*in).DeepCopyInto(*out) } + if in.Suspend != nil { + in, out := &in.Suspend, &out.Suspend + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScheduledScanSpec. diff --git a/operator/controllers/execution/scans/scan_controller.go b/operator/controllers/execution/scans/scan_controller.go index 5a0f202113..b116c49363 100644 --- a/operator/controllers/execution/scans/scan_controller.go +++ b/operator/controllers/execution/scans/scan_controller.go @@ -83,6 +83,16 @@ func (r *ScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl. log.V(5).Info("Scan Found", "Type", scan.Spec.ScanType, "State", scan.Status.State) + // Check if the scan is suspended. If so, skip reconciliation unless the scan is in a terminal state + // where TTL-based cleanup should still work. + if scan.Spec.Suspend != nil && *scan.Spec.Suspend { + if scan.Status.State != executionv1.ScanStateDone && scan.Status.State != executionv1.ScanStateErrored { + log.V(7).Info("Scan is suspended, skipping reconciliation") + return ctrl.Result{}, nil + } + // For Done/Errored scans, continue to allow TTL cleanup + } + // Handle Finalizer if the scan is getting deleted if !scan.ObjectMeta.DeletionTimestamp.IsZero() { // Check if this Scan has not yet been converted to new CRD diff --git a/operator/controllers/execution/scans/scan_reconciler_test.go b/operator/controllers/execution/scans/scan_reconciler_test.go index b730eb5ca2..f97179e885 100644 --- a/operator/controllers/execution/scans/scan_reconciler_test.go +++ b/operator/controllers/execution/scans/scan_reconciler_test.go @@ -232,4 +232,120 @@ var _ = Describe("ScanControllers", func() { }) }) + + Context("Suspend Functionality", func() { + It("should return true for TTL cleanup on suspended Done scan", func() { + finishTime := time.Date(2009, 11, 17, 20, 34, 58, 651387237, time.UTC) + var timeout int32 = 30 + suspend := true + var scan = &executionv1.Scan{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: "nmap", + }, + Spec: executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + TTLSecondsAfterFinished: &timeout, + Suspend: &suspend, + }, + Status: executionv1.ScanStatus{ + State: executionv1.ScanStateDone, + FinishedAt: &metav1.Time{Time: finishTime}, + }, + } + // TTL cleanup should still work even when suspended + Expect(reconciler.checkIfTTLSecondsAfterFinishedIsCompleted(scan)).To(BeTrue()) + }) + + It("should return true for TTL cleanup on suspended Errored scan", func() { + finishTime := time.Date(2009, 11, 17, 20, 34, 58, 651387237, time.UTC) + var timeout int32 = 30 + suspend := true + var scan = &executionv1.Scan{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: "nmap", + }, + Spec: executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + TTLSecondsAfterFinished: &timeout, + Suspend: &suspend, + }, + Status: executionv1.ScanStatus{ + State: executionv1.ScanStateErrored, + FinishedAt: &metav1.Time{Time: finishTime}, + }, + } + // TTL cleanup should still work even when suspended + Expect(reconciler.checkIfTTLSecondsAfterFinishedIsCompleted(scan)).To(BeTrue()) + }) + + It("should identify a suspended scan correctly", func() { + suspend := true + var scan = &executionv1.Scan{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: "nmap", + }, + Spec: executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + Suspend: &suspend, + }, + Status: executionv1.ScanStatus{ + State: executionv1.ScanStateInit, + }, + } + // Verify the suspend flag is properly set + Expect(scan.Spec.Suspend).NotTo(BeNil()) + Expect(*scan.Spec.Suspend).To(BeTrue()) + }) + + It("should identify a non-suspended scan correctly when Suspend is false", func() { + suspend := false + var scan = &executionv1.Scan{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: "nmap", + }, + Spec: executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + Suspend: &suspend, + }, + Status: executionv1.ScanStatus{ + State: executionv1.ScanStateInit, + }, + } + // Verify the suspend flag is properly set to false + Expect(scan.Spec.Suspend).NotTo(BeNil()) + Expect(*scan.Spec.Suspend).To(BeFalse()) + }) + + It("should handle nil Suspend field as not suspended", func() { + var scan = &executionv1.Scan{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: "nmap", + }, + Spec: executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + Suspend: nil, // Not set, should default to false + }, + Status: executionv1.ScanStatus{ + State: executionv1.ScanStateInit, + }, + } + // When Suspend is nil, the scan should not be considered suspended + if scan.Spec.Suspend != nil { + Expect(*scan.Spec.Suspend).To(BeFalse()) + } else { + // nil is treated as not suspended + Expect(scan.Spec.Suspend).To(BeNil()) + } + }) + }) }) diff --git a/operator/controllers/execution/scheduledscan_controller.go b/operator/controllers/execution/scheduledscan_controller.go index 8206d97a6c..3746d7f1c8 100644 --- a/operator/controllers/execution/scheduledscan_controller.go +++ b/operator/controllers/execution/scheduledscan_controller.go @@ -124,6 +124,12 @@ func (r *ScheduledScanReconciler) Reconcile(ctx context.Context, req ctrl.Reques InProgressScans := getScansInProgress(childScans.Items) + // Check if the ScheduledScan is suspended. If so, skip creating new scans. + if scheduledScan.Spec.Suspend != nil && *scheduledScan.Spec.Suspend { + log.V(7).Info("ScheduledScan is suspended, skipping scan creation") + return ctrl.Result{RequeueAfter: 1 * time.Minute}, nil + } + // check if it is time to start the next Scan if !time.Now().Before(nextSchedule) { // check concurrency policy diff --git a/operator/controllers/execution/scheduledscan_controller_test.go b/operator/controllers/execution/scheduledscan_controller_test.go index 62d9cefde2..a620f71da6 100644 --- a/operator/controllers/execution/scheduledscan_controller_test.go +++ b/operator/controllers/execution/scheduledscan_controller_test.go @@ -177,4 +177,72 @@ var _ = Describe("ScheduledScan controller", func() { Expect(firstScanName).ShouldNot(Equal(secondScanName)) }) }) + + Context("Suspend Functionality", func() { + It("should identify a suspended ScheduledScan correctly", func() { + suspend := true + scheduledScan := &executionv1.ScheduledScan{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-scan", + Namespace: "test-namespace", + }, + Spec: executionv1.ScheduledScanSpec{ + Interval: metav1.Duration{Duration: 1 * time.Hour}, + ScanSpec: &executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + }, + Suspend: &suspend, + }, + } + // Verify the suspend flag is properly set + Expect(scheduledScan.Spec.Suspend).NotTo(BeNil()) + Expect(*scheduledScan.Spec.Suspend).To(BeTrue()) + }) + + It("should identify a non-suspended ScheduledScan correctly when Suspend is false", func() { + suspend := false + scheduledScan := &executionv1.ScheduledScan{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-scan", + Namespace: "test-namespace", + }, + Spec: executionv1.ScheduledScanSpec{ + Interval: metav1.Duration{Duration: 1 * time.Hour}, + ScanSpec: &executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + }, + Suspend: &suspend, + }, + } + // Verify the suspend flag is properly set to false + Expect(scheduledScan.Spec.Suspend).NotTo(BeNil()) + Expect(*scheduledScan.Spec.Suspend).To(BeFalse()) + }) + + It("should handle nil Suspend field as not suspended", func() { + scheduledScan := &executionv1.ScheduledScan{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-scan", + Namespace: "test-namespace", + }, + Spec: executionv1.ScheduledScanSpec{ + Interval: metav1.Duration{Duration: 1 * time.Hour}, + ScanSpec: &executionv1.ScanSpec{ + ScanType: "nmap", + Parameters: []string{"scanme.nmap.org"}, + }, + Suspend: nil, // Not set, should default to false + }, + } + // When Suspend is nil, the scan should not be considered suspended + if scheduledScan.Spec.Suspend != nil { + Expect(*scheduledScan.Spec.Suspend).To(BeFalse()) + } else { + // nil is treated as not suspended + Expect(scheduledScan.Spec.Suspend).To(BeNil()) + } + }) + }) }) diff --git a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml index 7b0b6fcf1a..a12a58c1a3 100644 --- a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml +++ b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml @@ -2113,7 +2113,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -2765,6 +2767,13 @@ spec: scanType: description: The name of the scanType which should be started. type: string + suspend: + default: false + description: Suspend specifies whether the Scan should be suspended. + When a Scan is suspended, the reconciler will not process it, + effectively pausing all operations until it is resumed. This + behaves similar to the suspend field in Kubernetes Jobs. + type: boolean tolerations: description: Tolerations are a different way to control on which nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ @@ -2786,7 +2795,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -3354,8 +3363,11 @@ spec: - name type: object resources: - description: resources represents the minimum - resources the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -4122,6 +4134,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml b/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml index 7e49751e84..efc4ea2726 100644 --- a/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml +++ b/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml @@ -1143,7 +1143,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1706,8 +1706,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2471,6 +2474,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml b/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml index 41310fde4b..4bbd0611af 100644 --- a/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml +++ b/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml @@ -1149,7 +1149,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1716,8 +1716,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2481,6 +2484,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_clusterscantypes.yaml b/operator/crds/execution.securecodebox.io_clusterscantypes.yaml index 2fa577b845..34e200b2f5 100644 --- a/operator/crds/execution.securecodebox.io_clusterscantypes.yaml +++ b/operator/crds/execution.securecodebox.io_clusterscantypes.yaml @@ -234,7 +234,6 @@ spec: it is required that specified type equals the pod condition type. type: string required: - - status - type type: object type: array @@ -2057,8 +2056,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -5049,8 +5049,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -6093,7 +6094,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -6738,9 +6739,11 @@ spec: - name type: object resources: - description: resources represents - the minimum resources the volume - should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -7536,6 +7539,16 @@ spec: CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName @@ -7942,6 +7955,34 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + workloadRef: + description: |- + WorkloadRef provides a reference to the Workload object that this Pod belongs to. + This field is used by the scheduler to identify the PodGroup and apply the + correct group scheduling policies. + properties: + name: + description: |- + Name defines the name of the Workload object this Pod belongs to. + Workload must be in the same namespace as the Pod. + type: string + podGroup: + description: |- + PodGroup is the name of the PodGroup within the Workload that this Pod + belongs to. If it doesn't match any existing PodGroup within the Workload, + the Pod will remain unschedulable until the Workload object is recreated + and observed by the kube-scheduler. + type: string + podGroupReplicaKey: + description: |- + PodGroupReplicaKey specifies the replica key of the PodGroup to which this + Pod belongs. It is used to distinguish pods belonging to different replicas + of the same pod group. The pod group policy is applied separately to each replica. + type: string + required: + - name + - podGroup + type: object required: - containers type: object diff --git a/operator/crds/execution.securecodebox.io_parsedefinitions.yaml b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml index faf8c61ccf..3428809ad3 100644 --- a/operator/crds/execution.securecodebox.io_parsedefinitions.yaml +++ b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml @@ -1142,7 +1142,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1705,8 +1705,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2470,6 +2473,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml index 57ced53aa0..7edaee293b 100644 --- a/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml +++ b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml @@ -1149,7 +1149,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1716,8 +1716,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2481,6 +2484,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_scans.yaml b/operator/crds/execution.securecodebox.io_scans.yaml index 1191be7f4f..4030618a34 100644 --- a/operator/crds/execution.securecodebox.io_scans.yaml +++ b/operator/crds/execution.securecodebox.io_scans.yaml @@ -2059,7 +2059,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -2708,6 +2710,13 @@ spec: scanType: description: The name of the scanType which should be started. type: string + suspend: + default: false + description: Suspend specifies whether the Scan should be suspended. + When a Scan is suspended, the reconciler will not process it, effectively + pausing all operations until it is resumed. This behaves similar + to the suspend field in Kubernetes Jobs. + type: boolean tolerations: description: Tolerations are a different way to control on which nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ @@ -2729,7 +2738,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -3293,8 +3302,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -4058,6 +4070,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_scantypes.yaml b/operator/crds/execution.securecodebox.io_scantypes.yaml index 392e42dce7..aa08ae534a 100644 --- a/operator/crds/execution.securecodebox.io_scantypes.yaml +++ b/operator/crds/execution.securecodebox.io_scantypes.yaml @@ -234,7 +234,6 @@ spec: it is required that specified type equals the pod condition type. type: string required: - - status - type type: object type: array @@ -2057,8 +2056,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -5049,8 +5049,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -6093,7 +6094,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -6738,9 +6739,11 @@ spec: - name type: object resources: - description: resources represents - the minimum resources the volume - should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -7536,6 +7539,16 @@ spec: CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName @@ -7942,6 +7955,34 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + workloadRef: + description: |- + WorkloadRef provides a reference to the Workload object that this Pod belongs to. + This field is used by the scheduler to identify the PodGroup and apply the + correct group scheduling policies. + properties: + name: + description: |- + Name defines the name of the Workload object this Pod belongs to. + Workload must be in the same namespace as the Pod. + type: string + podGroup: + description: |- + PodGroup is the name of the PodGroup within the Workload that this Pod + belongs to. If it doesn't match any existing PodGroup within the Workload, + the Pod will remain unschedulable until the Workload object is recreated + and observed by the kube-scheduler. + type: string + podGroupReplicaKey: + description: |- + PodGroupReplicaKey specifies the replica key of the PodGroup to which this + Pod belongs. It is used to distinguish pods belonging to different replicas + of the same pod group. The pod group policy is applied separately to each replica. + type: string + required: + - name + - podGroup + type: object required: - containers type: object diff --git a/operator/crds/execution.securecodebox.io_scheduledscans.yaml b/operator/crds/execution.securecodebox.io_scheduledscans.yaml index 4c93ddae24..d60101ac54 100644 --- a/operator/crds/execution.securecodebox.io_scheduledscans.yaml +++ b/operator/crds/execution.securecodebox.io_scheduledscans.yaml @@ -2107,7 +2107,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -2759,6 +2761,13 @@ spec: scanType: description: The name of the scanType which should be started. type: string + suspend: + default: false + description: Suspend specifies whether the Scan should be suspended. + When a Scan is suspended, the reconciler will not process it, + effectively pausing all operations until it is resumed. This + behaves similar to the suspend field in Kubernetes Jobs. + type: boolean tolerations: description: Tolerations are a different way to control on which nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ @@ -2780,7 +2789,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -3348,8 +3357,11 @@ spec: - name type: object resources: - description: resources represents the minimum - resources the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -4116,6 +4128,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName @@ -4525,6 +4547,13 @@ spec: format: int32 minimum: 0 type: integer + suspend: + default: false + description: Suspend specifies whether the ScheduledScan should be + suspended. When a ScheduledScan is suspended, no new Scans will + be created according to the schedule. This behaves similar to the + suspend field in Kubernetes CronJobs. + type: boolean required: - scanSpec type: object diff --git a/operator/docs/README.ArtifactHub.md b/operator/docs/README.ArtifactHub.md index f86b7a5fb0..bec0ea13b5 100644 --- a/operator/docs/README.ArtifactHub.md +++ b/operator/docs/README.ArtifactHub.md @@ -78,6 +78,8 @@ helm install securecodebox-operator oci://ghcr.io/securecodebox/helm/operator | customCACertificate | object | `{"certificate":"public.crt","existingCertificate":null}` | Setup for Custom CA certificates. These are automatically mounted into every secureCodeBox component (lurker, parser & hooks). Requires that every namespace has a configmap with the CA certificate(s) | | customCACertificate.certificate | string | `"public.crt"` | key in the configmap holding the certificate(s) | | customCACertificate.existingCertificate | string | `nil` | name of the configMap holding the ca certificate(s), needs to be the same across all namespaces | +| extraVolumeMounts | list | `[]` | Additional volume mounts to be mounted to the operator deployment | +| extraVolumes | list | `[]` | Additional volumes to be mounted to the operator deployment | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | | image.repository | string | `"docker.io/securecodebox/operator"` | The operator image repository | | image.tag | string | defaults to the charts version | Parser image tag | diff --git a/operator/go.mod b/operator/go.mod index da121f6656..8e2d78495c 100644 --- a/operator/go.mod +++ b/operator/go.mod @@ -4,39 +4,50 @@ module github.com/secureCodeBox/secureCodeBox/operator -go 1.24.5 +go 1.26.2 require ( github.com/go-logr/logr v1.4.3 - github.com/minio/minio-go/v7 v7.0.97 + github.com/minio/minio-go/v7 v7.1.0 github.com/mitchellh/hashstructure/v2 v2.0.2 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.38.2 - k8s.io/api v0.34.2 - k8s.io/apimachinery v0.34.2 - k8s.io/client-go v0.34.2 - sigs.k8s.io/controller-runtime v0.22.4 + github.com/onsi/gomega v1.41.0 + k8s.io/api v0.36.1 + k8s.io/apimachinery v0.36.1 + k8s.io/client-go v0.36.1 + sigs.k8s.io/controller-runtime v0.24.1 ) require ( - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect - github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.1 // indirect github.com/go-ini/ini v1.67.0 // indirect - github.com/google/btree v1.1.3 // indirect - github.com/google/gnostic-models v0.7.0 // indirect + github.com/go-openapi/swag/cmdutils v0.25.5 // indirect + github.com/go-openapi/swag/conv v0.25.5 // indirect + github.com/go-openapi/swag/fileutils v0.25.5 // indirect + github.com/go-openapi/swag/jsonname v0.25.5 // indirect + github.com/go-openapi/swag/jsonutils v0.25.5 // indirect + github.com/go-openapi/swag/loading v0.25.5 // indirect + github.com/go-openapi/swag/mangling v0.25.5 // indirect + github.com/go-openapi/swag/netutils v0.25.5 // indirect + github.com/go-openapi/swag/stringutils v0.25.5 // indirect + github.com/go-openapi/swag/typeutils v0.25.5 // indirect + github.com/go-openapi/swag/yamlutils v0.25.5 // indirect + github.com/google/gnostic-models v0.7.1 // indirect github.com/klauspost/crc32 v1.3.0 // indirect - github.com/minio/crc64nvme v1.1.0 // indirect + github.com/minio/crc64nvme v1.1.1 // indirect github.com/philhofer/fwd v1.2.0 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/tinylib/msgp v1.3.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/tinylib/msgp v1.6.3 // indirect github.com/x448/float16 v0.8.4 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + github.com/zeebo/xxh3 v1.1.0 // indirect + go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/sync v0.18.0 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + golang.org/x/sync v0.20.0 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect ) require ( @@ -47,48 +58,43 @@ require ( github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/go-logr/zapr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.21.1 // indirect - github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect + github.com/go-openapi/jsonpointer v0.22.5 // indirect + github.com/go-openapi/jsonreference v0.21.5 // indirect + github.com/go-openapi/swag v0.25.5 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/klauspost/compress v1.18.0 // indirect - github.com/klauspost/cpuid/v2 v2.2.11 // indirect - github.com/mailru/easyjson v0.9.0 // indirect + github.com/klauspost/compress v1.18.5 // indirect + github.com/klauspost/cpuid/v2 v2.3.0 // indirect github.com/minio/md5-simd v1.1.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.23.2 github.com/prometheus/client_model v0.6.2 // indirect - github.com/prometheus/common v0.66.1 // indirect - github.com/prometheus/procfs v0.16.1 // indirect + github.com/prometheus/common v0.67.5 // indirect + github.com/prometheus/procfs v0.20.1 // indirect github.com/robfig/cron v1.2.0 github.com/rs/xid v1.6.0 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/spf13/pflag v1.0.10 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.27.0 // indirect - golang.org/x/crypto v0.45.0 // indirect - golang.org/x/net v0.47.0 // indirect - golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sys v0.38.0 // indirect - golang.org/x/term v0.37.0 // indirect - golang.org/x/text v0.31.0 // indirect - golang.org/x/time v0.11.0 // indirect + go.uber.org/zap v1.27.1 // indirect + golang.org/x/crypto v0.49.0 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/term v0.41.0 // indirect + golang.org/x/text v0.35.0 // indirect + golang.org/x/time v0.15.0 // indirect gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect - google.golang.org/protobuf v1.36.8 // indirect + google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.34.1 // indirect - k8s.io/klog/v2 v2.130.1 - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/apiextensions-apiserver v0.36.0 // indirect + k8s.io/klog/v2 v2.140.0 + k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 // indirect + k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/yaml v1.6.0 // indirect ) diff --git a/operator/go.sum b/operator/go.sum index f185807b8f..2db86dae6c 100644 --- a/operator/go.sum +++ b/operator/go.sum @@ -10,8 +10,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= @@ -20,26 +20,52 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= -github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= -github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= +github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A= github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= -github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= -github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= -github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= -github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/jsonpointer v0.22.5 h1:8on/0Yp4uTb9f4XvTrM2+1CPrV05QPZXu+rvu2o9jcA= +github.com/go-openapi/jsonpointer v0.22.5/go.mod h1:gyUR3sCvGSWchA2sUBJGluYMbe1zazrYWIkWPjjMUY0= +github.com/go-openapi/jsonreference v0.21.5 h1:6uCGVXU/aNF13AQNggxfysJ+5ZcU4nEAe+pJyVWRdiE= +github.com/go-openapi/jsonreference v0.21.5/go.mod h1:u25Bw85sX4E2jzFodh1FOKMTZLcfifd1Q+iKKOUxExw= +github.com/go-openapi/swag v0.25.5 h1:pNkwbUEeGwMtcgxDr+2GBPAk4kT+kJ+AaB+TMKAg+TU= +github.com/go-openapi/swag v0.25.5/go.mod h1:B3RT6l8q7X803JRxa2e59tHOiZlX1t8viplOcs9CwTA= +github.com/go-openapi/swag/cmdutils v0.25.5 h1:yh5hHrpgsw4NwM9KAEtaDTXILYzdXh/I8Whhx9hKj7c= +github.com/go-openapi/swag/cmdutils v0.25.5/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.5 h1:wAXBYEXJjoKwE5+vc9YHhpQOFj2JYBMF2DUi+tGu97g= +github.com/go-openapi/swag/conv v0.25.5/go.mod h1:CuJ1eWvh1c4ORKx7unQnFGyvBbNlRKbnRyAvDvzWA4k= +github.com/go-openapi/swag/fileutils v0.25.5 h1:B6JTdOcs2c0dBIs9HnkyTW+5gC+8NIhVBUwERkFhMWk= +github.com/go-openapi/swag/fileutils v0.25.5/go.mod h1:V3cT9UdMQIaH4WiTrUc9EPtVA4txS0TOmRURmhGF4kc= +github.com/go-openapi/swag/jsonname v0.25.5 h1:8p150i44rv/Drip4vWI3kGi9+4W9TdI3US3uUYSFhSo= +github.com/go-openapi/swag/jsonname v0.25.5/go.mod h1:jNqqikyiAK56uS7n8sLkdaNY/uq6+D2m2LANat09pKU= +github.com/go-openapi/swag/jsonutils v0.25.5 h1:XUZF8awQr75MXeC+/iaw5usY/iM7nXPDwdG3Jbl9vYo= +github.com/go-openapi/swag/jsonutils v0.25.5/go.mod h1:48FXUaz8YsDAA9s5AnaUvAmry1UcLcNVWUjY42XkrN4= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5 h1:SX6sE4FrGb4sEnnxbFL/25yZBb5Hcg1inLeErd86Y1U= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5/go.mod h1:/2KvOTrKWjVA5Xli3DZWdMCZDzz3uV/T7bXwrKWPquo= +github.com/go-openapi/swag/loading v0.25.5 h1:odQ/umlIZ1ZVRteI6ckSrvP6e2w9UTF5qgNdemJHjuU= +github.com/go-openapi/swag/loading v0.25.5/go.mod h1:I8A8RaaQ4DApxhPSWLNYWh9NvmX2YKMoB9nwvv6oW6g= +github.com/go-openapi/swag/mangling v0.25.5 h1:hyrnvbQRS7vKePQPHHDso+k6CGn5ZBs5232UqWZmJZw= +github.com/go-openapi/swag/mangling v0.25.5/go.mod h1:6hadXM/o312N/h98RwByLg088U61TPGiltQn71Iw0NY= +github.com/go-openapi/swag/netutils v0.25.5 h1:LZq2Xc2QI8+7838elRAaPCeqJnHODfSyOa7ZGfxDKlU= +github.com/go-openapi/swag/netutils v0.25.5/go.mod h1:lHbtmj4m57APG/8H7ZcMMSWzNqIQcu0RFiXrPUara14= +github.com/go-openapi/swag/stringutils v0.25.5 h1:NVkoDOA8YBgtAR/zvCx5rhJKtZF3IzXcDdwOsYzrB6M= +github.com/go-openapi/swag/stringutils v0.25.5/go.mod h1:PKK8EZdu4QJq8iezt17HM8RXnLAzY7gW0O1KKarrZII= +github.com/go-openapi/swag/typeutils v0.25.5 h1:EFJ+PCga2HfHGdo8s8VJXEVbeXRCYwzzr9u4rJk7L7E= +github.com/go-openapi/swag/typeutils v0.25.5/go.mod h1:itmFmScAYE1bSD8C4rS0W+0InZUBrB2xSPbWt6DLGuc= +github.com/go-openapi/swag/yamlutils v0.25.5 h1:kASCIS+oIeoc55j28T4o8KwlV2S4ZLPT6G0iq2SSbVQ= +github.com/go-openapi/swag/yamlutils v0.25.5/go.mod h1:Gek1/SjjfbYvM+Iq4QGwa/2lEXde9n2j4a3wI3pNuOQ= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0 h1:7SgOMTvJkM8yWrQlU8Jm18VeDPuAvB/xWrdxFJkoFag= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0/go.mod h1:14iV8jyyQlinc9StD7w1xVPW3CO3q1Gj04Jy//Kw4VM= +github.com/go-openapi/testify/v2 v2.4.0 h1:8nsPrHVCWkQ4p8h1EsRVymA2XABB4OT40gcvAu+voFM= +github.com/go-openapi/testify/v2 v2.4.0/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= @@ -47,10 +73,8 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= -github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= -github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= +github.com/google/gnostic-models v0.7.1/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -64,17 +88,13 @@ github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo= -github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ= +github.com/klauspost/compress v1.18.5 h1:/h1gH5Ce+VWNLSWqPzOVn6XBO+vJbCNGvjoaGBFW2IE= +github.com/klauspost/compress v1.18.5/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ= github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= -github.com/klauspost/cpuid/v2 v2.2.11 h1:0OwqZRYI2rFrjS4kvkDnqJkKHdHaRnCm68/DY4OxRzU= -github.com/klauspost/cpuid/v2 v2.2.11/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0= +github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y= +github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0= github.com/klauspost/crc32 v1.3.0 h1:sSmTt3gUt81RP655XGZPElI0PelVTZ6YwCRnPSupoFM= github.com/klauspost/crc32 v1.3.0/go.mod h1:D7kQaZhnkX/Y0tstFGf8VUzv2UofNGqCjnC3zdHB0Hw= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -83,14 +103,12 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= -github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= -github.com/minio/crc64nvme v1.1.0 h1:e/tAguZ+4cw32D+IO/8GSf5UVr9y+3eJcxZI2WOO/7Q= -github.com/minio/crc64nvme v1.1.0/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg= +github.com/minio/crc64nvme v1.1.1 h1:8dwx/Pz49suywbO+auHCBpCtlW1OfpcLN7wYgVR6wAI= +github.com/minio/crc64nvme v1.1.1/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg= github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= -github.com/minio/minio-go/v7 v7.0.97 h1:lqhREPyfgHTB/ciX8k2r8k0D93WaFqxbJX36UZq5occ= -github.com/minio/minio-go/v7 v7.0.97/go.mod h1:re5VXuo0pwEtoNLsNuSr0RrLfT/MBtohwdaSmPPSRSk= +github.com/minio/minio-go/v7 v7.1.0 h1:QEt5IStDpxgGjEdtOgpiZ5QhmSl3ax7qy61vi2SwHO8= +github.com/minio/minio-go/v7 v7.1.0/go.mod h1:Dm7WS1AgLmBa0NcQD6SeJnJf+K/EUW3GR7Ks6olB3OA= github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4= github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -108,34 +126,35 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.25.1 h1:Fwp6crTREKM+oA6Cz4MsO8RhKQzs2/gOIVOUscMAfZY= -github.com/onsi/ginkgo/v2 v2.25.1/go.mod h1:ppTWQ1dh9KM/F1XgpeRqelR+zHVwV81DGRSDnFxK7Sk= +github.com/onsi/ginkgo/v2 v2.27.4 h1:fcEcQW/A++6aZAZQNUmNjvA9PSOzefMJBerHJ4t8v8Y= +github.com/onsi/ginkgo/v2 v2.27.4/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= -github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= +github.com/onsi/gomega v1.41.0 h1:OwKp4pXNgVxf6sCplzYo794OFNuoL2q2SBMU5NSWOjA= +github.com/onsi/gomega v1.41.0/go.mod h1:M/Uqpu/8qTjtzCLUA2zJHX9Iilrau25x1PdoSRbWh5A= github.com/philhofer/fwd v1.2.0 h1:e6DnBTl7vGY+Gz322/ASL4Gyp1FspeMvx1RNDoToZuM= github.com/philhofer/fwd v1.2.0/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= -github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= -github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= -github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= -github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= +github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4= +github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw= +github.com/prometheus/procfs v0.20.1 h1:XwbrGOIplXW/AU3YhIhLODXMJYyC1isLFfYCsTEycfc= +github.com/prometheus/procfs v0.20.1/go.mod h1:o9EMBZGRyvDrSPH1RqdxhojkuXstoe4UlK79eF5TGGo= github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ= github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU= github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -143,47 +162,47 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/tinylib/msgp v1.3.0 h1:ULuf7GPooDaIlbyvgAxBV/FI7ynli6LZ1/nVUNu+0ww= -github.com/tinylib/msgp v1.3.0/go.mod h1:ykjzy2wzgrlvpDCRc4LA8UXy6D8bzMSuAF3WD57Gok0= +github.com/tinylib/msgp v1.6.3 h1:bCSxiTz386UTgyT1i0MSCvdbWjVW+8sG3PjkGsZQt4s= +github.com/tinylib/msgp v1.6.3/go.mod h1:RSp0LW9oSxFut3KzESt5Voq4GVWyS+PSulT77roAqEA= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= -go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= +github.com/zeebo/assert v1.3.0 h1:g7C04CbJuIDKNPFHmsk4hwZDO5O+kntRxzaUoNXj+IQ= +github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= +github.com/zeebo/xxh3 v1.1.0 h1:s7DLGDK45Dyfg7++yxI0khrfwq9661w9EN78eP/UZVs= +github.com/zeebo/xxh3 v1.1.0/go.mod h1:IisAie1LELR4xhVinxWS5+zf1lA4p0MW4T+w+W07F5s= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= -go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc= +go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= +go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= -golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= +golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= +golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= -golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= -golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -193,23 +212,21 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= -golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= -golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= -golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= +golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= -golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= +golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= +golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -222,13 +239,13 @@ google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQ google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= -google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -239,27 +256,27 @@ gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.2 h1:fsSUNZhV+bnL6Aqrp6O7lMTy6o5x2C4XLjnh//8SLYY= -k8s.io/api v0.34.2/go.mod h1:MMBPaWlED2a8w4RSeanD76f7opUoypY8TFYkSM+3XHw= -k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI= -k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= -k8s.io/apimachinery v0.34.2 h1:zQ12Uk3eMHPxrsbUJgNF8bTauTVR2WgqJsTmwTE/NW4= -k8s.io/apimachinery v0.34.2/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.2 h1:Co6XiknN+uUZqiddlfAjT68184/37PS4QAzYvQvDR8M= -k8s.io/client-go v0.34.2/go.mod h1:2VYDl1XXJsdcAxw7BenFslRQX28Dxz91U9MWKjX97fE= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= -sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +k8s.io/api v0.36.1 h1:XbL/EMj8K2aJpJtePmqUyQMsM0D4QI2pvl7YKJ20FTY= +k8s.io/api v0.36.1/go.mod h1:KOWo4ey3TINlXjeHVuwB3i+tXXnu+UcwFBHlI/9dvEo= +k8s.io/apiextensions-apiserver v0.36.0 h1:Wt7E8J+VBCbj4FjiBfDTK/neXDDjyJVJc7xfuOHImZ0= +k8s.io/apiextensions-apiserver v0.36.0/go.mod h1:kGDjH0msuiIB3tgsYRV0kS9GqpMYMUsQ3GHv7TApyug= +k8s.io/apimachinery v0.36.1 h1:G63Gjx2W+q0YD+72Vo8oY0nDnePVwnuzTmmy5ENrVSA= +k8s.io/apimachinery v0.36.1/go.mod h1:ibYOR00vW/I1kzvi5SF0dRuJ52BvKtfvRdOn35GPQ+8= +k8s.io/client-go v0.36.1 h1:FN/K8QIT2CEDt+2WB2HnWrUANZ50AP5GII43/SP2JR0= +k8s.io/client-go v0.36.1/go.mod h1:s6rAnCtTGYDQnpNjEhSaISV+2O8jwruZ6m3QOYBFbtU= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 h1:V+sn9a/1fEYDGwnllCmqXBk8x7obZ+hl869Q3Abumkg= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/controller-runtime v0.24.1 h1:miPEwrmirImAvgME1L9qebGHrOnGJoVmVdtOU9fRfo4= +sigs.k8s.io/controller-runtime v0.24.1/go.mod h1:vFkfY5fGt5xAC/sKb8IBFKgWPNKG9OUG29dR8Y2wImw= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/operator/templates/manager/manager.yaml b/operator/templates/manager/manager.yaml index a0ea088958..a6661074e8 100644 --- a/operator/templates/manager/manager.yaml +++ b/operator/templates/manager/manager.yaml @@ -19,11 +19,16 @@ spec: labels: control-plane: securecodebox-controller-manager spec: - {{- if .Values.customCACertificate.existingCertificate }} + {{- if or .Values.customCACertificate.existingCertificate .Values.extraVolumes }} volumes: + {{- if .Values.customCACertificate.existingCertificate }} - name: ca-certificate configMap: name: {{ .Values.customCACertificate.existingCertificate }} + {{- end }} + {{- range .Values.extraVolumes }} + - {{ toYaml . | nindent 10 }} + {{- end }} {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }} securityContext: @@ -38,11 +43,16 @@ spec: args: - --leader-elect image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" - {{- if .Values.customCACertificate.existingCertificate }} + {{- if or .Values.customCACertificate.existingCertificate .Values.extraVolumeMounts }} volumeMounts: + {{- if .Values.customCACertificate.existingCertificate }} - name: ca-certificate mountPath: /etc/ssl/certs/{{ .Values.customCACertificate.certificate }} subPath: {{ .Values.customCACertificate.certificate }} + {{- end }} + {{- range .Values.extraVolumeMounts }} + - {{ toYaml . | nindent 14 }} + {{- end }} {{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: manager @@ -90,7 +100,7 @@ spec: value: {{ .Values.s3.bucket }} {{- if .Values.s3.port }} - name: S3_PORT - value: {{ .Values.s3.port }} + value: {{ .Values.s3.port | quote }} {{- end }} - name: S3_AUTH_TYPE value: {{ .Values.s3.authType }} diff --git a/operator/utils/hash_test.go b/operator/utils/hash_test.go index 8e1ae9c77a..b613f35bfa 100644 --- a/operator/utils/hash_test.go +++ b/operator/utils/hash_test.go @@ -53,7 +53,7 @@ var _ = Describe("ScanType Hashing", func() { It("should hash scantype consistently", func() { hashValues := HashScanType(scanType) // note: this hash changes with every kubernetes release as kubernetes adds new field to their objects which causes the hashes to change. - Expect(hashValues).To(Equal(uint64(11099598195720215515)), "Should hash scantype consistently") + Expect(hashValues).To(Equal(uint64(17583048783387018824)), "Should hash scantype consistently") }) It("should ignore non-scb annotations on the scantypes", func() { diff --git a/operator/values.yaml b/operator/values.yaml index e77448e746..468a21c4f2 100644 --- a/operator/values.yaml +++ b/operator/values.yaml @@ -29,6 +29,32 @@ customCACertificate: # -- key in the configmap holding the certificate(s) certificate: "public.crt" + +# -- Additional volumes to be mounted to the operator deployment +extraVolumes: [ ] +# Example: +# extraVolumes: +# - name: ssl-certificates +# secret: +# secretName: ssl-cert-secret +# - name: config-volume +# configMap: +# name: operator-config +# - name: cache-volume +# emptyDir: {} + +# -- Additional volume mounts to be mounted to the operator deployment +extraVolumeMounts: [ ] +# Example: +# extraVolumeMounts: +# - name: ssl-certificates +# mountPath: /etc/ssl/certs +# readOnly: true +# - name: config-volume +# mountPath: /etc/config +# - name: cache-volume +# mountPath: /cache + serviceAccount: # -- Name of the serviceAccount the operator uses to talk to the k8s api name: securecodebox-operator diff --git a/parser-sdk/nodejs/Makefile b/parser-sdk/nodejs/Makefile deleted file mode 100644 index 8a0ad23176..0000000000 --- a/parser-sdk/nodejs/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -sdk = parser-sdk -include_guard = set -include ../../sdk.mk diff --git a/parser-sdk/nodejs/Taskfile.yaml b/parser-sdk/nodejs/Taskfile.yaml new file mode 100644 index 0000000000..28a3d0a445 --- /dev/null +++ b/parser-sdk/nodejs/Taskfile.yaml @@ -0,0 +1,39 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.48.0" + +env: + IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +vars: + SDK_NAME: parser-sdk + +tasks: + docker-build: + desc: "Build the parser-sdk Docker image" + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + cmds: + - 'echo "Building {{ .SDK_NAME }}-nodejs image with tag ${IMG_TAG}"' + - docker build -t ${IMG_NS}/{{ .SDK_NAME }}-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }} + status: + - docker images | grep -q "${IMG_NS}/{{ .SDK_NAME }}-nodejs:${IMG_TAG}" || false + + docker-export: + desc: "Export the parser-sdk Docker image to a tar file" + deps: [docker-build] + cmds: + - 'echo "Exporting {{ .SDK_NAME }}-nodejs image to tar file"' + - docker save ${IMG_NS}/{{ .SDK_NAME }}-nodejs:${IMG_TAG} -o {{ .SDK_NAME }}.tar + + kind-import: + desc: "Import the parser-sdk Docker image into kind cluster" + deps: [docker-export] + cmds: + - 'echo "Importing {{ .SDK_NAME }}.tar to local kind cluster"' + - kind load image-archive ./{{ .SDK_NAME }}.tar diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index fe50ae78f8..59b8137a5d 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -10,13 +10,13 @@ "license": "Apache-2.0", "dependencies": { "@kubernetes/client-node": "^1.4.0", - "ajv": "^8.17.1", + "ajv": "^8.20.0", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^24.10.1" + "@types/node": "^25.7.0" } }, "node_modules/@jsep-plugin/assignment": { @@ -66,6 +66,14 @@ "ws": "^8.18.2" } }, + "node_modules/@kubernetes/client-node/node_modules/@types/node": { + "version": "24.10.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.4.tgz", + "integrity": "sha512-vnDVpYPMzs4wunl27jHrfmwojOGKya0xyM3sH+UE5iv5uPS6vX7UIoh6m+vQc5LGBq52HBKPIn/zcSZVzeDEZg==", + "dependencies": { + "undici-types": "~7.16.0" + } + }, "node_modules/@types/js-yaml": { "version": "4.0.9", "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", @@ -73,11 +81,11 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "24.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz", - "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==", + "version": "25.7.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz", + "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==", "dependencies": { - "undici-types": "~7.16.0" + "undici-types": "~7.21.0" } }, "node_modules/@types/node-fetch": { @@ -89,6 +97,11 @@ "form-data": "^4.0.4" } }, + "node_modules/@types/node/node_modules/undici-types": { + "version": "7.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz", + "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==" + }, "node_modules/@types/stream-buffers": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", @@ -108,9 +121,9 @@ } }, "node_modules/ajv": { - "version": "8.17.1", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", - "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "version": "8.20.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.20.0.tgz", + "integrity": "sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==", "dependencies": { "fast-deep-equal": "^3.1.3", "fast-uri": "^3.0.1", @@ -362,9 +375,20 @@ "license": "MIT" }, "node_modules/fast-uri": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz", - "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz", + "integrity": "sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fastify" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/fastify" + } + ], + "license": "BSD-3-Clause" }, "node_modules/form-data": { "version": "4.0.4", @@ -481,14 +505,10 @@ } }, "node_modules/ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "version": "10.2.0", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", + "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==", "license": "MIT", - "dependencies": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - }, "engines": { "node": ">= 12" } @@ -520,12 +540,6 @@ "js-yaml": "bin/js-yaml.js" } }, - "node_modules/jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", - "license": "MIT" - }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", @@ -682,12 +696,12 @@ } }, "node_modules/socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.8.tgz", + "integrity": "sha512-NlGELfPrgX2f1TAAcz0WawlLn+0r3FyhhCRpFFK2CemXenPYvzMWWZINv3eDNo9ucdwme7oCHRY0Jnbs4aIkog==", "license": "MIT", "dependencies": { - "ip-address": "^9.0.5", + "ip-address": "^10.1.1", "smart-buffer": "^4.2.0" }, "engines": { @@ -709,12 +723,6 @@ "node": ">= 14" } }, - "node_modules/sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", - "license": "BSD-3-Clause" - }, "node_modules/stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", @@ -804,9 +812,9 @@ "license": "ISC" }, "node_modules/ws": { - "version": "8.18.2", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", - "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", + "version": "8.20.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz", + "integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==", "license": "MIT", "engines": { "node": ">=10.0.0" @@ -859,6 +867,16 @@ "stream-buffers": "^3.0.2", "tar-fs": "^3.0.9", "ws": "^8.18.2" + }, + "dependencies": { + "@types/node": { + "version": "24.10.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.4.tgz", + "integrity": "sha512-vnDVpYPMzs4wunl27jHrfmwojOGKya0xyM3sH+UE5iv5uPS6vX7UIoh6m+vQc5LGBq52HBKPIn/zcSZVzeDEZg==", + "requires": { + "undici-types": "~7.16.0" + } + } } }, "@types/js-yaml": { @@ -867,11 +885,18 @@ "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" }, "@types/node": { - "version": "24.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz", - "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==", + "version": "25.7.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz", + "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==", "requires": { - "undici-types": "~7.16.0" + "undici-types": "~7.21.0" + }, + "dependencies": { + "undici-types": { + "version": "7.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz", + "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==" + } } }, "@types/node-fetch": { @@ -897,9 +922,9 @@ "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" }, "ajv": { - "version": "8.17.1", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", - "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "version": "8.20.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.20.0.tgz", + "integrity": "sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==", "requires": { "fast-deep-equal": "^3.1.3", "fast-uri": "^3.0.1", @@ -1065,9 +1090,9 @@ "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" }, "fast-uri": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz", - "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz", + "integrity": "sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==" }, "form-data": { "version": "4.0.4", @@ -1144,13 +1169,9 @@ "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" }, "ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", - "requires": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - } + "version": "10.2.0", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", + "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==" }, "isomorphic-ws": { "version": "5.0.0", @@ -1171,11 +1192,6 @@ "argparse": "^2.0.1" } }, - "jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" - }, "jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", @@ -1279,11 +1295,11 @@ "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" }, "socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.8.tgz", + "integrity": "sha512-NlGELfPrgX2f1TAAcz0WawlLn+0r3FyhhCRpFFK2CemXenPYvzMWWZINv3eDNo9ucdwme7oCHRY0Jnbs4aIkog==", "requires": { - "ip-address": "^9.0.5", + "ip-address": "^10.1.1", "smart-buffer": "^4.2.0" } }, @@ -1297,11 +1313,6 @@ "socks": "^2.8.3" } }, - "sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" - }, "stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", @@ -1376,9 +1387,9 @@ "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" }, "ws": { - "version": "8.18.2", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", - "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", + "version": "8.20.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz", + "integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==", "requires": {} } } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index 29394bc26c..2214eee597 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -12,12 +12,12 @@ }, "dependencies": { "@kubernetes/client-node": "^1.4.0", - "ajv": "^8.17.1", + "ajv": "^8.20.0", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^24.10.1" + "@types/node": "^25.7.0" } } diff --git a/prerequisites.mk b/prerequisites.mk deleted file mode 100644 index 645eb340a8..0000000000 --- a/prerequisites.mk +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# This is an include file for our module make files to check some prerequisite. -# - -# Here we check that the path to the project directory does not contain white spaces. -# -# We do not allow white spaces for reasons (See https://github.com/secureCodeBox/secureCodeBox/issues/1353). -# This is an implementation which should work in any shell (some CI jobs use /bin/sh): It removes spaces from the tested -# var and compares it with the original string. If they're same there are no spaces in string. -PROJECT_DIR_CLEANSED=$(shell printf "%s" $(PROJECT_DIR)) -PROJECT_PATH_CONTAINS_WHITESPACES=$(shell if [ "$(PROJECT_DIR)" = "$(PROJECT_DIR_CLEANSED)" ]; then echo 0; else echo 1; fi) -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq ($(PROJECT_PATH_CONTAINS_WHITESPACES),1) -$(error The path to this repo ($(PROJECT_DIR)) contains white spaces and make can't deal with this! \ -Move or checkout this project to a location w/o spaces in the direcotry path) -endif - -# Here we check for a proper installed Python. -PYTHON = $(shell which python3) -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq ($(PYTHON),) -PYTHON = $(shell which python) -ifeq ($(PYTHON),) -$(error PYTHON=$(PYTHON) not found in $(PATH)) -endif -endif - -PYTHON_VERSION_MIN=3.0 -PYTHON_VERSION=$(shell $(PYTHON) -c \ -'import sys; print(float(str(sys.version_info[0]) + "." + str(sys.version_info[1])))') -PYTHON_VERSION_OK=$(shell $(PYTHON) -c 'print(int($(PYTHON_VERSION) >= $(PYTHON_VERSION_MIN)))' ) - -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq ($(PYTHON_VERSION_OK), 0) # True == 1 -$(error Need python version >= $(PYTHON_VERSION_MIN) (current: $(PYTHON_VERSION))) -endif - -# Here wecheck that all necessary 3rd party tools are present. -# Thx to https://stackoverflow.com/questions/5618615/check-if-a-program-exists-from-a-makefile -PREREQUISITES = make docker kind git node npm npx kubectl helm yq java go -# Python is separated here (and added hardcoded in the error message) because it will lead to clunky python binary -# paths in the error message if one uses PyEnv, instead of simply the tool name to install. -EXECUTABLES = $(PREREQUISITES) $(PYTHON) -ALL_EXECUTABLES_OK := $(foreach exec,\ - $(EXECUTABLES),\ - $(if $(shell which $(exec)),\ - some string,\ - $(error "The prerequisites are not met to execute this makefile! No '$(exec)' found in your PATH. Install all these tools: $(PREREQUISITES) python"))\ -) diff --git a/renovate.json b/renovate.json index 38ce5f46f8..a03a404800 100644 --- a/renovate.json +++ b/renovate.json @@ -42,6 +42,19 @@ "# renovate: datasource=github-releases depName=(?.*?)\\s*\\w+_VERSION:\\s*[\"']?(?[^\"'\\s]+)[\"']?" ], "datasourceTemplate": "github-releases" + }, + { + "customType": "regex", + "description": "Update pinned tool versions in Makefiles (e.g. CONTROLLER_TOOLS_VERSION)", + "managerFilePatterns": [ + "/operator/Makefile$", + "/auto-discovery/cloud-aws/Makefile$", + "/auto-discovery/kubernetes/Makefile$" + ], + "matchStrings": [ + "# renovate: datasource=(?.*?) depName=(?.*?)\\s*\\w+[_A-Z]* [?]?= (?[^\\s]+)" + ], + "datasourceTemplate": "github-releases" } ] } diff --git a/scanners.mk b/scanners.mk deleted file mode 100644 index ee72a220f5..0000000000 --- a/scanners.mk +++ /dev/null @@ -1,99 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# This include is a base for all scanners make files. - -name = ${scanner} - -include ../../test-base.mk -include ../../env-paths.mk -# Telling the env-paths file where the root project dir is. This is done to allow the generation of the paths of the -# different project folders relative to where the makefile is being run from. So BIN_DIR= $(PROJECT_DIR)/bin will be -# BIN_DIR=../../bin -PROJECT_DIR=../.. - -module = $(scanner-prefix) - -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq ($(custom_scanner),) -docker-build: | docker-build-parser -docker-export: | docker-export-parser -kind-import: | kind-import-parser -deploy: deploy-without-scanner -else -docker-build: | docker-build-parser docker-build-scanner -docker-export: | docker-export-parser docker-export-scanner -kind-import: | kind-import-parser kind-import-scanner -deploy: deploy-with-scanner -endif - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-js module=$(parser-prefix) - -.PHONY: helm-unit-tests -helm-unit-tests: - echo "Running helm unit tests for $(name)"; \ - helm unittest . \ - -.PHONY: install-deps -install-deps: - @$(MAKE) -s install-deps-js module=$(parser-prefix) - -.PHONY: docker-build-parser -docker-build-parser: - @$(MAKE) -s common-docker-build module=$(parser-prefix) - -.PHONY: docker-export-parser -docker-export-parser: - @$(MAKE) -s common-docker-export module=$(parser-prefix) - -.PHONY: kind-import-parser -kind-import-parser: - @$(MAKE) -s common-kind-import module=$(parser-prefix) - -.PHONY: docker-build-scanner -docker-build-scanner: - @$(MAKE) -s common-docker-build - -.PHONY: docker-export-scanner -docker-export-scanner: - @$(MAKE) -s common-docker-export - -.PHONY: kind-import-scanner -kind-import-scanner: - @$(MAKE) -s common-kind-import - -.PHONY: deploy-without-scanner -deploy-without-scanner: - @echo ".: 💾 Deploying '$(name)' $(scanner-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="scanner.backoffLimit=1" - -.PHONY: deploy-with-scanner -deploy-with-scanner: - @echo ".: 💾 Deploying '$(name)' $(scanner-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(name)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="scanner.backoffLimit=1" - -.PHONY: integration-tests -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - cd $(SCANNERS_DIR) && npm ci && cd $(scanner)/integration-tests && npm run test:integration -- $(scanner)/integration-tests diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml index 24f21e5397..bcb30de22a 100644 --- a/scanners/Taskfile.yaml +++ b/scanners/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: demo-targets: @@ -27,6 +27,8 @@ env: tasks: build: desc: Build the Docker image for the {{ .scannerName }} scanner + requires: + vars: [scannerName] status: - docker images | grep -q "docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG}" || false - docker images | grep -q "docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG}" || false @@ -82,29 +84,38 @@ tasks: # test:setup tasks test:setup:parser-sdk: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}/../parser-sdk/nodejs' status: - - "[ -d {{ .TASKFILE_DIR }}/../parser-sdk/nodejs/node_modules ] || false" + - test -d node_modules cmds: - - cd {{ .TASKFILE_DIR }}/../parser-sdk/nodejs/ && bun install + - bun install test:setup:scanner-dir: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}' status: - - "[ -d {{ .TASKFILE_DIR }}/node_modules ] || false" + - test -d node_modules cmds: - - cd {{ .TASKFILE_DIR }}/ && bun install + - bun install test:setup:test-helpers: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}/../tests/integration' status: - - "[ -d {{ .TASKFILE_DIR }}/../tests/integration/node_modules ] || false" + - test -d node_modules cmds: - - cd {{ .TASKFILE_DIR }}/../tests/integration && bun install + - bun install test:setup:parser-deps: internal: true + run: once + dir: '{{ .TASKFILE_DIR }}/{{ .scannerName }}/parser' status: - - '{{ if eq "true" .parserUsesNpmDependencies -}}[ -d {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/node_modules ] || false{{ else -}}true{{ end -}}' + - '{{ if eq "true" .parserUsesNpmDependencies }}test -d node_modules{{ else }}true{{ end }}' cmds: - - cd {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ && bun install + - bun install test:setup: + run: once cmds: - task: test:setup:parser-sdk - task: test:setup:scanner-dir @@ -154,6 +165,6 @@ tasks: test: desc: Run all tests for the {{ .scannerName }} scanner cmds: - - task test:unit - - task test:helm - - task test:integration + - task: test:unit + - task: test:helm + - task: test:integration diff --git a/scanners/ffuf/Taskfile.yaml b/scanners/ffuf/Taskfile.yaml index b112e9f6e5..acb3c4ea6e 100644 --- a/scanners/ffuf/Taskfile.yaml +++ b/scanners/ffuf/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/ffuf/scanner/Dockerfile b/scanners/ffuf/scanner/Dockerfile index cebb7fb391..9c405031b1 100644 --- a/scanners/ffuf/scanner/Dockerfile +++ b/scanners/ffuf/scanner/Dockerfile @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM --platform=$BUILDPLATFORM golang:1.25-alpine AS builder +FROM --platform=$BUILDPLATFORM golang:1.26-alpine AS builder ARG scannerVersion RUN GOOS="$TARGETOS" GOARCH="$TARGETARCH" CGO_ENABLED=0 go install github.com/ffuf/ffuf/v2@$scannerVersion diff --git a/scanners/git-repo-scanner/.helm-docs.gotmpl b/scanners/git-repo-scanner/.helm-docs.gotmpl index 430ba846e5..285100b5bd 100644 --- a/scanners/git-repo-scanner/.helm-docs.gotmpl +++ b/scanners/git-repo-scanner/.helm-docs.gotmpl @@ -25,7 +25,7 @@ usecase: "Discover Git repositories" {{- define "extra.chartAboutSection" -}} ## What is Git-Repo-Scanner? -Git-Repo-Scanner is a small Python script which discovers repositories on GitHub or GitLab. The main purpose of this scanner +Git-Repo-Scanner is a small Go project which discovers repositories on GitHub or GitLab. The main purpose of this scanner is to provide a cascading input for the [gitleaks](https://www.securecodebox.io/docs/scanners/gitleaks) and [semgrep](https://www.securecodebox.io/docs/scanners/semgrep) scanners. {{- end }} @@ -36,9 +36,9 @@ The scanner options can be divided into two groups for Gitlab and GitHub. You ca repository type with the option: ```bash ---git-type github +--git-type GitHub or ---git-type Gitlab +--git-type GitLab ``` #### GitHub diff --git a/scanners/git-repo-scanner/README.md b/scanners/git-repo-scanner/README.md index 1415a9501a..115ea5a5e3 100644 --- a/scanners/git-repo-scanner/README.md +++ b/scanners/git-repo-scanner/README.md @@ -35,7 +35,7 @@ Otherwise your changes will be reverted/overwritten automatically due to the bui ## What is Git-Repo-Scanner? -Git-Repo-Scanner is a small Python script which discovers repositories on GitHub or GitLab. The main purpose of this scanner +Git-Repo-Scanner is a small Go project which discovers repositories on GitHub or GitLab. The main purpose of this scanner is to provide a cascading input for the [gitleaks](https://www.securecodebox.io/docs/scanners/gitleaks) and [semgrep](https://www.securecodebox.io/docs/scanners/semgrep) scanners. ## Deployment @@ -52,9 +52,9 @@ The scanner options can be divided into two groups for Gitlab and GitHub. You ca repository type with the option: ```bash ---git-type github +--git-type GitHub or ---git-type Gitlab +--git-type GitLab ``` #### GitHub diff --git a/scanners/git-repo-scanner/Taskfile.yaml b/scanners/git-repo-scanner/Taskfile.yaml index a7b2ce668b..b3037b56b2 100644 --- a/scanners/git-repo-scanner/Taskfile.yaml +++ b/scanners/git-repo-scanner/Taskfile.yaml @@ -2,13 +2,21 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: taskfile: ../Taskfile.yaml flatten: true + excludes: [test:unit] vars: scannerName: git-repo-scanner -tasks: {} +tasks: + test:unit: + desc: Run unit tests for git-repo-scanner + deps: + - test:setup + cmds: + - bun test {{ .TASKFILE_DIR }}/parser/ + - cd {{ .TASKFILE_DIR }}/scanner && go test ./... diff --git a/scanners/git-repo-scanner/docs/README.ArtifactHub.md b/scanners/git-repo-scanner/docs/README.ArtifactHub.md index b97cfb120a..7745c02819 100644 --- a/scanners/git-repo-scanner/docs/README.ArtifactHub.md +++ b/scanners/git-repo-scanner/docs/README.ArtifactHub.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## What is Git-Repo-Scanner? -Git-Repo-Scanner is a small Python script which discovers repositories on GitHub or GitLab. The main purpose of this scanner +Git-Repo-Scanner is a small Go project which discovers repositories on GitHub or GitLab. The main purpose of this scanner is to provide a cascading input for the [gitleaks](https://www.securecodebox.io/docs/scanners/gitleaks) and [semgrep](https://www.securecodebox.io/docs/scanners/semgrep) scanners. ## Deployment @@ -59,9 +59,9 @@ The scanner options can be divided into two groups for Gitlab and GitHub. You ca repository type with the option: ```bash ---git-type github +--git-type GitHub or ---git-type Gitlab +--git-type GitLab ``` #### GitHub diff --git a/scanners/git-repo-scanner/docs/README.DockerHub-Parser.md b/scanners/git-repo-scanner/docs/README.DockerHub-Parser.md index 4d47351943..f22f6a2f0a 100644 --- a/scanners/git-repo-scanner/docs/README.DockerHub-Parser.md +++ b/scanners/git-repo-scanner/docs/README.DockerHub-Parser.md @@ -53,7 +53,7 @@ docker pull securecodebox/parser-git-repo-scanner ## What is Git-Repo-Scanner? -Git-Repo-Scanner is a small Python script which discovers repositories on GitHub or GitLab. The main purpose of this scanner +Git-Repo-Scanner is a small Go project which discovers repositories on GitHub or GitLab. The main purpose of this scanner is to provide a cascading input for the [gitleaks](https://www.securecodebox.io/docs/scanners/gitleaks) and [semgrep](https://www.securecodebox.io/docs/scanners/semgrep) scanners. ## Community diff --git a/scanners/git-repo-scanner/docs/README.DockerHub-Scanner.md b/scanners/git-repo-scanner/docs/README.DockerHub-Scanner.md index b3d288b888..f086c0891a 100644 --- a/scanners/git-repo-scanner/docs/README.DockerHub-Scanner.md +++ b/scanners/git-repo-scanner/docs/README.DockerHub-Scanner.md @@ -53,7 +53,7 @@ docker pull securecodebox/scanner-git-repo-scanner ## What is Git-Repo-Scanner? -Git-Repo-Scanner is a small Python script which discovers repositories on GitHub or GitLab. The main purpose of this scanner +Git-Repo-Scanner is a small Go project which discovers repositories on GitHub or GitLab. The main purpose of this scanner is to provide a cascading input for the [gitleaks](https://www.securecodebox.io/docs/scanners/gitleaks) and [semgrep](https://www.securecodebox.io/docs/scanners/semgrep) scanners. ## Scanner Configuration @@ -62,9 +62,9 @@ The scanner options can be divided into two groups for Gitlab and GitHub. You ca repository type with the option: ```bash ---git-type github +--git-type GitHub or ---git-type Gitlab +--git-type GitLab ``` #### GitHub diff --git a/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml b/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml index ab51e98e35..485e03b5ec 100644 --- a/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml +++ b/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml @@ -11,11 +11,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "144957631", - "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", + "archived": true, + "created_at": "2018-08-16T08:11:15Z", "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", - "owner_type": "Organization", + "id": "144957631", + "last_activity_at": "2023-01-28T10:22:09Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "openshift", @@ -24,11 +27,8 @@ "security-tools", "security", ], - "owner_name": "secureCodeBox", - "created_at": "2018-08-16T08:11:15Z", - "last_activity_at": "2021-02-26T14:43:24Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", }, }, { @@ -39,11 +39,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "142870794", - "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", + "archived": true, + "created_at": "2018-07-30T12:13:41Z", "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", - "owner_type": "Organization", + "id": "142870794", + "last_activity_at": "2023-01-28T10:22:08Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "security", @@ -53,11 +56,8 @@ "jenkinsfile", "demo", ], - "owner_name": "secureCodeBox", - "created_at": "2018-07-30T12:13:41Z", - "last_activity_at": "2021-02-26T14:42:45Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", }, }, { @@ -68,17 +68,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "214418800", - "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", + "archived": false, + "created_at": "2019-10-11T11:28:15Z", "full_name": "secureCodeBox/swagger-petstore-openshift", - "owner_type": "Organization", + "id": "214418800", + "last_activity_at": "2019-10-11T11:37:41Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-10-11T11:28:15Z", - "last_activity_at": "2019-10-11T11:37:41Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", }, }, { @@ -89,17 +89,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "180568880", - "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", + "archived": true, + "created_at": "2019-04-10T11:39:04Z", "full_name": "secureCodeBox/ruby-scanner-scaffolding", - "owner_type": "Organization", + "id": "180568880", + "last_activity_at": "2023-01-28T10:22:10Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-04-10T11:39:04Z", - "last_activity_at": "2021-02-26T14:42:14Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", }, }, { @@ -110,17 +110,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "141462466", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", + "archived": true, + "created_at": "2018-07-18T16:38:18Z", "full_name": "secureCodeBox/scanner-infrastructure-amass", - "owner_type": "Organization", + "id": "141462466", + "last_activity_at": "2023-06-22T01:51:32Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2018-07-18T16:38:18Z", - "last_activity_at": "2021-02-26T14:41:40Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", }, }, { @@ -131,17 +131,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "251007807", - "web_url": "https://github.com/secureCodeBox/zap-extensions", + "archived": false, + "created_at": "2020-03-29T10:40:12Z", "full_name": "secureCodeBox/zap-extensions", - "owner_type": "Organization", + "id": "251007807", + "last_activity_at": "2020-03-29T10:40:13Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2020-03-29T10:40:12Z", - "last_activity_at": "2020-03-29T10:40:13Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/zap-extensions", }, }, { @@ -152,17 +152,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "171298120", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", + "archived": true, + "created_at": "2019-02-18T14:23:57Z", "full_name": "secureCodeBox/scanner-infrastructure-ssh", - "owner_type": "Organization", + "id": "171298120", + "last_activity_at": "2023-01-28T10:22:09Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-02-18T14:23:57Z", - "last_activity_at": "2021-02-26T14:40:57Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", }, }, { @@ -173,11 +173,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "128396681", - "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", + "archived": true, + "created_at": "2018-04-06T13:13:14Z", "full_name": "secureCodeBox/scanner-webserver-nikto", - "owner_type": "Organization", + "id": "128396681", + "last_activity_at": "2024-08-10T17:59:05Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "nikto", @@ -187,11 +190,8 @@ "security-tools", "microservice", ], - "owner_name": "secureCodeBox", - "created_at": "2018-04-06T13:13:14Z", - "last_activity_at": "2021-02-26T14:40:31Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", }, }, { @@ -202,11 +202,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "134673181", - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni", + "archived": true, + "created_at": "2018-05-24T06:47:00Z", "full_name": "secureCodeBox/scanner-webapplication-arachni", - "owner_type": "Organization", + "id": "134673181", + "last_activity_at": "2023-03-29T14:00:28Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "arachni", @@ -216,11 +219,8 @@ "security-tools", "microservice", ], - "owner_name": "secureCodeBox", - "created_at": "2018-05-24T06:47:00Z", - "last_activity_at": "2021-02-26T14:40:03Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni", }, }, { @@ -231,17 +231,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "180543766", - "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", + "archived": true, + "created_at": "2019-04-10T09:03:38Z", "full_name": "secureCodeBox/scanner-cms-wpscan", - "owner_type": "Organization", + "id": "180543766", + "last_activity_at": "2023-04-25T07:15:25Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-04-10T09:03:38Z", - "last_activity_at": "2021-02-26T14:39:25Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", }, }, { @@ -252,11 +252,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "124402117", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", + "archived": true, + "created_at": "2018-03-08T14:20:36Z", "full_name": "secureCodeBox/scanner-infrastructure-nmap", - "owner_type": "Organization", + "id": "124402117", + "last_activity_at": "2025-04-08T19:31:01Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "nmap", @@ -266,11 +269,8 @@ "security-tools", "microservice", ], - "owner_name": "secureCodeBox", - "created_at": "2018-03-08T14:20:36Z", - "last_activity_at": "2021-06-11T21:49:14Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", }, }, { @@ -281,11 +281,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "133507929", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", + "archived": true, + "created_at": "2018-05-15T11:43:11Z", "full_name": "secureCodeBox/scanner-infrastructure-sslyze", - "owner_type": "Organization", + "id": "133507929", + "last_activity_at": "2023-01-28T10:22:08Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "sslyze", @@ -295,11 +298,8 @@ "security-tools", "microservice", ], - "owner_name": "secureCodeBox", - "created_at": "2018-05-15T11:43:11Z", - "last_activity_at": "2021-02-26T14:38:12Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", }, }, { @@ -310,17 +310,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "223956455", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", + "archived": true, + "created_at": "2019-11-25T13:34:16Z", "full_name": "secureCodeBox/scanner-infrastructure-ncrack", - "owner_type": "Organization", + "id": "223956455", + "last_activity_at": "2023-01-28T10:22:10Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-11-25T13:34:16Z", - "last_activity_at": "2021-02-26T14:37:34Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", }, }, { @@ -331,17 +331,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "277835641", - "web_url": "https://github.com/secureCodeBox/zaproxy", + "archived": false, + "created_at": "2020-07-07T14:14:16Z", "full_name": "secureCodeBox/zaproxy", - "owner_type": "Organization", + "id": "277835641", + "last_activity_at": "2024-01-30T22:45:22Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2020-07-07T14:14:16Z", - "last_activity_at": "2020-07-07T14:14:18Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/zaproxy", }, }, { @@ -352,11 +352,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "249731346", - "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", + "archived": true, + "created_at": "2020-03-24T14:33:08Z", "full_name": "secureCodeBox/secureCodeBox-v2", - "owner_type": "Organization", + "id": "249731346", + "last_activity_at": "2024-01-30T22:40:47Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "securecodebox", @@ -367,11 +370,8 @@ "scanning", "hacktoberfest", ], - "owner_name": "secureCodeBox", - "created_at": "2020-03-24T14:33:08Z", - "last_activity_at": "2020-11-05T15:40:55Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", }, }, { @@ -382,38 +382,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "203588805", - "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", - "full_name": "secureCodeBox/securecodebox.github.io", - "owner_type": "Organization", + "archived": true, + "created_at": "2018-03-20T15:48:39Z", + "full_name": "secureCodeBox/nodejs-scanner-scaffolding", + "id": "126042943", + "last_activity_at": "2023-01-28T10:22:08Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-08-21T13:21:09Z", - "last_activity_at": "2020-10-16T11:40:25Z", - "visibility": "public", - "archived": false, - }, - }, - { - "name": "GitHub Repo", - "description": "A GitHub repository", - "category": "Git Repository", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": - { - "id": "126042943", - "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", - "full_name": "secureCodeBox/nodejs-scanner-scaffolding", "owner_type": "Organization", - "owner_id": "34573705", "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2018-03-20T15:48:39Z", - "last_activity_at": "2021-02-26T14:36:53Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", }, }, { @@ -424,11 +403,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "128920739", - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", + "archived": true, + "created_at": "2018-04-10T11:17:29Z", "full_name": "secureCodeBox/scanner-webapplication-zap", - "owner_type": "Organization", + "id": "128920739", + "last_activity_at": "2024-10-03T05:13:23Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "zap", @@ -438,11 +420,8 @@ "security-tools", "microservice", ], - "owner_name": "secureCodeBox", - "created_at": "2018-04-10T11:17:29Z", - "last_activity_at": "2021-02-26T14:36:02Z", "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", }, }, { @@ -453,17 +432,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "123422137", - "web_url": "https://github.com/secureCodeBox/engine", + "archived": true, + "created_at": "2018-03-01T10:50:05Z", "full_name": "secureCodeBox/engine", - "owner_type": "Organization", + "id": "123422137", + "last_activity_at": "2023-01-28T10:22:08Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2018-03-01T10:50:05Z", - "last_activity_at": "2021-02-26T14:35:25Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": true, + "web_url": "https://github.com/secureCodeBox/engine", }, }, { @@ -474,17 +453,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "327336031", - "web_url": "https://github.com/secureCodeBox/gitleaks", - "full_name": "secureCodeBox/gitleaks", - "owner_type": "Organization", + "archived": false, + "created_at": "2020-10-12T09:58:26Z", + "full_name": "secureCodeBox/kubeaudit", + "id": "303349727", + "last_activity_at": "2024-01-30T22:38:13Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2021-01-06T14:27:46Z", - "last_activity_at": "2021-03-06T20:23:36Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/kubeaudit", }, }, { @@ -495,17 +474,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "357207085", - "web_url": "https://github.com/secureCodeBox/django-DefectDojo", + "archived": false, + "created_at": "2021-04-12T13:36:31Z", "full_name": "secureCodeBox/django-DefectDojo", - "owner_type": "Organization", + "id": "357207085", + "last_activity_at": "2024-01-30T22:35:01Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2021-04-12T13:36:31Z", - "last_activity_at": "2021-12-14T14:46:54Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/django-DefectDojo", }, }, { @@ -516,17 +495,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "204701677", - "web_url": "https://github.com/secureCodeBox/ssh_scan", + "archived": false, + "created_at": "2019-08-27T12:46:48Z", "full_name": "secureCodeBox/ssh_scan", - "owner_type": "Organization", + "id": "204701677", + "last_activity_at": "2022-01-25T02:32:59Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-08-27T12:46:48Z", - "last_activity_at": "2021-06-22T12:11:47Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/ssh_scan", }, }, { @@ -537,17 +516,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "222679857", - "web_url": "https://github.com/secureCodeBox/nikto", + "archived": false, + "created_at": "2019-11-19T11:25:21Z", "full_name": "secureCodeBox/nikto", - "owner_type": "Organization", + "id": "222679857", + "last_activity_at": "2021-08-25T14:24:37Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2019-11-19T11:25:21Z", - "last_activity_at": "2021-08-25T14:24:37Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/nikto", }, }, { @@ -558,17 +537,17 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "409468006", - "web_url": "https://github.com/secureCodeBox/sslyze", + "archived": false, + "created_at": "2021-09-23T06:03:50Z", "full_name": "secureCodeBox/sslyze", - "owner_type": "Organization", + "id": "409468006", + "last_activity_at": "2021-09-23T06:03:51Z", "owner_id": "34573705", - "topics": [], "owner_name": "secureCodeBox", - "created_at": "2021-09-23T06:03:50Z", - "last_activity_at": "2021-09-23T06:03:51Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/sslyze", }, }, { @@ -579,25 +558,60 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "327269915", - "web_url": "https://github.com/secureCodeBox/defectdojo-client-java", - "full_name": "secureCodeBox/defectdojo-client-java", + "archived": false, + "created_at": "2019-08-21T13:21:09Z", + "full_name": "secureCodeBox/securecodebox.github.io", + "id": "203588805", + "last_activity_at": "2022-04-19T13:33:36Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "archived": true, + "created_at": "2020-09-02T13:39:10Z", + "full_name": "secureCodeBox/documentation", + "id": "292293538", + "last_activity_at": "2024-01-20T09:04:19Z", "owner_id": "34573705", - "topics": - [ - "defectdojo", - "owasp", - "client-library", - "java", - "gradle", - "hacktoberfest", - ], "owner_name": "secureCodeBox", - "created_at": "2021-01-06T09:59:17Z", - "last_activity_at": "2021-10-20T08:45:43Z", + "owner_type": "Organization", + "topics": + ["securecodebox", "docusaurus", "documentation", "hacktoberfest"], "visibility": "public", + "web_url": "https://github.com/secureCodeBox/documentation", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { "archived": false, + "created_at": "2023-03-21T19:51:07Z", + "full_name": "secureCodeBox/www-community", + "id": "617150115", + "last_activity_at": "2024-03-14T15:30:35Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/www-community", }, }, { @@ -608,17 +622,80 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "288212154", - "web_url": "https://github.com/secureCodeBox/telemetry", - "full_name": "secureCodeBox/telemetry", + "archived": false, + "created_at": "2023-10-13T14:15:48Z", + "full_name": "secureCodeBox/landscape", + "id": "704559693", + "last_activity_at": "2024-07-11T19:08:33Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/landscape", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "archived": false, + "created_at": "2024-08-09T14:48:36Z", + "full_name": "secureCodeBox/DevSecOps-MaturityModel", + "id": "840369455", + "last_activity_at": "2024-08-09T14:48:36Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/DevSecOps-MaturityModel", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "archived": false, + "created_at": "2021-01-06T14:27:46Z", + "full_name": "secureCodeBox/gitleaks", + "id": "327336031", + "last_activity_at": "2024-01-30T22:39:59Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-08-17T15:09:19Z", - "last_activity_at": "2021-12-06T14:24:34Z", + "owner_type": "Organization", + "topics": [], "visibility": "public", + "web_url": "https://github.com/secureCodeBox/gitleaks", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { "archived": false, + "created_at": "2025-04-18T19:36:30Z", + "full_name": "secureCodeBox/scb-cascades-demo", + "id": "968815564", + "last_activity_at": "2025-04-24T11:47:52Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scb-cascades-demo", }, }, { @@ -629,18 +706,67 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "292293538", - "web_url": "https://github.com/secureCodeBox/documentation", - "full_name": "secureCodeBox/documentation", + "archived": false, + "created_at": "2024-12-29T17:07:02Z", + "full_name": "secureCodeBox/scan-throttler", + "id": "909750535", + "last_activity_at": "2025-08-19T14:02:18Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scan-throttler", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "archived": false, + "created_at": "2021-01-06T09:59:17Z", + "full_name": "secureCodeBox/defectdojo-client-java", + "id": "327269915", + "last_activity_at": "2025-10-20T08:29:33Z", "owner_id": "34573705", - "topics": - ["securecodebox", "docusaurus", "documentation", "hacktoberfest"], "owner_name": "secureCodeBox", - "created_at": "2020-09-02T13:39:10Z", - "last_activity_at": "2021-12-15T13:55:43Z", + "owner_type": "Organization", + "topics": + [ + "defectdojo", + "owasp", + "client-library", + "java", + "gradle", + "hacktoberfest", + ], "visibility": "public", + "web_url": "https://github.com/secureCodeBox/defectdojo-client-java", + }, + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { "archived": false, + "created_at": "2020-08-17T15:09:19Z", + "full_name": "secureCodeBox/telemetry", + "id": "288212154", + "last_activity_at": "2025-11-20T07:43:05Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/telemetry", }, }, { @@ -651,11 +777,14 @@ "severity": "INFORMATIONAL", "attributes": { - "id": "80711933", - "web_url": "https://github.com/secureCodeBox/secureCodeBox", + "archived": false, + "created_at": "2017-02-02T09:48:05Z", "full_name": "secureCodeBox/secureCodeBox", - "owner_type": "Organization", + "id": "80711933", + "last_activity_at": "2025-11-24T10:04:46Z", "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", "topics": [ "security", @@ -667,14 +796,11 @@ "kubernetes", "kubernetes-operator", "owasp", - "owasp-zap", "hacktoberfest", + "zaproxy", ], - "owner_name": "secureCodeBox", - "created_at": "2017-02-02T09:48:05Z", - "last_activity_at": "2021-12-21T09:48:07Z", "visibility": "public", - "archived": false, + "web_url": "https://github.com/secureCodeBox/secureCodeBox", }, }, ] diff --git a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js index 7815274085..1dcccb8e0f 100644 --- a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js +++ b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js @@ -8,12 +8,11 @@ test.skip( "git-repo-scanner should find at least 1 repository in the GitHub secureCodeBox organisation", async () => { // This integration tests runs about 30min because of the GitHub Public API call rate limit. - // If you want to speed up you need to add an valid access token like: ['--git-type', 'github', '--organization', 'secureCodeBox', '--access-token', '23476VALID2345TOKEN'], + // If you want to speed up you need to add an valid access token like: ['--git-type', 'GitHub', '--organization', 'secureCodeBox', '--access-token', '23476VALID2345TOKEN'], const { count } = await scan( "git-repo-scanner-dummy-scan", "git-repo-scanner", ["--git-type", "github", "--organization", "secureCodeBox"], - 90, ); // There must be >= 28 Repositories found in the GitHub secureCodeBox organisation. expect(count).toBeGreaterThanOrEqual(28); diff --git a/scanners/git-repo-scanner/parser/__testFiles__/git-scanner-test-findings.json b/scanners/git-repo-scanner/parser/__testFiles__/git-scanner-test-findings.json index 435b7428f7..6ca11b3fa5 100644 --- a/scanners/git-repo-scanner/parser/__testFiles__/git-scanner-test-findings.json +++ b/scanners/git-repo-scanner/parser/__testFiles__/git-scanner-test-findings.json @@ -6,15 +6,23 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 80711933, - "web_url": "https://github.com/secureCodeBox/secureCodeBox", - "full_name": "secureCodeBox/secureCodeBox", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-08-16T08:11:15Z", + "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", + "id": "144957631", + "last_activity_at": "2023-01-28T10:22:09Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2017-02-02T09:48:05Z", - "last_activity_at": "2020-10-23T08:59:27Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "openshift", + "ansible-role", + "ansible", + "security-tools", + "security" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift" } }, { @@ -24,15 +32,24 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 123422137, - "web_url": "https://github.com/secureCodeBox/engine", - "full_name": "secureCodeBox/engine", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-07-30T12:13:41Z", + "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", + "id": "142870794", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-03-01T10:50:05Z", - "last_activity_at": "2020-10-07T08:07:32Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "security", + "security-automation", + "security-testing", + "jenkins-pipeline", + "jenkinsfile", + "demo" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples" } }, { @@ -42,15 +59,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 124402117, - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", - "full_name": "secureCodeBox/scanner-infrastructure-nmap", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2019-10-11T11:28:15Z", + "full_name": "secureCodeBox/swagger-petstore-openshift", + "id": "214418800", + "last_activity_at": "2019-10-11T11:37:41Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-03-08T14:20:36Z", - "last_activity_at": "2020-09-14T15:40:40Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift" } }, { @@ -60,15 +79,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 126042943, - "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", - "full_name": "secureCodeBox/nodejs-scanner-scaffolding", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-04-10T11:39:04Z", + "full_name": "secureCodeBox/ruby-scanner-scaffolding", + "id": "180568880", + "last_activity_at": "2023-01-28T10:22:10Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-03-20T15:48:39Z", - "last_activity_at": "2020-07-16T10:37:40Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding" } }, { @@ -78,15 +99,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 128396681, - "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", - "full_name": "secureCodeBox/scanner-webserver-nikto", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-07-18T16:38:18Z", + "full_name": "secureCodeBox/scanner-infrastructure-amass", + "id": "141462466", + "last_activity_at": "2023-06-22T01:51:32Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-04-06T13:13:14Z", - "last_activity_at": "2020-06-25T10:11:41Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass" } }, { @@ -96,15 +119,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 128920739, - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", - "full_name": "secureCodeBox/scanner-webapplication-zap", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-03-29T10:40:12Z", + "full_name": "secureCodeBox/zap-extensions", + "id": "251007807", + "last_activity_at": "2020-03-29T10:40:13Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-04-10T11:17:29Z", - "last_activity_at": "2020-10-07T14:05:09Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/zap-extensions" } }, { @@ -114,15 +139,44 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 133507929, - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", - "full_name": "secureCodeBox/scanner-infrastructure-sslyze", + "archived": true, + "created_at": "2019-02-18T14:23:57Z", + "full_name": "secureCodeBox/scanner-infrastructure-ssh", + "id": "171298120", + "last_activity_at": "2023-01-28T10:22:09Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", - "owner_id": 34573705, + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh" + } + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": { + "archived": true, + "created_at": "2018-04-06T13:13:14Z", + "full_name": "secureCodeBox/scanner-webserver-nikto", + "id": "128396681", + "last_activity_at": "2024-08-10T17:59:05Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-05-15T11:43:11Z", - "last_activity_at": "2020-07-16T10:52:54Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "nikto", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto" } }, { @@ -132,15 +186,24 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 134673181, - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni", + "archived": true, + "created_at": "2018-05-24T06:47:00Z", "full_name": "secureCodeBox/scanner-webapplication-arachni", - "owner_type": "Organization", - "owner_id": 34573705, + "id": "134673181", + "last_activity_at": "2023-03-29T14:00:28Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-05-24T06:47:00Z", - "last_activity_at": "2020-10-10T10:29:42Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "arachni", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni" } }, { @@ -150,15 +213,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 141462466, - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", - "full_name": "secureCodeBox/scanner-infrastructure-amass", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-04-10T09:03:38Z", + "full_name": "secureCodeBox/scanner-cms-wpscan", + "id": "180543766", + "last_activity_at": "2023-04-25T07:15:25Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-07-18T16:38:18Z", - "last_activity_at": "2020-03-17T18:59:35Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan" } }, { @@ -168,15 +233,24 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 142870794, - "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", - "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-03-08T14:20:36Z", + "full_name": "secureCodeBox/scanner-infrastructure-nmap", + "id": "124402117", + "last_activity_at": "2025-04-08T19:31:01Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-07-30T12:13:41Z", - "last_activity_at": "2020-09-27T18:59:24Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "nmap", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap" } }, { @@ -186,15 +260,24 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 144957631, - "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", - "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-05-15T11:43:11Z", + "full_name": "secureCodeBox/scanner-infrastructure-sslyze", + "id": "133507929", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-08-16T08:11:15Z", - "last_activity_at": "2019-04-17T13:36:12Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "sslyze", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze" } }, { @@ -204,15 +287,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 161506648, - "web_url": "https://github.com/secureCodeBox/django-DefectDojo", - "full_name": "secureCodeBox/django-DefectDojo", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-11-25T13:34:16Z", + "full_name": "secureCodeBox/scanner-infrastructure-ncrack", + "id": "223956455", + "last_activity_at": "2023-01-28T10:22:10Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2018-12-12T15:21:02Z", - "last_activity_at": "2019-01-09T08:41:31Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack" } }, { @@ -222,15 +307,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 171298120, - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", - "full_name": "secureCodeBox/scanner-infrastructure-ssh", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-07-07T14:14:16Z", + "full_name": "secureCodeBox/zaproxy", + "id": "277835641", + "last_activity_at": "2024-01-30T22:45:22Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-02-18T14:23:57Z", - "last_activity_at": "2020-06-25T10:11:16Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/zaproxy" } }, { @@ -240,15 +327,25 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 180543766, - "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", - "full_name": "secureCodeBox/scanner-cms-wpscan", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2020-03-24T14:33:08Z", + "full_name": "secureCodeBox/secureCodeBox-v2", + "id": "249731346", + "last_activity_at": "2024-01-30T22:40:47Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-04-10T09:03:38Z", - "last_activity_at": "2020-06-25T10:12:29Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "securecodebox", + "security-tools", + "penetration-testers", + "devsecops", + "kubernetes-operator", + "scanning", + "hacktoberfest" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2" } }, { @@ -258,15 +355,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 180568880, - "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", - "full_name": "secureCodeBox/ruby-scanner-scaffolding", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-03-20T15:48:39Z", + "full_name": "secureCodeBox/nodejs-scanner-scaffolding", + "id": "126042943", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-04-10T11:39:04Z", - "last_activity_at": "2020-03-11T14:20:03Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding" } }, { @@ -276,15 +375,24 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 203588805, - "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", - "full_name": "secureCodeBox/securecodebox.github.io", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-04-10T11:17:29Z", + "full_name": "secureCodeBox/scanner-webapplication-zap", + "id": "128920739", + "last_activity_at": "2024-10-03T05:13:23Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-08-21T13:21:09Z", - "last_activity_at": "2020-10-16T11:40:25Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "zap", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap" } }, { @@ -294,15 +402,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 204489733, - "web_url": "https://github.com/secureCodeBox/gatsby-gh-pages-action", - "full_name": "secureCodeBox/gatsby-gh-pages-action", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-03-01T10:50:05Z", + "full_name": "secureCodeBox/engine", + "id": "123422137", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-08-26T14:11:02Z", - "last_activity_at": "2019-08-26T14:11:05Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/engine" } }, { @@ -312,15 +422,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 204701677, - "web_url": "https://github.com/secureCodeBox/ssh_scan", - "full_name": "secureCodeBox/ssh_scan", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-10-12T09:58:26Z", + "full_name": "secureCodeBox/kubeaudit", + "id": "303349727", + "last_activity_at": "2024-01-30T22:38:13Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-08-27T12:46:48Z", - "last_activity_at": "2019-08-27T12:53:11Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/kubeaudit" } }, { @@ -330,15 +442,37 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 214418800, - "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", - "full_name": "secureCodeBox/swagger-petstore-openshift", + "archived": false, + "created_at": "2021-04-12T13:36:31Z", + "full_name": "secureCodeBox/django-DefectDojo", + "id": "357207085", + "last_activity_at": "2024-01-30T22:35:01Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", - "owner_id": 34573705, + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/django-DefectDojo" + } + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": { + "archived": false, + "created_at": "2019-08-27T12:46:48Z", + "full_name": "secureCodeBox/ssh_scan", + "id": "204701677", + "last_activity_at": "2022-01-25T02:32:59Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-10-11T11:28:15Z", - "last_activity_at": "2019-10-11T11:37:41Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/ssh_scan" } }, { @@ -348,15 +482,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 222679857, - "web_url": "https://github.com/secureCodeBox/nikto", + "archived": false, + "created_at": "2019-11-19T11:25:21Z", "full_name": "secureCodeBox/nikto", - "owner_type": "Organization", - "owner_id": 34573705, + "id": "222679857", + "last_activity_at": "2021-08-25T14:24:37Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-11-19T11:25:21Z", - "last_activity_at": "2020-03-21T12:43:04Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/nikto" } }, { @@ -366,15 +502,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 223956455, - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", - "full_name": "secureCodeBox/scanner-infrastructure-ncrack", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2021-09-23T06:03:50Z", + "full_name": "secureCodeBox/sslyze", + "id": "409468006", + "last_activity_at": "2021-09-23T06:03:51Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2019-11-25T13:34:16Z", - "last_activity_at": "2020-07-19T11:16:33Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/sslyze" } }, { @@ -384,15 +522,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 249731346, - "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", - "full_name": "secureCodeBox/secureCodeBox-v2", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2019-08-21T13:21:09Z", + "full_name": "secureCodeBox/securecodebox.github.io", + "id": "203588805", + "last_activity_at": "2022-04-19T13:33:36Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-03-24T14:33:08Z", - "last_activity_at": "2020-10-22T08:39:01Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/securecodebox.github.io" } }, { @@ -402,15 +542,22 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 251007807, - "web_url": "https://github.com/secureCodeBox/zap-extensions", - "full_name": "secureCodeBox/zap-extensions", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": true, + "created_at": "2020-09-02T13:39:10Z", + "full_name": "secureCodeBox/documentation", + "id": "292293538", + "last_activity_at": "2024-01-20T09:04:19Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-03-29T10:40:12Z", - "last_activity_at": "2020-03-29T10:40:13Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [ + "securecodebox", + "docusaurus", + "documentation", + "hacktoberfest" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/documentation" } }, { @@ -420,15 +567,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 277835641, - "web_url": "https://github.com/secureCodeBox/zaproxy", - "full_name": "secureCodeBox/zaproxy", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2023-03-21T19:51:07Z", + "full_name": "secureCodeBox/www-community", + "id": "617150115", + "last_activity_at": "2024-03-14T15:30:35Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-07-07T14:14:16Z", - "last_activity_at": "2020-07-07T14:14:18Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/www-community" } }, { @@ -438,15 +587,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 285890805, - "web_url": "https://github.com/secureCodeBox/static-export", - "full_name": "secureCodeBox/static-export", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2023-10-13T14:15:48Z", + "full_name": "secureCodeBox/landscape", + "id": "704559693", + "last_activity_at": "2024-07-11T19:08:33Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-08-07T17:58:52Z", - "last_activity_at": "2020-08-12T12:53:05Z", - "visibility": "private" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/landscape" } }, { @@ -456,15 +607,17 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 288212154, - "web_url": "https://github.com/secureCodeBox/telemetry", - "full_name": "secureCodeBox/telemetry", - "owner_type": "Organization", - "owner_id": 34573705, + "archived": false, + "created_at": "2024-08-09T14:48:36Z", + "full_name": "secureCodeBox/DevSecOps-MaturityModel", + "id": "840369455", + "last_activity_at": "2024-08-09T14:48:36Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-08-17T15:09:19Z", - "last_activity_at": "2020-09-01T10:08:23Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/DevSecOps-MaturityModel" } }, { @@ -474,15 +627,37 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 292293538, - "web_url": "https://github.com/secureCodeBox/documentation", - "full_name": "secureCodeBox/documentation", + "archived": false, + "created_at": "2021-01-06T14:27:46Z", + "full_name": "secureCodeBox/gitleaks", + "id": "327336031", + "last_activity_at": "2024-01-30T22:39:59Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", - "owner_id": 34573705, + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/gitleaks" + } + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": { + "archived": false, + "created_at": "2025-04-18T19:36:30Z", + "full_name": "secureCodeBox/scb-cascades-demo", + "id": "968815564", + "last_activity_at": "2025-04-24T11:47:52Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-09-02T13:39:10Z", - "last_activity_at": "2020-10-21T14:28:35Z", - "visibility": "public" + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scb-cascades-demo" } }, { @@ -492,15 +667,44 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 292573194, - "web_url": "https://github.com/secureCodeBox/ui", - "full_name": "secureCodeBox/ui", + "archived": false, + "created_at": "2024-12-29T17:07:02Z", + "full_name": "secureCodeBox/scan-throttler", + "id": "909750535", + "last_activity_at": "2025-08-19T14:02:18Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", - "owner_id": 34573705, + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scan-throttler" + } + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": { + "archived": false, + "created_at": "2021-01-06T09:59:17Z", + "full_name": "secureCodeBox/defectdojo-client-java", + "id": "327269915", + "last_activity_at": "2025-10-20T08:29:33Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-09-03T13:08:22Z", - "last_activity_at": "2020-10-07T14:38:02Z", - "visibility": "private" + "owner_type": "Organization", + "topics": [ + "defectdojo", + "owasp", + "client-library", + "java", + "gradle", + "hacktoberfest" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/defectdojo-client-java" } }, { @@ -510,15 +714,49 @@ "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", "attributes": { - "id": 299249650, - "web_url": "https://github.com/secureCodeBox/internal", - "full_name": "secureCodeBox/internal", + "archived": false, + "created_at": "2020-08-17T15:09:19Z", + "full_name": "secureCodeBox/telemetry", + "id": "288212154", + "last_activity_at": "2025-11-20T07:43:05Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", "owner_type": "Organization", - "owner_id": 34573705, + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/telemetry" + } + }, + { + "name": "GitHub Repo", + "description": "A GitHub repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": { + "archived": false, + "created_at": "2017-02-02T09:48:05Z", + "full_name": "secureCodeBox/secureCodeBox", + "id": "80711933", + "last_activity_at": "2025-11-24T10:04:46Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", - "created_at": "2020-09-28T08:58:53Z", - "last_activity_at": "2020-10-21T15:11:56Z", - "visibility": "private" + "owner_type": "Organization", + "topics": [ + "security", + "security-automation", + "security-tools", + "security-testing", + "securecodebox", + "devsecops", + "kubernetes", + "kubernetes-operator", + "owasp", + "hacktoberfest", + "zaproxy" + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/secureCodeBox" } } ] diff --git a/scanners/git-repo-scanner/parser/parser.test.js b/scanners/git-repo-scanner/parser/parser.test.js index 108df857f6..5b54ada567 100644 --- a/scanners/git-repo-scanner/parser/parser.test.js +++ b/scanners/git-repo-scanner/parser/parser.test.js @@ -32,15 +32,23 @@ test("should properly parse git-scanner json file", async () => { [ { "attributes": { - "created_at": "2017-02-02T09:48:05Z", - "full_name": "secureCodeBox/secureCodeBox", - "id": 80711933, - "last_activity_at": "2020-10-23T08:59:27Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-08-16T08:11:15Z", + "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", + "id": "144957631", + "last_activity_at": "2023-01-28T10:22:09Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "openshift", + "ansible-role", + "ansible", + "security-tools", + "security", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/secureCodeBox", + "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", }, "category": "Git Repository", "description": "A GitHub repository", @@ -50,15 +58,24 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-03-01T10:50:05Z", - "full_name": "secureCodeBox/engine", - "id": 123422137, - "last_activity_at": "2020-10-07T08:07:32Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-07-30T12:13:41Z", + "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", + "id": "142870794", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "security", + "security-automation", + "security-testing", + "jenkins-pipeline", + "jenkinsfile", + "demo", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/engine", + "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", }, "category": "Git Repository", "description": "A GitHub repository", @@ -68,15 +85,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-03-08T14:20:36Z", - "full_name": "secureCodeBox/scanner-infrastructure-nmap", - "id": 124402117, - "last_activity_at": "2020-09-14T15:40:40Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2019-10-11T11:28:15Z", + "full_name": "secureCodeBox/swagger-petstore-openshift", + "id": "214418800", + "last_activity_at": "2019-10-11T11:37:41Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", + "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", }, "category": "Git Repository", "description": "A GitHub repository", @@ -86,15 +105,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-03-20T15:48:39Z", - "full_name": "secureCodeBox/nodejs-scanner-scaffolding", - "id": 126042943, - "last_activity_at": "2020-07-16T10:37:40Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-04-10T11:39:04Z", + "full_name": "secureCodeBox/ruby-scanner-scaffolding", + "id": "180568880", + "last_activity_at": "2023-01-28T10:22:10Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", + "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", }, "category": "Git Repository", "description": "A GitHub repository", @@ -104,15 +125,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-04-06T13:13:14Z", - "full_name": "secureCodeBox/scanner-webserver-nikto", - "id": 128396681, - "last_activity_at": "2020-06-25T10:11:41Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-07-18T16:38:18Z", + "full_name": "secureCodeBox/scanner-infrastructure-amass", + "id": "141462466", + "last_activity_at": "2023-06-22T01:51:32Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", }, "category": "Git Repository", "description": "A GitHub repository", @@ -122,15 +145,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-04-10T11:17:29Z", - "full_name": "secureCodeBox/scanner-webapplication-zap", - "id": 128920739, - "last_activity_at": "2020-10-07T14:05:09Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-03-29T10:40:12Z", + "full_name": "secureCodeBox/zap-extensions", + "id": "251007807", + "last_activity_at": "2020-03-29T10:40:13Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", + "web_url": "https://github.com/secureCodeBox/zap-extensions", }, "category": "Git Repository", "description": "A GitHub repository", @@ -140,15 +165,44 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-05-15T11:43:11Z", - "full_name": "secureCodeBox/scanner-infrastructure-sslyze", - "id": 133507929, - "last_activity_at": "2020-07-16T10:52:54Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-02-18T14:23:57Z", + "full_name": "secureCodeBox/scanner-infrastructure-ssh", + "id": "171298120", + "last_activity_at": "2023-01-28T10:22:09Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", + }, + "category": "Git Repository", + "description": "A GitHub repository", + "name": "GitHub Repo", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "archived": true, + "created_at": "2018-04-06T13:13:14Z", + "full_name": "secureCodeBox/scanner-webserver-nikto", + "id": "128396681", + "last_activity_at": "2024-08-10T17:59:05Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [ + "nikto", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", }, "category": "Git Repository", "description": "A GitHub repository", @@ -158,13 +212,22 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { + "archived": true, "created_at": "2018-05-24T06:47:00Z", "full_name": "secureCodeBox/scanner-webapplication-arachni", - "id": 134673181, - "last_activity_at": "2020-10-10T10:29:42Z", - "owner_id": 34573705, + "id": "134673181", + "last_activity_at": "2023-03-29T14:00:28Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "arachni", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], "visibility": "public", "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni", }, @@ -176,15 +239,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-07-18T16:38:18Z", - "full_name": "secureCodeBox/scanner-infrastructure-amass", - "id": 141462466, - "last_activity_at": "2020-03-17T18:59:35Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-04-10T09:03:38Z", + "full_name": "secureCodeBox/scanner-cms-wpscan", + "id": "180543766", + "last_activity_at": "2023-04-25T07:15:25Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", + "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", }, "category": "Git Repository", "description": "A GitHub repository", @@ -194,15 +259,24 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-07-30T12:13:41Z", - "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", - "id": 142870794, - "last_activity_at": "2020-09-27T18:59:24Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-03-08T14:20:36Z", + "full_name": "secureCodeBox/scanner-infrastructure-nmap", + "id": "124402117", + "last_activity_at": "2025-04-08T19:31:01Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "nmap", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", }, "category": "Git Repository", "description": "A GitHub repository", @@ -212,15 +286,24 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-08-16T08:11:15Z", - "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", - "id": 144957631, - "last_activity_at": "2019-04-17T13:36:12Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-05-15T11:43:11Z", + "full_name": "secureCodeBox/scanner-infrastructure-sslyze", + "id": "133507929", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "sslyze", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", }, "category": "Git Repository", "description": "A GitHub repository", @@ -230,15 +313,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2018-12-12T15:21:02Z", - "full_name": "secureCodeBox/django-DefectDojo", - "id": 161506648, - "last_activity_at": "2019-01-09T08:41:31Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2019-11-25T13:34:16Z", + "full_name": "secureCodeBox/scanner-infrastructure-ncrack", + "id": "223956455", + "last_activity_at": "2023-01-28T10:22:10Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/django-DefectDojo", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", }, "category": "Git Repository", "description": "A GitHub repository", @@ -248,15 +333,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-02-18T14:23:57Z", - "full_name": "secureCodeBox/scanner-infrastructure-ssh", - "id": 171298120, - "last_activity_at": "2020-06-25T10:11:16Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-07-07T14:14:16Z", + "full_name": "secureCodeBox/zaproxy", + "id": "277835641", + "last_activity_at": "2024-01-30T22:45:22Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", + "web_url": "https://github.com/secureCodeBox/zaproxy", }, "category": "Git Repository", "description": "A GitHub repository", @@ -266,15 +353,25 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-04-10T09:03:38Z", - "full_name": "secureCodeBox/scanner-cms-wpscan", - "id": 180543766, - "last_activity_at": "2020-06-25T10:12:29Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2020-03-24T14:33:08Z", + "full_name": "secureCodeBox/secureCodeBox-v2", + "id": "249731346", + "last_activity_at": "2024-01-30T22:40:47Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "securecodebox", + "security-tools", + "penetration-testers", + "devsecops", + "kubernetes-operator", + "scanning", + "hacktoberfest", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", + "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", }, "category": "Git Repository", "description": "A GitHub repository", @@ -284,15 +381,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-04-10T11:39:04Z", - "full_name": "secureCodeBox/ruby-scanner-scaffolding", - "id": 180568880, - "last_activity_at": "2020-03-11T14:20:03Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-03-20T15:48:39Z", + "full_name": "secureCodeBox/nodejs-scanner-scaffolding", + "id": "126042943", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", + "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", }, "category": "Git Repository", "description": "A GitHub repository", @@ -302,15 +401,24 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-08-21T13:21:09Z", - "full_name": "secureCodeBox/securecodebox.github.io", - "id": 203588805, - "last_activity_at": "2020-10-16T11:40:25Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-04-10T11:17:29Z", + "full_name": "secureCodeBox/scanner-webapplication-zap", + "id": "128920739", + "last_activity_at": "2024-10-03T05:13:23Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "zap", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", }, "category": "Git Repository", "description": "A GitHub repository", @@ -320,15 +428,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-08-26T14:11:02Z", - "full_name": "secureCodeBox/gatsby-gh-pages-action", - "id": 204489733, - "last_activity_at": "2019-08-26T14:11:05Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2018-03-01T10:50:05Z", + "full_name": "secureCodeBox/engine", + "id": "123422137", + "last_activity_at": "2023-01-28T10:22:08Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/gatsby-gh-pages-action", + "web_url": "https://github.com/secureCodeBox/engine", }, "category": "Git Repository", "description": "A GitHub repository", @@ -338,15 +448,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-08-27T12:46:48Z", - "full_name": "secureCodeBox/ssh_scan", - "id": 204701677, - "last_activity_at": "2019-08-27T12:53:11Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-10-12T09:58:26Z", + "full_name": "secureCodeBox/kubeaudit", + "id": "303349727", + "last_activity_at": "2024-01-30T22:38:13Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/ssh_scan", + "web_url": "https://github.com/secureCodeBox/kubeaudit", }, "category": "Git Repository", "description": "A GitHub repository", @@ -356,15 +468,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-10-11T11:28:15Z", - "full_name": "secureCodeBox/swagger-petstore-openshift", - "id": 214418800, - "last_activity_at": "2019-10-11T11:37:41Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2021-04-12T13:36:31Z", + "full_name": "secureCodeBox/django-DefectDojo", + "id": "357207085", + "last_activity_at": "2024-01-30T22:35:01Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", + "web_url": "https://github.com/secureCodeBox/django-DefectDojo", }, "category": "Git Repository", "description": "A GitHub repository", @@ -374,13 +488,35 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { + "archived": false, + "created_at": "2019-08-27T12:46:48Z", + "full_name": "secureCodeBox/ssh_scan", + "id": "204701677", + "last_activity_at": "2022-01-25T02:32:59Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/ssh_scan", + }, + "category": "Git Repository", + "description": "A GitHub repository", + "name": "GitHub Repo", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "archived": false, "created_at": "2019-11-19T11:25:21Z", "full_name": "secureCodeBox/nikto", - "id": 222679857, - "last_activity_at": "2020-03-21T12:43:04Z", - "owner_id": 34573705, + "id": "222679857", + "last_activity_at": "2021-08-25T14:24:37Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", "web_url": "https://github.com/secureCodeBox/nikto", }, @@ -392,15 +528,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2019-11-25T13:34:16Z", - "full_name": "secureCodeBox/scanner-infrastructure-ncrack", - "id": 223956455, - "last_activity_at": "2020-07-19T11:16:33Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2021-09-23T06:03:50Z", + "full_name": "secureCodeBox/sslyze", + "id": "409468006", + "last_activity_at": "2021-09-23T06:03:51Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", + "web_url": "https://github.com/secureCodeBox/sslyze", }, "category": "Git Repository", "description": "A GitHub repository", @@ -410,15 +548,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-03-24T14:33:08Z", - "full_name": "secureCodeBox/secureCodeBox-v2", - "id": 249731346, - "last_activity_at": "2020-10-22T08:39:01Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2019-08-21T13:21:09Z", + "full_name": "secureCodeBox/securecodebox.github.io", + "id": "203588805", + "last_activity_at": "2022-04-19T13:33:36Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", + "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", }, "category": "Git Repository", "description": "A GitHub repository", @@ -428,15 +568,22 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-03-29T10:40:12Z", - "full_name": "secureCodeBox/zap-extensions", - "id": 251007807, - "last_activity_at": "2020-03-29T10:40:13Z", - "owner_id": 34573705, + "archived": true, + "created_at": "2020-09-02T13:39:10Z", + "full_name": "secureCodeBox/documentation", + "id": "292293538", + "last_activity_at": "2024-01-20T09:04:19Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [ + "securecodebox", + "docusaurus", + "documentation", + "hacktoberfest", + ], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/zap-extensions", + "web_url": "https://github.com/secureCodeBox/documentation", }, "category": "Git Repository", "description": "A GitHub repository", @@ -446,15 +593,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-07-07T14:14:16Z", - "full_name": "secureCodeBox/zaproxy", - "id": 277835641, - "last_activity_at": "2020-07-07T14:14:18Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2023-03-21T19:51:07Z", + "full_name": "secureCodeBox/www-community", + "id": "617150115", + "last_activity_at": "2024-03-14T15:30:35Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/zaproxy", + "web_url": "https://github.com/secureCodeBox/www-community", }, "category": "Git Repository", "description": "A GitHub repository", @@ -464,15 +613,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-08-07T17:58:52Z", - "full_name": "secureCodeBox/static-export", - "id": 285890805, - "last_activity_at": "2020-08-12T12:53:05Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2023-10-13T14:15:48Z", + "full_name": "secureCodeBox/landscape", + "id": "704559693", + "last_activity_at": "2024-07-11T19:08:33Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", - "visibility": "private", - "web_url": "https://github.com/secureCodeBox/static-export", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/landscape", }, "category": "Git Repository", "description": "A GitHub repository", @@ -482,15 +633,17 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-08-17T15:09:19Z", - "full_name": "secureCodeBox/telemetry", - "id": 288212154, - "last_activity_at": "2020-09-01T10:08:23Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2024-08-09T14:48:36Z", + "full_name": "secureCodeBox/DevSecOps-MaturityModel", + "id": "840369455", + "last_activity_at": "2024-08-09T14:48:36Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/telemetry", + "web_url": "https://github.com/secureCodeBox/DevSecOps-MaturityModel", }, "category": "Git Repository", "description": "A GitHub repository", @@ -500,15 +653,57 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-09-02T13:39:10Z", - "full_name": "secureCodeBox/documentation", - "id": 292293538, - "last_activity_at": "2020-10-21T14:28:35Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2021-01-06T14:27:46Z", + "full_name": "secureCodeBox/gitleaks", + "id": "327336031", + "last_activity_at": "2024-01-30T22:39:59Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", + "topics": [], "visibility": "public", - "web_url": "https://github.com/secureCodeBox/documentation", + "web_url": "https://github.com/secureCodeBox/gitleaks", + }, + "category": "Git Repository", + "description": "A GitHub repository", + "name": "GitHub Repo", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "archived": false, + "created_at": "2025-04-18T19:36:30Z", + "full_name": "secureCodeBox/scb-cascades-demo", + "id": "968815564", + "last_activity_at": "2025-04-24T11:47:52Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scb-cascades-demo", + }, + "category": "Git Repository", + "description": "A GitHub repository", + "name": "GitHub Repo", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "archived": false, + "created_at": "2024-12-29T17:07:02Z", + "full_name": "secureCodeBox/scan-throttler", + "id": "909750535", + "last_activity_at": "2025-08-19T14:02:18Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/scan-throttler", }, "category": "Git Repository", "description": "A GitHub repository", @@ -518,15 +713,24 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-09-03T13:08:22Z", - "full_name": "secureCodeBox/ui", - "id": 292573194, - "last_activity_at": "2020-10-07T14:38:02Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2021-01-06T09:59:17Z", + "full_name": "secureCodeBox/defectdojo-client-java", + "id": "327269915", + "last_activity_at": "2025-10-20T08:29:33Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", - "visibility": "private", - "web_url": "https://github.com/secureCodeBox/ui", + "topics": [ + "defectdojo", + "owasp", + "client-library", + "java", + "gradle", + "hacktoberfest", + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/defectdojo-client-java", }, "category": "Git Repository", "description": "A GitHub repository", @@ -536,15 +740,49 @@ test("should properly parse git-scanner json file", async () => { }, { "attributes": { - "created_at": "2020-09-28T08:58:53Z", - "full_name": "secureCodeBox/internal", - "id": 299249650, - "last_activity_at": "2020-10-21T15:11:56Z", - "owner_id": 34573705, + "archived": false, + "created_at": "2020-08-17T15:09:19Z", + "full_name": "secureCodeBox/telemetry", + "id": "288212154", + "last_activity_at": "2025-11-20T07:43:05Z", + "owner_id": "34573705", "owner_name": "secureCodeBox", "owner_type": "Organization", - "visibility": "private", - "web_url": "https://github.com/secureCodeBox/internal", + "topics": [], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/telemetry", + }, + "category": "Git Repository", + "description": "A GitHub repository", + "name": "GitHub Repo", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "archived": false, + "created_at": "2017-02-02T09:48:05Z", + "full_name": "secureCodeBox/secureCodeBox", + "id": "80711933", + "last_activity_at": "2025-11-24T10:04:46Z", + "owner_id": "34573705", + "owner_name": "secureCodeBox", + "owner_type": "Organization", + "topics": [ + "security", + "security-automation", + "security-tools", + "security-testing", + "securecodebox", + "devsecops", + "kubernetes", + "kubernetes-operator", + "owasp", + "hacktoberfest", + "zaproxy", + ], + "visibility": "public", + "web_url": "https://github.com/secureCodeBox/secureCodeBox", }, "category": "Git Repository", "description": "A GitHub repository", diff --git a/scanners/git-repo-scanner/scanner/.dockerignore b/scanners/git-repo-scanner/scanner/.dockerignore index d4ea27fec2..ddb1ff28e6 100644 --- a/scanners/git-repo-scanner/scanner/.dockerignore +++ b/scanners/git-repo-scanner/scanner/.dockerignore @@ -2,6 +2,4 @@ # # SPDX-License-Identifier: Apache-2.0 -**/.pytest_cache -**/__pycache__ -/tests +/test diff --git a/scanners/git-repo-scanner/scanner/Dockerfile b/scanners/git-repo-scanner/scanner/Dockerfile index d03a8a91aa..7a942587f3 100644 --- a/scanners/git-repo-scanner/scanner/Dockerfile +++ b/scanners/git-repo-scanner/scanner/Dockerfile @@ -2,10 +2,29 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM docker.io/python:3-alpine -COPY . /scripts/ -RUN pip install -r /scripts/requirements.txt -RUN adduser -S -H -u 1001 gitreposcanner -USER 1001 -WORKDIR /scripts -ENTRYPOINT ["python", "-m", "git_repo_scanner"] +# Build the pull-secret-extractor binary +FROM --platform=$BUILDPLATFORM golang:1.26.3 AS builder + +WORKDIR /workspace +# Copy the Go Modules manifests +COPY go.mod go.mod +COPY go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY main.go main.go +COPY internal/ internal/ + +# Build +ARG TARGETOS TARGETARCH +RUN GOOS="$TARGETOS" GOARCH="$TARGETARCH" CGO_ENABLED=0 go build -a -o git-repo-scanner main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM gcr.io/distroless/static:nonroot +WORKDIR / +COPY --from=builder /workspace/git-repo-scanner . + +ENTRYPOINT ["/git-repo-scanner"] diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py deleted file mode 100644 index 093c0acf97..0000000000 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py +++ /dev/null @@ -1,188 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -import argparse -import json -import logging -import sys -from datetime import datetime, timedelta, timezone -from pathlib import Path - -import github -import gitlab -import pytz - -# https://pypi.org/project/pytimeparse/ -from pytimeparse.timeparse import timeparse - -from git_repo_scanner.abstract_scanner import AbstractScanner -from git_repo_scanner.github_scanner import GitHubScanner -from git_repo_scanner.gitlab_scanner import GitLabScanner - -log_format = "%(asctime)s - %(levelname)-7s - %(name)s - %(message)s" -logging.basicConfig(level=logging.INFO, format=log_format) -logger = logging.getLogger("git_repo_scanner") - -now_utc = datetime.now(timezone.utc) - - -def main(): - args = get_parser_args() - - if not args.git_type: - logger.info("Argument error: No git type specified") - sys.exit(1) - - findings = process(args) - - logger.info("Write findings to file...") - write_findings_to_file(args, findings) - logger.info("Finished!") - - -def process(args): - scanner: AbstractScanner - - if args.git_type == "gitlab": - scanner = GitLabScanner( - url=args.url, - access_token=args.access_token, - group=args.group, - ignored_groups=args.ignore_groups, - ignore_repos=args.ignore_repos, - obey_rate_limit=args.obey_rate_limit, - annotate_latest_commit_id=args.annotate_latest_commit_id, - ) - elif args.git_type == "github": - scanner = GitHubScanner( - url=args.url, - access_token=args.access_token, - organization=args.organization, - ignore_repos=args.ignore_repos, - obey_rate_limit=args.obey_rate_limit, - annotate_latest_commit_id=args.annotate_latest_commit_id, - ) - else: - logger.info("Argument error: Unknown git type") - sys.exit(1) - - try: - return scanner.process( - args.activity_since_duration, args.activity_until_duration - ) - except argparse.ArgumentError as e: - logger.error(f"Argument error: {e}") - sys.exit(1) - except gitlab.exceptions.GitlabAuthenticationError: - logger.info("No permission. Check your access token.") - sys.exit(1) - except github.GithubException as e: - logger.error(f'Github API Exception: {e.status} -> {e.data["message"]}') - sys.exit(2) - except gitlab.GitlabError as e: - logger.error(f"Gitlab API Exception: {e}") - sys.exit(2) - except Exception as e: - logger.error(f"Unexpected error: {e}") - sys.exit(3) - - -def write_findings_to_file(args, findings): - Path(args.file_output).mkdir(parents=True, exist_ok=True) - with open(f"{args.file_output}/git-repo-scanner-findings.json", "w") as out: - json.dump(findings, out) - - -def parse_duration_as_datetime(val: str): - try: - parsed = timeparse(val) - if parsed is None: - raise argparse.ArgumentTypeError(f"Not a valid duration: {val}.") - delta = timedelta(seconds=parsed) - return now_utc - delta - except Exception: - raise argparse.ArgumentTypeError(f"Not a valid duration: {val}.") - - -def get_parser_args(args=None): - parser = argparse.ArgumentParser( - prog="git_repo_scanner", - description="Scan public or private git repositories of organizations or groups", - ) - parser.add_argument( - "--git-type", - help="Repository type can be github or GitLab", - choices=["github", "gitlab"], - required=True, - ) - parser.add_argument( - "--file-output", help="The path of the output file", required=True - ), - parser.add_argument( - "--url", help="The GitLab url or a GitHub enterprise api url.", required=False - ) - parser.add_argument( - "--access-token", help="An access token for authentication", required=False - ) - parser.add_argument( - "--organization", - help="The name of the GitHub organization to scan", - required=False, - ) - parser.add_argument( - "--group", help="The id of the GitLab group to scan", type=int, required=False - ) - parser.add_argument( - "--ignore-repos", - help="A list of repo ids to ignore", - action="extend", - nargs="+", - type=int, - default=[], - required=False, - ) - parser.add_argument( - "--ignore-groups", - help="A list of GitLab group ids to ignore", - action="extend", - nargs="+", - type=int, - default=[], - required=False, - ) - parser.add_argument( - "--obey-rate-limit", - help="True to obey the rate limit of the GitLab or GitHub server (default), otherwise False", - type=bool, - default=True, - required=False, - ) - parser.add_argument( - "--annotate-latest-commit-id", - help="Annotate the results with the latest commit hash of the main branch of the repository. " - "Will result in up to two extra API hits per repository", - type=bool, - default=False, - required=False, - ) - parser.add_argument( - "--activity-since-duration", - help="Return git repo findings with repo activity (e.g. commits) more recent than a specific " - "date expressed by a duration (now - duration)", - type=parse_duration_as_datetime, - required=False, - ) - parser.add_argument( - "--activity-until-duration", - help="Return git repo findings with repo activity (e.g. commits) older than a specific date " - "expressed by a duration (now - duration)", - type=parse_duration_as_datetime, - required=False, - ) - - return parser.parse_args(args) - - -if __name__ == "__main__": - main() diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py deleted file mode 100644 index 175b247379..0000000000 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py +++ /dev/null @@ -1,61 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -import abc -from datetime import datetime -from typing import Dict, List, Optional - -FINDING = Dict[str, any] - - -class AbstractScanner(abc.ABC): - @property - @abc.abstractmethod - def git_type(self) -> str: - raise NotImplementedError() - - @abc.abstractmethod - def process( - self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None - ) -> List[FINDING]: - raise NotImplementedError() - - def _create_finding( - self, - repo_id: str, - web_url: str, - full_name: str, - owner_type: str, - owner_id: str, - owner_name: str, - created_at: str, - last_activity_at: str, - visibility: str, - archived: bool, - topics: list, - last_commit_id: str = None, - ) -> FINDING: - finding = { - "name": f"{self.git_type} Repo", - "description": f"A {self.git_type} repository", - "category": "Git Repository", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "id": repo_id, - "web_url": web_url, - "full_name": full_name, - "owner_type": owner_type, - "owner_id": owner_id, - "topics": topics, - "owner_name": owner_name, - "created_at": created_at, - "last_activity_at": last_activity_at, - "visibility": visibility, - "archived": archived, - }, - } - if last_commit_id is not None: - finding["attributes"]["last_commit_id"] = last_commit_id - return finding diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py deleted file mode 100644 index 2a02ca43f5..0000000000 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py +++ /dev/null @@ -1,190 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -import argparse -import logging -import time -from calendar import timegm -from datetime import datetime, timezone -from typing import Optional, List - -import github -from github.Organization import Organization -from github.PaginatedList import PaginatedList -from github.Repository import Repository - -from git_repo_scanner.abstract_scanner import AbstractScanner, FINDING - - -class GitHubScanner(AbstractScanner): - LOGGER = logging.getLogger("git_repo_scanner") - - def __init__( - self, - url: Optional[str], - access_token: Optional[str], - organization: str, - ignore_repos: List[int], - obey_rate_limit: bool = True, - annotate_latest_commit_id: bool = False, - ) -> None: - super().__init__() - if not organization: - raise argparse.ArgumentError( - None, "Organization required for GitHub connection." - ) - if url and not access_token: - raise argparse.ArgumentError( - None, "Access token required for GitHub connection." - ) - - self._url = url - self._access_token = access_token - self._organization = organization - self._ignore_repos = ignore_repos - self._obey_rate_limit = obey_rate_limit - self._annotate_latest_commit_id = annotate_latest_commit_id - self._gh: Optional[github.Github] = None - - @property - def git_type(self) -> str: - return "GitHub" - - def process( - self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None - ) -> List[FINDING]: - self._setup() - return self._process_repos(start_time, end_time) - - def _process_repos( - self, start_time: Optional[datetime], end_time: Optional[datetime] - ): - findings = [] - org: Organization = self._gh.get_organization(self._organization) - - repos: PaginatedList[Repository] = org.get_repos( - type="all", sort="pushed", direction="asc" - ) - - if start_time: - repos = org.get_repos(type="all", sort="pushed", direction="desc") - - for i in range(repos.totalCount): - self._process_repos_page(findings, repos.get_page(i), start_time, end_time) - return findings - - def _process_repos_page( - self, - findings: List[FINDING], - repos: List[Repository], - start_time: Optional[datetime] = None, - end_time: Optional[datetime] = None, - ): - repo: Repository - for repo in repos: - if repo.id not in self._ignore_repos: - self.LOGGER.info( - f"{len(findings) + 1} - Name: {repo.name} - LastUpdate: {repo.updated_at} - LastPush: {repo.pushed_at}" - ) - - if (start_time or end_time) and not self._check_repo_is_in_time_frame( - repo.pushed_at, start_time, end_time - ): - break - - findings.append(self._create_finding_from_repo(repo)) - self._respect_github_ratelimit() - - def _check_repo_is_in_time_frame( - self, - pushed_at: datetime, - start_time: Optional[datetime] = None, - end_time: Optional[datetime] = None, - ): - # Explicitly set timezone of pushed_at, as it is not set by the library (but is in UTC) - pushed_at = pushed_at.replace(tzinfo=timezone.utc) - if start_time: - if pushed_at > start_time: - return True - else: - self.LOGGER.info( - f"Reached activity limit! Ignoring all repos with activity since `{start_time}`." - ) - return False - elif end_time: - if pushed_at < end_time: - return True - else: - self.LOGGER.info( - f"Reached activity limit! Ignoring all repos with activity until `{end_time}`." - ) - return False - - def _respect_github_ratelimit(self): - if self._obey_rate_limit: - api_limit = self._gh.get_rate_limit().core - reset_timestamp = timegm(api_limit.reset.timetuple()) - # add 5 seconds to be sure the rate limit has been reset - seconds_until_reset = reset_timestamp - timegm(time.gmtime()) + 5 - sleep_time = seconds_until_reset / api_limit.remaining - - self.LOGGER.info( - "Checking Rate-Limit (" - + str(self._obey_rate_limit) - + ") [remainingApiCalls: " - + str(api_limit.remaining) - + ", seconds_until_reset: " - + str(seconds_until_reset) - + ", sleepTime: " - + str(sleep_time) - + "]" - ) - time.sleep(sleep_time) - - def _setup(self): - if self._url: - self._setup_with_url() - else: - self._setup_without_url() - - def _setup_without_url(self): - if self._access_token: - self._gh = github.Github(self._access_token) - else: - self._gh = github.Github() - - def _setup_with_url(self): - if self._access_token: - self._gh = github.Github( - base_url=self._url, login_or_token=self._access_token - ) - else: - raise argparse.ArgumentError( - None, "Access token required for github enterprise authentication." - ) - - def _create_finding_from_repo(self, repo: Repository) -> FINDING: - latest_commit: str = None - if self._annotate_latest_commit_id: - try: - latest_commit = repo.get_commits()[0].sha - except Exception: - self.LOGGER.warn( - "Could not identify the latest commit ID - repository without commits?" - ) - latest_commit = "" - return super()._create_finding( - str(repo.id), - repo.html_url, - repo.full_name, - repo.owner.type, - str(repo.owner.id), - repo.owner.name, - repo.created_at.strftime("%Y-%m-%dT%H:%M:%SZ"), - repo.updated_at.strftime("%Y-%m-%dT%H:%M:%SZ"), - "private" if repo.private else "public", - repo.archived, - repo.get_topics(), - latest_commit, - ) diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py deleted file mode 100644 index 70140bca41..0000000000 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py +++ /dev/null @@ -1,154 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -import argparse -import logging -from datetime import datetime -from typing import List, Optional - -import gitlab -from gitlab.v4.objects import Project, ProjectManager - -from git_repo_scanner.abstract_scanner import AbstractScanner, FINDING - -logger = logging.getLogger("git_repo_scanner") - - -class GitLabScanner(AbstractScanner): - LOGGER = logging.getLogger("git_repo_scanner") - - def __init__( - self, - url: str, - access_token: str, - group: Optional[int], - ignored_groups: List[int], - ignore_repos: List[int], - obey_rate_limit: bool = True, - annotate_latest_commit_id: bool = False, - ) -> None: - super().__init__() - if not url: - raise argparse.ArgumentError(None, "URL required for GitLab connection.") - if not access_token: - raise argparse.ArgumentError( - None, "Access token required for GitLab authentication." - ) - - self._url = url - self._access_token = access_token - self._group = group - self._ignored_groups = ignored_groups - self._ignore_repos = ignore_repos - self._obey_rate_limit = obey_rate_limit - self._annotate_latest_commit_id = annotate_latest_commit_id - self._gl: Optional[gitlab.Gitlab] = None - - @property - def git_type(self) -> str: - return "GitLab" - - def process( - self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None - ) -> List[FINDING]: - self._authenticate() - - projects: List[Project] = self._get_projects(start_time, end_time) - return self._process_projects(projects) - - def _group_project_to_project(self, group_project): - # The GitLab API library gives us a GroupProject object, which has limited functionality. - # This function turns the GroupProject into a "real" project, which allows us to get the - # list of commits and include the SHA1 of the latest commit in the output later - return self._gl.projects.get(group_project.id, lazy=True) - - def _get_projects( - self, start_time: Optional[datetime], end_time: Optional[datetime] - ): - logger.info( - f"Get GitLab repositories with last activity between {start_time} and {end_time}." - ) - - project_manager: ProjectManager = self._gl.projects - options = dict( - all=True, - order_by="last_activity_at", - sort="desc", - obey_rate_limit=self._obey_rate_limit, - max_retries=12, - ) - if start_time is not None: - options["last_activity_after"] = start_time - if end_time is not None: - options["last_activity_before"] = end_time - - if self._group: - options["include_subgroups"] = True - project_manager = self._gl.groups.get(self._group).projects - - return project_manager.list(**options) - - def _process_projects(self, projects: List[Project]) -> List[FINDING]: - project_count = len(projects) - return [ - self._create_finding_from_project(project, i, project_count) - for i, project in enumerate(projects) - if self._is_not_ignored(project) - ] - - def _authenticate(self): - logger.info("Start GitLab authentication") - try: - self._gl = gitlab.Gitlab(self._url, private_token=self._access_token) - self._gl.auth() - except gitlab.exceptions.GitlabAuthenticationError: - self._gl = gitlab.Gitlab(self._url, oauth_token=self._access_token) - self._gl.auth() - - logger.info("GitLab authentication succeeded") - - def _is_not_ignored(self, project: Project) -> bool: - id_project = project.id - kind = project.namespace["kind"] - id_namespace = project.namespace["id"] - if id_project in self._ignore_repos: - return False - if kind == "group" and id_namespace in self._ignored_groups: - return False - return True - - def _create_finding_from_project( - self, project: Project, index: int, total: int - ) -> FINDING: - logger.info( - f"({index + 1}/{total}) Add finding for repo {project.name} with last activity at " - f"{datetime.fromisoformat(project.last_activity_at)}" - ) - - # Retrieve the latest commit ID - latest_commit_id: str = None - if self._annotate_latest_commit_id: - try: - latest_commit_id = ( - self._group_project_to_project(project).commits.list()[0].id - ) - except Exception as e: - logger.warn( - "Could not identify the latest commit ID - repository without commits?" - ) - latest_commit_id = "" - return super()._create_finding( - project.id, - project.web_url, - project.path_with_namespace, - project.namespace["kind"], - project.namespace["id"], - project.namespace["name"], - project.created_at, - project.last_activity_at, - project.visibility, - project.archived, - project.topics, - latest_commit_id, - ) diff --git a/scanners/git-repo-scanner/scanner/go.mod b/scanners/git-repo-scanner/scanner/go.mod new file mode 100644 index 0000000000..f1d8897bfc --- /dev/null +++ b/scanners/git-repo-scanner/scanner/go.mod @@ -0,0 +1,21 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +module github.com/secureCodeBox/scanners/git-repo-scanner/scanner + +go 1.26.2 + +require ( + github.com/google/go-github/v79 v79.0.0 + gitlab.com/gitlab-org/api/client-go v0.160.1 + golang.org/x/oauth2 v0.30.0 +) + +require ( + github.com/google/go-querystring v1.1.0 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-retryablehttp v0.7.8 // indirect + golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect + golang.org/x/time v0.12.0 // indirect +) diff --git a/scanners/git-repo-scanner/scanner/go.sum b/scanners/git-repo-scanner/scanner/go.sum new file mode 100644 index 0000000000..eb2dcdd019 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/go.sum @@ -0,0 +1,38 @@ +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/go-github/v79 v79.0.0 h1:MdodQojuFPBhmtwHiBcIGLw/e/wei2PvFX9ndxK0X4Y= +github.com/google/go-github/v79 v79.0.0/go.mod h1:OAFbNhq7fQwohojb06iIIQAB9CBGYLq999myfUFnrS4= +github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= +github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-retryablehttp v0.7.8 h1:ylXZWnqa7Lhqpk0L1P1LzDtGcCR0rPVUrx/c8Unxc48= +github.com/hashicorp/go-retryablehttp v0.7.8/go.mod h1:rjiScheydd+CxvumBsIrFKlx3iS0jrZ7LvzFGFmuKbw= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +gitlab.com/gitlab-org/api/client-go v0.160.1 h1:7kEgo1yQ3ZMRps/2JbXzqbRb4Rs8n2ECkAv+6MadJw8= +gitlab.com/gitlab-org/api/client-go v0.160.1/go.mod h1:YqKcnxyV9OPAL5U99mpwBVEgBPz1PK/3qwqq/3h6bao= +golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM= +golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc= +golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= +golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= +golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE= +golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/scanners/git-repo-scanner/scanner/go.sum.license b/scanners/git-repo-scanner/scanner/go.sum.license new file mode 100644 index 0000000000..c95bc37185 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/go.sum.license @@ -0,0 +1,3 @@ +SPDX-FileCopyrightText: the secureCodeBox authors + +SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/git-repo-scanner/scanner/internal/config/config.go b/scanners/git-repo-scanner/scanner/internal/config/config.go new file mode 100644 index 0000000000..e11c5b7767 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/config/config.go @@ -0,0 +1,224 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package config + +import ( + "flag" + "fmt" + "strconv" + "strings" + "time" + + "github.com/secureCodeBox/scanners/git-repo-scanner/scanner/internal/duration" +) + +type Config struct { + GitType string + FileOutput string + URL string + AccessToken string + Organization string + Group *int + IgnoreRepos []int64 + IgnoreGroups []int + ObeyRateLimit bool + AnnotateLatestCommitID bool + ActivitySinceDuration *time.Duration + ActivityUntilDuration *time.Duration +} + +func ParseFlags() (*Config, error) { + config := &Config{} + + // Define flags + flag.StringVar(&config.GitType, "git-type", "", "Repository type can be GitHub or GitLab") + flag.StringVar(&config.FileOutput, "file-output", "", "The path of the output file") + flag.StringVar(&config.URL, "url", "", "The GitLab url or a GitHub enterprise api url") + flag.StringVar(&config.AccessToken, "access-token", "", "An access token for authentication") + flag.StringVar(&config.Organization, "organization", "", "The name of the GitHub organization to scan") + + var groupStr string + flag.StringVar(&groupStr, "group", "", "The id of the GitLab group to scan") + + var ignoreReposStr string + flag.StringVar(&ignoreReposStr, "ignore-repos", "", "Comma-separated list of repo ids to ignore") + + var ignoreGroupsStr string + flag.StringVar(&ignoreGroupsStr, "ignore-groups", "", "Comma-separated list of GitLab group ids to ignore") + + flag.BoolVar(&config.ObeyRateLimit, "obey-rate-limit", true, + "True to obey the rate limit of the GitLab or GitHub server (default), otherwise false") + flag.BoolVar(&config.AnnotateLatestCommitID, "annotate-latest-commit-id", false, + "Annotate the results with the latest commit hash of the main branch of the repository") + + var activitySinceStr string + var activityUntilStr string + flag.StringVar(&activitySinceStr, "activity-since-duration", "", + "Return git repo findings with repo activity more recent than a specific duration (e.g., '7d', '2w', '1h')") + flag.StringVar(&activityUntilStr, "activity-until-duration", "", + "Return git repo findings with repo activity older than a specific duration (e.g., '7d', '2w', '1h')") + + flag.Parse() + + config.GitType = normalizeGitType(config.GitType) + + if err := config.validate(); err != nil { + flag.Usage() + return nil, err + } + + if err := config.parseOptionalFields(groupStr, ignoreReposStr, ignoreGroupsStr, activitySinceStr, activityUntilStr); err != nil { + return nil, err + } + + return config, nil +} + +func normalizeGitType(gitType string) string { + switch strings.ToLower(gitType) { + case "github": + return "GitHub" + case "gitlab": + return "GitLab" + default: + return gitType + } +} + +func (c *Config) validate() error { + if c.GitType == "" { + return fmt.Errorf("--git-type is required") + } + + if c.GitType != "GitHub" && c.GitType != "GitLab" { + return fmt.Errorf("invalid git-type: %s. Must be 'GitHub' or 'GitLab'", c.GitType) + } + + if c.FileOutput == "" { + return fmt.Errorf("--file-output is required") + } + + // Validate GitLab specific requirements + if c.GitType == "GitLab" && c.URL == "" { + return fmt.Errorf("--url is required for GitLab") + } + + // Validate GitHub specific requirements + if c.GitType == "GitHub" && c.Organization == "" { + return fmt.Errorf("--organization is required for GitHub") + } + + return nil +} + +func (c *Config) parseOptionalFields(groupStr, ignoreReposStr, ignoreGroupsStr, activitySinceStr, activityUntilStr string) error { + if groupStr != "" { + group, err := strconv.Atoi(groupStr) + if err != nil { + return fmt.Errorf("invalid group id: %s", groupStr) + } + c.Group = &group + } + + if ignoreReposStr != "" { + repos, err := parseIntListAsInt64(ignoreReposStr) + if err != nil { + return fmt.Errorf("invalid repo ids in ignore-repos: %w", err) + } + c.IgnoreRepos = repos + } + + if ignoreGroupsStr != "" { + groups, err := parseIntListAsInt(ignoreGroupsStr) + if err != nil { + return fmt.Errorf("invalid group ids in ignore-groups: %w", err) + } + c.IgnoreGroups = groups + } + + if activitySinceStr != "" { + d, err := duration.Parse(activitySinceStr) + if err != nil { + return fmt.Errorf("invalid activity-since-duration: %w", err) + } + c.ActivitySinceDuration = &d + } + + if activityUntilStr != "" { + d, err := duration.Parse(activityUntilStr) + if err != nil { + return fmt.Errorf("invalid activity-until-duration: %w", err) + } + c.ActivityUntilDuration = &d + } + + return nil +} + +func parseIntListAsInt64(s string) ([]int64, error) { + var result []int64 + parts := strings.SplitSeq(s, ",") + + for part := range parts { + part = strings.TrimSpace(part) + if part == "" { + continue + } + + id, err := strconv.ParseInt(part, 10, 64) + if err != nil { + return nil, fmt.Errorf("invalid id: %s", part) + } + result = append(result, id) + } + + return result, nil +} + +func parseIntListAsInt(s string) ([]int, error) { + var result []int + parts := strings.SplitSeq(s, ",") + + for part := range parts { + part = strings.TrimSpace(part) + if part == "" { + continue + } + + id, err := strconv.Atoi(part) + if err != nil { + return nil, fmt.Errorf("invalid id: %s", part) + } + result = append(result, id) + } + + return result, nil +} + +// GetTimeFrame returns the start and end times based on duration configuration +func (c *Config) GetTimeFrame() (*time.Time, *time.Time, error) { + if c.ActivitySinceDuration == nil && c.ActivityUntilDuration == nil { + return nil, nil, nil + } + + now := time.Now().UTC() + var startTime, endTime *time.Time + + if c.ActivitySinceDuration != nil { + t := now.Add(-*c.ActivitySinceDuration) + startTime = &t + } + + if c.ActivityUntilDuration != nil { + t := now.Add(-*c.ActivityUntilDuration) + endTime = &t + } + + if startTime != nil && endTime != nil && startTime.After(*endTime) { + return nil, nil, fmt.Errorf("activity-since-duration must be greater than activity-until-duration") + } + + return startTime, endTime, nil +} diff --git a/scanners/git-repo-scanner/scanner/internal/config/config_test.go b/scanners/git-repo-scanner/scanner/internal/config/config_test.go new file mode 100644 index 0000000000..d32171d4fe --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/config/config_test.go @@ -0,0 +1,234 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package config + +import ( + "strings" + "testing" + "time" +) + +const fileOutput = "output.json" + +func TestValidateConfig(t *testing.T) { + tests := []struct { + name string + config Config + wantErr bool + errMsg string + }{ + { + name: "missing git-type", + config: Config{FileOutput: fileOutput}, + wantErr: true, + errMsg: "--git-type is required", + }, + { + name: "invalid git-type", + config: Config{GitType: "Bitbucket", FileOutput: fileOutput}, + wantErr: true, + errMsg: "invalid git-type", + }, + { + name: "GitLab missing URL", + config: Config{GitType: "GitLab", FileOutput: fileOutput}, + wantErr: true, + errMsg: "--url is required for GitLab", + }, + { + name: "GitHub missing organization", + config: Config{GitType: "GitHub", FileOutput: fileOutput}, + wantErr: true, + errMsg: "--organization is required for GitHub", + }, + { + name: "valid GitHub config", + config: Config{ + GitType: "GitHub", + FileOutput: fileOutput, + Organization: "test-org", + }, + wantErr: false, + }, + { + name: "valid GitLab config", + config: Config{ + GitType: "GitLab", + FileOutput: fileOutput, + URL: "https://gitlab.com", + }, + wantErr: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + err := tt.config.validate() + if (err != nil) != tt.wantErr { + t.Errorf("validate() error = %v, wantErr %v", err, tt.wantErr) + } + if err != nil && tt.errMsg != "" && !strings.Contains(err.Error(), tt.errMsg) { + t.Errorf("error message = %v, want to contain %v", err.Error(), tt.errMsg) + } + }) + } +} + +func TestParseOptionalFields(t *testing.T) { + tests := []struct { + name string + groupStr string + ignoreReposStr string + ignoreGroupsStr string + activitySinceStr string + activityUntilStr string + wantErr bool + validateResult func(t *testing.T, c *Config) + }{ + { + name: "valid group ID", + groupStr: "123", + wantErr: false, + validateResult: func(t *testing.T, c *Config) { + if c.Group == nil || *c.Group != 123 { + t.Errorf("expected group to be 123, got %v", c.Group) + } + }, + }, + { + name: "invalid group ID", + groupStr: "abc", + wantErr: true, + }, + { + name: "valid ignore repos list", + ignoreReposStr: "1,2,3,456", + wantErr: false, + validateResult: func(t *testing.T, c *Config) { + expected := []int64{1, 2, 3, 456} + if len(c.IgnoreRepos) != len(expected) { + t.Errorf("expected %d repos, got %d", len(expected), len(c.IgnoreRepos)) + } + for i, v := range expected { + if c.IgnoreRepos[i] != v { + t.Errorf("repo[%d]: expected %d, got %d", i, v, c.IgnoreRepos[i]) + } + } + }, + }, + { + name: "ignore repos with spaces", + ignoreReposStr: " 1 , 2 , 3 ", + wantErr: false, + validateResult: func(t *testing.T, c *Config) { + if len(c.IgnoreRepos) != 3 { + t.Errorf("expected 3 repos, got %d", len(c.IgnoreRepos)) + } + }, + }, + { + name: "invalid ignore repos", + ignoreReposStr: "1,abc,3", + wantErr: true, + }, + { + name: "valid activity durations", + activitySinceStr: "7d", + activityUntilStr: "1d", + wantErr: false, + validateResult: func(t *testing.T, c *Config) { + if c.ActivitySinceDuration == nil { + t.Error("ActivitySinceDuration should not be nil") + } + if c.ActivityUntilDuration == nil { + t.Error("ActivityUntilDuration should not be nil") + } + }, + }, + { + name: "invalid activity-since duration", + activitySinceStr: "invalid", + wantErr: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := &Config{} + err := c.parseOptionalFields(tt.groupStr, tt.ignoreReposStr, tt.ignoreGroupsStr, + tt.activitySinceStr, tt.activityUntilStr) + + if (err != nil) != tt.wantErr { + t.Errorf("parseOptionalFields() error = %v, wantErr %v", err, tt.wantErr) + } + + if !tt.wantErr && tt.validateResult != nil { + tt.validateResult(t, c) + } + }) + } +} + +func TestGetTimeFrame(t *testing.T) { + sevenDays := 7 * 24 * time.Hour + oneDay := 24 * time.Hour + + tests := []struct { + name string + activitySinceDuration *time.Duration + activityUntilDuration *time.Duration + wantErr bool + errMsg string + }{ + { + name: "no durations returns nil", + wantErr: false, + }, + { + name: "valid range: 7 days since, 1 day until", + activitySinceDuration: &sevenDays, + activityUntilDuration: &oneDay, + wantErr: false, + }, + { + name: "invalid range: since < until", + activitySinceDuration: &oneDay, + activityUntilDuration: &sevenDays, + wantErr: true, + errMsg: "activity-since-duration must be greater than activity-until-duration", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := &Config{ + ActivitySinceDuration: tt.activitySinceDuration, + ActivityUntilDuration: tt.activityUntilDuration, + } + + start, end, err := c.GetTimeFrame() + + if (err != nil) != tt.wantErr { + t.Errorf("GetTimeFrame() error = %v, wantErr %v", err, tt.wantErr) + } + + if err != nil && tt.errMsg != "" && !strings.Contains(err.Error(), tt.errMsg) { + t.Errorf("error message = %v, want to contain %v", err.Error(), tt.errMsg) + } + + // Basic validation of the logic + if err == nil { + if tt.activitySinceDuration == nil && tt.activityUntilDuration == nil { + if start != nil || end != nil { + t.Error("expected both start and end to be nil when no durations set") + } + } + if start != nil && end != nil && start.After(*end) { + t.Error("start time should be before end time") + } + } + }) + } +} diff --git a/scanners/git-repo-scanner/scanner/internal/duration/parser.go b/scanners/git-repo-scanner/scanner/internal/duration/parser.go new file mode 100644 index 0000000000..bdce224709 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/duration/parser.go @@ -0,0 +1,57 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package duration + +import ( + "fmt" + "strconv" + "strings" + "time" +) + +var durationMultipliers = map[string]time.Duration{ + "s": time.Second, + "m": time.Minute, + "h": time.Hour, + "d": 24 * time.Hour, + "w": 7 * 24 * time.Hour, + "mo": 30 * 24 * time.Hour, + "y": 365 * 24 * time.Hour, +} + +// parseDuration parses duration strings like "7d", "2w", "1h30m" +func Parse(s string) (time.Duration, error) { + // First try standard Go duration parsing + if d, err := time.ParseDuration(s); err == nil { + return d, nil + } + + // Handle common suffixes + s = strings.ToLower(strings.TrimSpace(s)) + + multipliers := map[string]time.Duration{ + "s": time.Second, + "m": time.Minute, + "h": time.Hour, + "d": 24 * time.Hour, + "w": 7 * 24 * time.Hour, + "mo": 30 * 24 * time.Hour, + "y": 365 * 24 * time.Hour, + } + + // Try to parse with custom suffixes + for suffix, multiplier := range multipliers { + if strings.HasSuffix(s, suffix) { + numStr := strings.TrimSuffix(s, suffix) + num, err := strconv.ParseFloat(numStr, 64) + if err != nil { + continue + } + return time.Duration(float64(multiplier) * num), nil + } + } + + return 0, fmt.Errorf("unable to parse duration: %s", s) +} diff --git a/scanners/git-repo-scanner/scanner/internal/duration/parser_test.go b/scanners/git-repo-scanner/scanner/internal/duration/parser_test.go new file mode 100644 index 0000000000..23d7e4b826 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/duration/parser_test.go @@ -0,0 +1,147 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package duration + +import ( + "testing" + "time" +) + +func TestParse(t *testing.T) { + tests := []struct { + name string + input string + expected time.Duration + wantErr bool + }{ + { + name: "standard_seconds", + input: "30s", + expected: 30 * time.Second, + wantErr: false, + }, + { + name: "standard_minutes", + input: "15m", + expected: 15 * time.Minute, + wantErr: false, + }, + { + name: "standard_hours", + input: "2h", + expected: 2 * time.Hour, + wantErr: false, + }, + { + name: "standard_combined", + input: "1h30m", + expected: 90 * time.Minute, + wantErr: false, + }, + { + name: "custom_days", + input: "7d", + expected: 7 * 24 * time.Hour, + wantErr: false, + }, + { + name: "custom_weeks", + input: "2w", + expected: 14 * 24 * time.Hour, + wantErr: false, + }, + { + name: "custom_months", + input: "1mo", + expected: 30 * 24 * time.Hour, + wantErr: false, + }, + { + name: "custom_years", + input: "1y", + expected: 365 * 24 * time.Hour, + wantErr: false, + }, + { + name: "decimal_days", + input: "1.5d", + expected: 36 * time.Hour, + wantErr: false, + }, + { + name: "decimal_weeks", + input: "0.5w", + expected: 84 * time.Hour, + wantErr: false, + }, + { + name: "uppercase_days", + input: "7D", + expected: 7 * 24 * time.Hour, + wantErr: false, + }, + { + name: "uppercase_months", + input: "2MO", + expected: 60 * 24 * time.Hour, + wantErr: false, + }, + { + name: "invalid_format", + input: "invalid", + expected: 0, + wantErr: true, + }, + { + name: "empty_string", + input: "", + expected: 0, + wantErr: true, + }, + { + name: "number_only", + input: "42", + expected: 0, + wantErr: true, + }, + { + name: "invalid_suffix", + input: "7x", + expected: 0, + wantErr: true, + }, + { + name: "non_numeric_prefix", + input: "abcd", + expected: 0, + wantErr: true, + }, + { + name: "mixed_invalid", + input: "1d2w", // Not supported format + expected: 0, + wantErr: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := Parse(tt.input) + + if tt.wantErr { + if err == nil { + t.Errorf("Parse(%q) expected error, got nil", tt.input) + } + } else { + if err != nil { + t.Errorf("Parse(%q) unexpected error: %v", tt.input, err) + } + if got != tt.expected { + t.Errorf("Parse(%q) = %v, want %v", tt.input, got, tt.expected) + } + } + }) + } +} diff --git a/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/git_repo_scanner.go b/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/git_repo_scanner.go new file mode 100644 index 0000000000..d33bdbcc52 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/git_repo_scanner.go @@ -0,0 +1,73 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package gitreposcanner + +import ( + "time" +) + +type Finding struct { + Name string `json:"name"` + Description string `json:"description"` + Category string `json:"category"` + OSILayer string `json:"osi_layer"` + Severity string `json:"severity"` + Attributes map[string]any `json:"attributes"` +} + +type GitType string + +// GitRepoScanner defines the interface that all scanners must implement +type GitRepoScanner interface { + GitType() GitType + Process(startTime, endTime *time.Time) ([]Finding, error) +} + +// BaseScanner provides common functionality for scanner implementations +type BaseScanner struct{} + +func (b *BaseScanner) CreateFinding( + gitType GitType, + repoID string, + webURL string, + fullName string, + ownerType string, + ownerID string, + ownerName string, + createdAt string, + lastActivityAt string, + visibility string, + archived bool, + topics []string, + lastCommitID *string, +) Finding { + finding := Finding{ + Name: string(gitType) + " Repo", + Description: "A " + string(gitType) + " repository", + Category: "Git Repository", + OSILayer: "APPLICATION", + Severity: "INFORMATIONAL", + Attributes: map[string]any{ + "id": repoID, + "web_url": webURL, + "full_name": fullName, + "owner_type": ownerType, + "owner_id": ownerID, + "topics": topics, + "owner_name": ownerName, + "created_at": createdAt, + "last_activity_at": lastActivityAt, + "visibility": visibility, + "archived": archived, + }, + } + + if lastCommitID != nil { + attributes := finding.Attributes + attributes["last_commit_id"] = *lastCommitID + } + + return finding +} diff --git a/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/github_repo_scanner.go b/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/github_repo_scanner.go new file mode 100644 index 0000000000..ebc39a67bd --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/github_repo_scanner.go @@ -0,0 +1,351 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package gitreposcanner + +import ( + "context" + "fmt" + "log" + "net/http" + "time" + + "github.com/google/go-github/v79/github" + "golang.org/x/oauth2" +) + +const GitHub GitType = "GitHub" + +// GitHubRepoScanner implements the GitRepoScanner interface for GitHub repositories +type GitHubRepoScanner struct { + BaseScanner + url string + accessToken string + organization string + ignoreRepos map[int64]bool + obeyRateLimit bool + annotateLatestCommitID bool + client *github.Client + logger *log.Logger + ctx context.Context + lastRateLimitCheck time.Time + requestsSinceCheck int +} + +func NewGitHubScanner( + url string, + accessToken string, + organization string, + ignoreRepos []int64, + obeyRateLimit bool, + annotateLatestCommitID bool, + logger *log.Logger, +) (*GitHubRepoScanner, error) { + if organization == "" { + return nil, fmt.Errorf("organization required for GitHub connection") + } + if url != "" && accessToken == "" { + return nil, fmt.Errorf("access token required for GitHub connection") + } + + ignoreMap := make(map[int64]bool) + for _, id := range ignoreRepos { + ignoreMap[id] = true + } + + if logger == nil { + logger = log.New(log.Writer(), "git_repo_scanner: ", log.LstdFlags) + } + + return &GitHubRepoScanner{ + url: url, + accessToken: accessToken, + organization: organization, + ignoreRepos: ignoreMap, + obeyRateLimit: obeyRateLimit, + annotateLatestCommitID: annotateLatestCommitID, + logger: logger, + ctx: context.Background(), + lastRateLimitCheck: time.Time{}, + requestsSinceCheck: 0, + }, nil +} + +func (g *GitHubRepoScanner) GitType() GitType { + return GitHub +} + +func (g *GitHubRepoScanner) Process(startTime, endTime *time.Time) ([]Finding, error) { + if err := g.setup(); err != nil { + return nil, fmt.Errorf("failed to setup GitHub client: %w", err) + } + + findings, err := g.processRepos(startTime, endTime) + + // Log remaining API calls at the end + if g.obeyRateLimit { + rate, _, rateLimitErr := g.client.RateLimit.Get(g.ctx) + if rateLimitErr == nil { + core := rate.GetCore() + g.logger.Printf("Scan complete. Rate limit status: %d/%d remaining, resets at %s", + core.Remaining, core.Limit, core.Reset.Time.Format(time.RFC3339)) + } + } + + return findings, err +} + +func (g *GitHubRepoScanner) setup() error { + if g.url != "" { + return g.setupWithURL() + } + return g.setupWithoutURL() +} + +func (g *GitHubRepoScanner) setupWithoutURL() error { + if g.accessToken != "" { + tc := g.createTokenClient() + g.client = github.NewClient(tc) + } else { + g.client = github.NewClient(nil) + } + return nil +} + +func (g *GitHubRepoScanner) setupWithURL() error { + if g.accessToken == "" { + return fmt.Errorf("access token required for github enterprise authentication") + } + + tc := g.createTokenClient() + + var err error + g.client, err = github.NewClient(tc).WithEnterpriseURLs(g.url, g.url) + return err +} + +// The go-github library does not directly handle authentication. +// Instead, when creating a new client, pass an http.Client that can handle authentication for you. +// https://pkg.go.dev/github.com/google/go-github/github#hdr-Authentication +func (g *GitHubRepoScanner) createTokenClient() *http.Client { + ts := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: g.accessToken}) + return oauth2.NewClient(g.ctx, ts) +} + +func (g *GitHubRepoScanner) trackAPICall() { + g.requestsSinceCheck++ +} + +func (g *GitHubRepoScanner) processRepos(startTime, endTime *time.Time) ([]Finding, error) { + var findings []Finding + + org, _, err := g.client.Organizations.Get(g.ctx, g.organization) + g.trackAPICall() + if err != nil { + return nil, fmt.Errorf("failed to get organization: %w", err) + } + + opts := &github.RepositoryListByOrgOptions{ + Type: "all", + Sort: "pushed", + Direction: "asc", + ListOptions: github.ListOptions{ + PerPage: 100, + }, + } + + // If start time is specified, reverse the sort order + if startTime != nil { + opts.Direction = "desc" + } + + // Paginate through all repositories + for { + repos, resp, err := g.client.Repositories.ListByOrg(g.ctx, org.GetLogin(), opts) + g.trackAPICall() + if err != nil { + return nil, fmt.Errorf("failed to list repositories: %w", err) + } + + findingsForRepo, shouldContinue, err := g.processReposPage(repos, startTime, endTime) + if err != nil { + return nil, err + } + findings = append(findings, findingsForRepo...) + + if !shouldContinue || resp.NextPage == 0 { + break + } + + opts.Page = resp.NextPage + } + + return findings, nil +} + +func (g *GitHubRepoScanner) processReposPage( + repos []*github.Repository, + startTime, endTime *time.Time, +) ([]Finding, bool, error) { + var findings []Finding + + for _, repo := range repos { + if g.ignoreRepos[repo.GetID()] { + continue + } + + if (startTime != nil || endTime != nil) && !g.checkRepoIsInTimeFrame(repo.GetPushedAt().Time, startTime, endTime) { + return findings, false, nil // Stop processing further pages + } + + g.logger.Printf("Processing repository: %s", repo.GetFullName()) + + finding, err := g.createFindingFromRepo(repo) + if err != nil { + g.logger.Printf("Warning: failed to create finding for repo %s: %v", repo.GetName(), err) + continue + } + + findings = append(findings, finding) + + // Respect rate limit after processing each repo + if err := g.respectGitHubRateLimit(); err != nil { + return findings, false, err + } + } + + return findings, true, nil // Continue to next page +} + +func (g *GitHubRepoScanner) checkRepoIsInTimeFrame( + pushedAt time.Time, + startTime, endTime *time.Time, +) bool { + // GitHub API returns timestamps in UTC + pushedAt = pushedAt.UTC() + + if startTime != nil && pushedAt.Before(*startTime) { + g.logger.Printf("Reached activity limit! Ignoring all repos with activity before `%s`.", + startTime.Format(time.RFC3339)) + return false + } + + if endTime != nil && pushedAt.After(*endTime) { + g.logger.Printf("Reached activity limit! Ignoring all repos with activity after `%s`.", + endTime.Format(time.RFC3339)) + return false + } + + return true +} + +func (g *GitHubRepoScanner) respectGitHubRateLimit() error { + if !g.obeyRateLimit { + return nil + } + + // Determine check interval based on authentication + // For unauthenticated (60/hour), check more frequently + checkInterval := 50 + if g.accessToken == "" { + checkInterval = 5 + } + + if g.requestsSinceCheck < checkInterval && time.Since(g.lastRateLimitCheck) < 30*time.Second { + return nil + } + + g.requestsSinceCheck = 0 + g.lastRateLimitCheck = time.Now() + + rate, _, err := g.client.RateLimit.Get(g.ctx) + g.trackAPICall() + if err != nil { + return fmt.Errorf("failed to get rate limit: %w", err) + } + + core := rate.GetCore() + remaining := core.Remaining + reset := core.Reset.Time + limit := core.Limit + + // Determine threshold based on whether authenticated or not + var lowThreshold int + if limit <= 60 { + lowThreshold = 10 + g.logger.Printf("Warning: Using unauthenticated GitHub API (60 requests/hour limit). Consider providing an access token for better performance.") + } else { + lowThreshold = 100 + } + + if remaining < lowThreshold { + secondsUntilReset := time.Until(reset).Seconds() + 5 + if remaining > 0 { + sleepTime := secondsUntilReset / float64(remaining) + + maxSleep := 10.0 + if sleepTime > maxSleep { + sleepTime = maxSleep + g.logger.Printf("Rate limit low (%d/%d remaining), sleeping %.1fs (capped)", + remaining, limit, sleepTime) + } else if sleepTime > 1 { + g.logger.Printf("Rate limit low (%d/%d remaining), sleeping %.1fs between requests", + remaining, limit, sleepTime) + } + + if sleepTime > 0 { + time.Sleep(time.Duration(sleepTime * float64(time.Second))) + } + } else { + g.logger.Printf("Rate limit exhausted. Waiting until %s", reset.Format(time.RFC3339)) + time.Sleep(time.Until(reset) + 5*time.Second) + } + } + + return nil +} + +func (g *GitHubRepoScanner) createFindingFromRepo(repo *github.Repository) (Finding, error) { + var latestCommitID *string + + if g.annotateLatestCommitID { + commits, _, err := g.client.Repositories.ListCommits(g.ctx, + repo.GetOwner().GetLogin(), + repo.GetName(), + &github.CommitsListOptions{ + ListOptions: github.ListOptions{PerPage: 1}, + }) + g.trackAPICall() + + if err != nil { + g.logger.Printf("Warning: Could not identify the latest commit ID - repository without commits?") + empty := "" + latestCommitID = &empty + } else if len(commits) > 0 { + sha := commits[0].GetSHA() + latestCommitID = &sha + } + } + + visibility := "public" + if repo.GetPrivate() { + visibility = "private" + } + + return g.CreateFinding( + g.GitType(), + fmt.Sprintf("%d", repo.GetID()), + repo.GetHTMLURL(), + repo.GetFullName(), + repo.GetOwner().GetType(), + fmt.Sprintf("%d", repo.GetOwner().GetID()), + repo.GetOwner().GetLogin(), + repo.GetCreatedAt().Format("2006-01-02T15:04:05Z"), + repo.GetUpdatedAt().Format("2006-01-02T15:04:05Z"), + visibility, + repo.GetArchived(), + repo.Topics, + latestCommitID, + ), nil +} diff --git a/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/gitlab_repo_scanner.go b/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/gitlab_repo_scanner.go new file mode 100644 index 0000000000..21d106e2fb --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/git_repo_scanner/gitlab_repo_scanner.go @@ -0,0 +1,317 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package gitreposcanner + +import ( + "fmt" + "log" + "time" + + gitlab "gitlab.com/gitlab-org/api/client-go" + "golang.org/x/oauth2" +) + +const GitLab GitType = "GitLab" + +// GitLabScanner implements the GitRepoScanner interface for GitLab repositories +type GitLabRepoScanner struct { + BaseScanner + url string + accessToken string + group *int + ignoredGroups map[int]bool + ignoreRepos map[int]bool + obeyRateLimit bool + annotateLatestCommitID bool + client *gitlab.Client + logger *log.Logger +} + +func NewGitLabScanner( + url string, + accessToken string, + group *int, + ignoredGroups []int, + ignoreRepos []int, + obeyRateLimit bool, + annotateLatestCommitID bool, + logger *log.Logger, +) (*GitLabRepoScanner, error) { + if url == "" { + return nil, fmt.Errorf("URL required for GitLab connection") + } + if accessToken == "" { + return nil, fmt.Errorf("access token required for GitLab authentication") + } + + ignoredGroupsMap := make(map[int]bool) + for _, id := range ignoredGroups { + ignoredGroupsMap[id] = true + } + + ignoreReposMap := make(map[int]bool) + for _, id := range ignoreRepos { + ignoreReposMap[id] = true + } + + if logger == nil { + logger = log.New(log.Writer(), "git_repo_scanner: ", log.LstdFlags) + } + + return &GitLabRepoScanner{ + url: url, + accessToken: accessToken, + group: group, + ignoredGroups: ignoredGroupsMap, + ignoreRepos: ignoreReposMap, + obeyRateLimit: obeyRateLimit, + annotateLatestCommitID: annotateLatestCommitID, + logger: logger, + }, nil +} + +func (g *GitLabRepoScanner) GitType() GitType { + return GitLab +} + +func (g *GitLabRepoScanner) Process(startTime, endTime *time.Time) ([]Finding, error) { + if err := g.authenticate(); err != nil { + return nil, fmt.Errorf("failed to authenticate: %w", err) + } + + projects, err := g.getProjects(startTime, endTime) + if err != nil { + return nil, fmt.Errorf("failed to get projects: %w", err) + } + + return g.processProjects(projects) +} + +func (g *GitLabRepoScanner) authenticate() error { + g.logger.Println("Start GitLab authentication") + + var err error + // Try private token authentication first + g.client, err = gitlab.NewClient(g.accessToken, gitlab.WithBaseURL(g.url)) + if err != nil { + return fmt.Errorf("failed to create GitLab client: %w", err) + } + + // Test authentication by getting current user + _, _, err = g.client.Users.CurrentUser() + if err != nil { + // Try OAuth token if private token fails + ts := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: g.accessToken}) + g.client, err = gitlab.NewAuthSourceClient(gitlab.OAuthTokenSource{TokenSource: ts}, gitlab.WithBaseURL(g.url)) + if err != nil { + return fmt.Errorf("failed to create GitLab OAuth client: %w", err) + } + + // Test OAuth authentication + _, _, err = g.client.Users.CurrentUser() + if err != nil { + return fmt.Errorf("GitLab authentication failed: %w", err) + } + } + + g.logger.Println("GitLab authentication succeeded") + return nil +} + +func (g *GitLabRepoScanner) getProjects(startTime, endTime *time.Time) ([]*gitlab.Project, error) { + g.logger.Printf("Get GitLab repositories with last activity between %v and %v", startTime, endTime) + + var allProjects []*gitlab.Project + + listOptions := &gitlab.ListProjectsOptions{ + OrderBy: gitlab.Ptr("last_activity_at"), + Sort: gitlab.Ptr("desc"), + ListOptions: gitlab.ListOptions{ + PerPage: 100, + }, + } + + if startTime != nil { + listOptions.LastActivityAfter = startTime + } + if endTime != nil { + listOptions.LastActivityBefore = endTime + } + + if g.group != nil { + groupOptions := &gitlab.ListGroupProjectsOptions{ + OrderBy: listOptions.OrderBy, + Sort: listOptions.Sort, + IncludeSubGroups: gitlab.Ptr(true), + ListOptions: listOptions.ListOptions, + } + + // Paginate through all group projects + for { + projects, resp, err := g.client.Groups.ListGroupProjects(*g.group, groupOptions) + if err != nil { + return nil, fmt.Errorf("failed to list group projects: %w", err) + } + + allProjects = append(allProjects, projects...) + + if resp.NextPage == 0 { + break + } + groupOptions.Page = resp.NextPage + + if g.obeyRateLimit { + g.respectRateLimit(resp) + } + } + } else { + // List all projects accessible to the user + for { + projects, resp, err := g.client.Projects.ListProjects(listOptions) + if err != nil { + return nil, fmt.Errorf("failed to list projects: %w", err) + } + + allProjects = append(allProjects, projects...) + + if resp.NextPage == 0 { + break + } + listOptions.Page = resp.NextPage + + if g.obeyRateLimit { + g.respectRateLimit(resp) + } + } + } + + return allProjects, nil +} + +func (g *GitLabRepoScanner) respectRateLimit(resp *gitlab.Response) { + if !g.obeyRateLimit || resp == nil { + return + } + + // GitLab provides rate limit info in headers + remaining := resp.Header.Get("RateLimit-Remaining") + reset := resp.Header.Get("RateLimit-Reset") + + if remaining != "" && reset != "" { + g.logger.Printf("Rate limit - Remaining: %s, Reset: %s", remaining, reset) + + var remainingInt int + fmt.Sscanf(remaining, "%d", &remainingInt) + if remainingInt < 10 { + time.Sleep(time.Second) + } + } +} + +func (g *GitLabRepoScanner) processProjects(projects []*gitlab.Project) ([]Finding, error) { + projectCount := len(projects) + findings := make([]Finding, 0, projectCount) + + for i, project := range projects { + if !g.isNotIgnored(project) { + continue + } + + finding, err := g.createFindingFromProject(project, i, projectCount) + if err != nil { + g.logger.Printf("Warning: failed to create finding for project %s: %v", + project.Name, err) + continue + } + + findings = append(findings, finding) + } + + return findings, nil +} + +func (g *GitLabRepoScanner) isNotIgnored(project *gitlab.Project) bool { + if g.ignoreRepos[project.ID] { + return false + } + + if project.Namespace != nil && project.Namespace.Kind == "group" { + if g.ignoredGroups[project.Namespace.ID] { + return false + } + } + + return true +} + +func (g *GitLabRepoScanner) createFindingFromProject( + project *gitlab.Project, + index int, + total int, +) (Finding, error) { + g.logger.Printf("(%d/%d) Add finding for repo %s with last activity at %s", + index+1, total, project.Name, project.LastActivityAt.String()) + + var latestCommitID *string + + if g.annotateLatestCommitID { + // Get the latest commit + commits, _, err := g.client.Commits.ListCommits(project.ID, &gitlab.ListCommitsOptions{ + ListOptions: gitlab.ListOptions{ + PerPage: 1, + Page: 1, + }, + }) + + if err != nil || len(commits) == 0 { + g.logger.Printf("Warning: Could not identify the latest commit ID - repository without commits?") + empty := "" + latestCommitID = &empty + } else { + latestCommitID = &commits[0].ID + } + } + + // Determine owner info from namespace + ownerType := "" + ownerID := "" + ownerName := "" + if project.Namespace != nil { + ownerType = project.Namespace.Kind + ownerID = fmt.Sprintf("%d", project.Namespace.ID) + ownerName = project.Namespace.Name + } + + createdAt := "" + if project.CreatedAt != nil { + createdAt = project.CreatedAt.Format("2006-01-02T15:04:05Z") + } + + lastActivityAt := "" + if project.LastActivityAt != nil { + lastActivityAt = project.LastActivityAt.Format("2006-01-02T15:04:05Z") + } + + topics := []string{} + if project.Topics != nil { + topics = project.Topics + } + + return g.CreateFinding( + g.GitType(), + fmt.Sprintf("%d", project.ID), + project.WebURL, + project.PathWithNamespace, + ownerType, + ownerID, + ownerName, + createdAt, + lastActivityAt, + string(project.Visibility), + project.Archived, + topics, + latestCommitID, + ), nil +} diff --git a/scanners/git-repo-scanner/scanner/internal/output/writer.go b/scanners/git-repo-scanner/scanner/internal/output/writer.go new file mode 100644 index 0000000000..9d7989ee47 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/internal/output/writer.go @@ -0,0 +1,59 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package output + +import ( + "encoding/json" + "fmt" + "os" + "path/filepath" +) + +const defaultOutputFileName = "git-repo-scanner-findings.json" + +func WriteFindings(fileOutput string, findings any) error { + outputPath, err := resolveOutputPath(fileOutput) + if err != nil { + return err + } + + var data []byte + data, err = json.MarshalIndent(findings, "", " ") + if err != nil { + return fmt.Errorf("failed to marshal findings: %w", err) + } + + if err := os.WriteFile(outputPath, data, 0644); err != nil { + return fmt.Errorf("failed to write file: %w", err) + } + + return nil +} + +func resolveOutputPath(fileOutput string) (string, error) { + // Create directory if it doesn't exist + dir := filepath.Dir(fileOutput) + if dir != "" && dir != "." { + if err := os.MkdirAll(dir, 0755); err != nil { + return "", fmt.Errorf("failed to create output directory: %w", err) + } + } + + // Check if fileOutput is a directory + fileInfo, err := os.Stat(fileOutput) + if err == nil && fileInfo.IsDir() { + return filepath.Join(fileOutput, defaultOutputFileName), nil + } + + // If no extension, treat as directory + if filepath.Ext(fileOutput) == "" { + if err := os.MkdirAll(fileOutput, 0755); err != nil { + return "", fmt.Errorf("failed to create output directory: %w", err) + } + return filepath.Join(fileOutput, defaultOutputFileName), nil + } + + return fileOutput, nil +} diff --git a/scanners/git-repo-scanner/scanner/main.go b/scanners/git-repo-scanner/scanner/main.go new file mode 100644 index 0000000000..168d8cd0c1 --- /dev/null +++ b/scanners/git-repo-scanner/scanner/main.go @@ -0,0 +1,102 @@ +// SPDX-FileCopyrightText: the secureCodeBox authors +// +// SPDX-License-Identifier: Apache-2.0 + +package main + +import ( + "fmt" + "log" + "os" + "time" + + "github.com/secureCodeBox/scanners/git-repo-scanner/scanner/internal/config" + gitreposcanner "github.com/secureCodeBox/scanners/git-repo-scanner/scanner/internal/git_repo_scanner" + "github.com/secureCodeBox/scanners/git-repo-scanner/scanner/internal/output" +) + +var ( + logger = log.New(os.Stdout, "git-repo-scanner - ", log.LstdFlags) +) + +func main() { + config, err := config.ParseFlags() + if err != nil { + logger.Fatalf("Error parsing flags: %v", err) + } + + findings, err := process(config) + if err != nil { + logger.Fatalf("Error processing: %v", err) + } + + logger.Println("Write findings to file...") + if err := output.WriteFindings(config.FileOutput, findings); err != nil { + logger.Fatalf("Failed to write findings: %v", err) + } + logger.Println("Finished!") +} + +func process(config *config.Config) ([]gitreposcanner.Finding, error) { + var scanner gitreposcanner.GitRepoScanner + var err error + + var startTime, endTime *time.Time + now := time.Now().UTC() + + if config.ActivitySinceDuration != nil { + t := now.Add(-*config.ActivitySinceDuration) + startTime = &t + } + + if config.ActivityUntilDuration != nil { + t := now.Add(-*config.ActivityUntilDuration) + endTime = &t + } + + if startTime != nil && endTime != nil && startTime.After(*endTime) { + return nil, fmt.Errorf("activity-since-duration must be greater than activity-until-duration") + } + + switch config.GitType { + case "GitLab": + // Convert int64 slice to int slice for GitLab + ignoreRepos := make([]int, len(config.IgnoreRepos)) + for i, id := range config.IgnoreRepos { + ignoreRepos[i] = int(id) + } + + scanner, err = gitreposcanner.NewGitLabScanner( + config.URL, + config.AccessToken, + config.Group, + config.IgnoreGroups, + ignoreRepos, + config.ObeyRateLimit, + config.AnnotateLatestCommitID, + logger, + ) + if err != nil { + return nil, fmt.Errorf("failed to create GitLab scanner: %w", err) + } + + case "GitHub": + scanner, err = gitreposcanner.NewGitHubScanner( + config.URL, + config.AccessToken, + config.Organization, + config.IgnoreRepos, + config.ObeyRateLimit, + config.AnnotateLatestCommitID, + logger, + ) + if err != nil { + return nil, fmt.Errorf("failed to create GitHub scanner: %w", err) + } + + default: + return nil, fmt.Errorf("unknown git type: %s", config.GitType) + } + + return scanner.Process(startTime, endTime) +} diff --git a/scanners/git-repo-scanner/scanner/requirements.txt b/scanners/git-repo-scanner/scanner/requirements.txt deleted file mode 100644 index 92af8e9fbc..0000000000 --- a/scanners/git-repo-scanner/scanner/requirements.txt +++ /dev/null @@ -1,8 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -PyGithub == 2.8.1 -python-gitlab == 7.0.0 -pytimeparse == 1.1.8 -pytz == 2025.2 diff --git a/scanners/git-repo-scanner/scanner/tests/__init__.py b/scanners/git-repo-scanner/scanner/tests/__init__.py deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py b/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py deleted file mode 100644 index 3ac4331e92..0000000000 --- a/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py +++ /dev/null @@ -1,420 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -import argparse -import datetime -import unittest -from datetime import timezone -from unittest.mock import MagicMock, Mock -from unittest.mock import patch - -import gitlab -from gitlab.v4.objects import Project, ProjectManager - -from git_repo_scanner.__main__ import get_parser_args -from git_repo_scanner.github_scanner import GitHubScanner -from git_repo_scanner.gitlab_scanner import GitLabScanner - - -class GitRepoScannerTests(unittest.TestCase): - @property - def wrong_output_msg(self) -> str: - return "Test finding output" - - def prepare_gitlab_commitlist_mock(self, mock_gptp, mock_commitmanager): - mock_gptp.side_effect = self._mock_group_project_to_project - mock_commitmanager.return_value = [Mock(id="deadbeef")] - - def _mock_group_project_to_project(self, project): - return project - - @patch("gitlab.v4.objects.ProjectCommitManager.list") - @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") - def test_process_gitlab_projects_with_no_ignore_list( - self, mock_gptp, mock_commitmanager - ): - # given - scanner = GitLabScanner( - "url", "token", None, [], [], annotate_latest_commit_id=True - ) - projects = assemble_projects() - self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) - # when - findings = scanner._process_projects(projects) - # then - self.assertEqual(3, len(findings), msg="There should be exactly 3 findings") - self.assertEqual(findings[0]["name"], "GitLab Repo", msg=self.wrong_output_msg) - self.assertEqual( - findings[0]["attributes"]["web_url"], "url1", msg=self.wrong_output_msg - ) - self.assertEqual( - findings[1]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg - ) - self.assertEqual( - findings[2]["attributes"]["web_url"], "url3", msg=self.wrong_output_msg - ) - self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") - self.assertEqual(findings[1]["attributes"]["archived"], False) - self.assertEqual(findings[2]["attributes"]["archived"], True) - self.assertEqual(findings[0]["attributes"]["topics"], []) - self.assertEqual(findings[2]["attributes"]["topics"], ["outdated"]) - mock_gptp.assert_called() - mock_commitmanager.assert_called() - - @patch("gitlab.v4.objects.ProjectCommitManager.list") - @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") - def test_process_gitlab_projects_without_annotating_commit_id( - self, mock_gptp, mock_commitmanager - ): - # given - scanner = GitLabScanner( - "url", "token", None, [], [], annotate_latest_commit_id=False - ) - projects = assemble_projects() - self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) - # when - findings = scanner._process_projects(projects) - # then - self.assertEqual(3, len(findings), msg="There should be exactly 3 findings") - self.assertEqual(findings[0]["name"], "GitLab Repo", msg=self.wrong_output_msg) - self.assertEqual( - findings[0]["attributes"]["web_url"], "url1", msg=self.wrong_output_msg - ) - self.assertEqual( - findings[1]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg - ) - self.assertEqual( - findings[2]["attributes"]["web_url"], "url3", msg=self.wrong_output_msg - ) - self.assertFalse("last_commit_id" in findings[0]["attributes"]) - mock_gptp.assert_not_called() - mock_commitmanager.assert_not_called() - - @patch("gitlab.v4.objects.ProjectCommitManager.list") - @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") - def test_process_gitlab_projects_with_ignore_group( - self, mock_gptp, mock_commitmanager - ): - # given - scanner = GitLabScanner( - "url", "token", None, [33], [], annotate_latest_commit_id=True - ) - projects = assemble_projects() - self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) - # when - findings = scanner._process_projects(projects) - # then - self.assertEqual(2, len(findings), msg="There should be exactly 2 findings") - self.assertEqual( - findings[0]["attributes"]["web_url"], "url1", msg=self.wrong_output_msg - ) - self.assertEqual( - findings[1]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg - ) - self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") - mock_gptp.assert_called() - mock_commitmanager.assert_called() - - @patch("gitlab.v4.objects.ProjectCommitManager.list") - @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") - def test_process_gitlab_projects_with_ignore_project( - self, mock_gptp, mock_commitmanager - ): - # given - scanner = GitLabScanner( - "url", "token", None, [], [1], annotate_latest_commit_id=True - ) - projects = assemble_projects() - self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) - # when - findings = scanner._process_projects(projects) - # then - self.assertEqual(2, len(findings), msg="There should be exactly 2 findings") - self.assertEqual( - findings[0]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg - ) - self.assertEqual( - findings[1]["attributes"]["web_url"], "url3", msg=self.wrong_output_msg - ) - self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") - mock_gptp.assert_called() - mock_commitmanager.assert_called() - - @patch("github.Github") - @patch("github.Organization") - @patch("github.PaginatedList") - def test_process_github_repos_with_no_ignore_list( - self, github_mock, org_mock, pag_mock - ): - # given - scanner = GitHubScanner( - "url", "token", "org", [], False, annotate_latest_commit_id=True - ) - repos = assemble_repos() - create_mocks(github_mock, org_mock, pag_mock, repos) - scanner._gh = github_mock - # when - findings = scanner._process_repos(None, None) - # then - org_mock.get_repos.assert_called_with( - type="all", sort="pushed", direction="asc" - ) - self.assertEqual(6, len(findings), msg="There should be exactly 6 findings") - for finding in findings: - self.assertEqual(finding["name"], "GitHub Repo", msg=self.wrong_output_msg) - self.assertEqual(finding["attributes"]["last_commit_id"], "deadbeef") - - @patch("github.Github") - @patch("github.Organization") - @patch("github.PaginatedList") - def test_process_github_repos_without_annotating_commit_ids( - self, github_mock, org_mock, pag_mock - ): - # given - scanner = GitHubScanner( - "url", "token", "org", [], False, annotate_latest_commit_id=False - ) - repos = assemble_repos() - create_mocks(github_mock, org_mock, pag_mock, repos) - scanner._gh = github_mock - # when - findings = scanner._process_repos(None, None) - # then - org_mock.get_repos.assert_called_with( - type="all", sort="pushed", direction="asc" - ) - self.assertEqual(6, len(findings), msg="There should be exactly 6 findings") - self.assertFalse(findings[0]["attributes"]["archived"]) - self.assertFalse(findings[1]["attributes"]["archived"]) - self.assertTrue(findings[2]["attributes"]["archived"]) - self.assertFalse(findings[3]["attributes"]["archived"]) - self.assertFalse(findings[4]["attributes"]["archived"]) - self.assertTrue(findings[5]["attributes"]["archived"]) - self.assertEqual(findings[0]["attributes"]["topics"], []) - self.assertEqual(findings[2]["attributes"]["topics"], ["outdated"]) - for finding in findings: - self.assertEqual(finding["name"], "GitHub Repo", msg=self.wrong_output_msg) - self.assertFalse("last_commit_id" in finding["attributes"]) - - @patch("github.Github") - @patch("github.Organization") - @patch("github.PaginatedList") - def test_process_github_repos_with_ignore_repos( - self, github_mock, org_mock, pag_mock - ): - # given - scanner = GitHubScanner( - "url", "token", "org", [1], False, annotate_latest_commit_id=True - ) - repos = assemble_repos() - create_mocks(github_mock, org_mock, pag_mock, repos) - scanner._gh = github_mock - # when - findings = scanner._process_repos(None, None) - # then - github_mock.get_organization.assert_called_with("org") - self.assertEqual(4, len(findings), msg="There should be exactly 4 findings") - self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") - - def test_setup_github_with_url_and_no_token_should_exit(self): - # when - with self.assertRaises(argparse.ArgumentError) as cm: - GitHubScanner("url", None, "org", []) - # then - self.assertEqual( - cm.exception.args[1], - "Access token required for GitHub connection.", - msg="Process should exit", - ) - - -def get_args(ignore_groups=0, ignore_projects=0, url=None, access_token=None, org=None): - args = [ - "--git-type", - "someType", - "--file-output", - "out", - "--obey-rate-limit", - False, - "--ignore-repos", - str(ignore_projects), - "--ignore-groups", - str(ignore_groups), - ] - if url: - args.append("--url") - args.append(url) - if access_token: - args.append("--access-token") - args.append(access_token) - if org: - args.append("--organization") - args.append(org) - - return get_parser_args(args) - - -def create_mocks(github_mock, org_mock, pag_mock, repos): - pag_mock.totalCount = 2 - pag_mock.get_page = MagicMock(return_value=repos) - org_mock.get_repos = MagicMock(return_value=pag_mock) - github_mock.get_organization = MagicMock(return_value=org_mock) - - -def assemble_projects(): - created = datetime.datetime(2020, 10, 10, tzinfo=timezone.utc).isoformat() - updated = datetime.datetime(2020, 11, 10, tzinfo=timezone.utc).isoformat() - project1 = assemble_project( - p_id=1, - name="name1", - url="url1", - path="path1", - date_created=created, - date_updated=updated, - visibility="private", - o_id=11, - o_kind="group", - o_name="name11", - ) - project2 = assemble_project( - p_id=2, - name="name2", - url="url2", - path="path2", - date_created=created, - date_updated=updated, - visibility="private", - o_id=22, - o_kind="user", - o_name="name22", - ) - project3 = assemble_project( - p_id=3, - name="name3", - url="url3", - path="path3", - date_created=created, - date_updated=updated, - visibility="private", - o_id=33, - o_kind="group", - o_name="name33", - archived=True, - topics=["outdated"], - ) - return [project1, project2, project3] - - -def assemble_project( - p_id, - name, - url, - path, - date_created, - date_updated, - visibility, - o_id, - o_kind, - o_name, - archived=False, - topics=[], -): - project = Project(ProjectManager(gitlab), {}) - project.id = p_id - project.name = name - project.web_url = url - project.path_with_namespace = path - project.created_at = date_created - project.last_activity_at = date_updated - project.visibility = visibility - project.namespace = {"kind": o_kind, "id": o_id, "name": o_name} - project.archived = archived - project.topics = topics - return project - - -def assemble_repos(): - date = datetime.datetime(2020, 5, 17, tzinfo=timezone.utc) - project1 = assemble_repository( - p_id=1, - name="name1", - url="url1", - path="path1", - date_created=date, - date_updated=date, - date_pushed=date, - visibility=True, - o_id=11, - o_kind="organization", - o_name="name11", - ) - project2 = assemble_repository( - p_id=2, - name="name2", - url="url2", - path="path2", - date_created=date, - date_updated=date, - date_pushed=date, - visibility=False, - o_id=22, - o_kind="organization", - o_name="name22", - ) - project3 = assemble_repository( - p_id=3, - name="name3", - url="url3", - path="path3", - date_created=date, - date_updated=date, - date_pushed=date, - visibility=False, - o_id=33, - o_kind="organization", - o_name="name33", - archived=True, - topics=["outdated"], - ) - return [project1, project2, project3] - - -def assemble_repository( - p_id, - name, - url, - path, - date_created: datetime, - date_updated: datetime, - date_pushed: datetime, - visibility: bool, - o_id, - o_kind, - o_name, - archived=False, - topics=[], -): - - repo = Mock() - owner = Mock() - owner.type = o_kind - owner.id = o_id - owner.name = o_name - repo.id = p_id - repo.name = name - repo.html_url = url - repo.full_name = path - repo.created_at = date_created - repo.pushed_at = date_pushed - repo.updated_at = date_updated - repo.private = visibility - repo.owner = owner - repo.get_commits = lambda: [Mock(sha="deadbeef")] - repo.get_topics = lambda: topics - repo.archived = archived - return repo - - -if __name__ == "__main__": - unittest.main() diff --git a/scanners/git-repo-scanner/templates/git-repo-scanner-scan-type.yaml b/scanners/git-repo-scanner/templates/git-repo-scanner-scan-type.yaml index 62f9d2ff3f..f056faf2b1 100644 --- a/scanners/git-repo-scanner/templates/git-repo-scanner-scan-type.yaml +++ b/scanners/git-repo-scanner/templates/git-repo-scanner-scan-type.yaml @@ -25,7 +25,7 @@ spec: restartPolicy: OnFailure affinity: {{- toYaml .Values.scanner.affinity | nindent 12 }} - tolerations: + tolerations: {{- toYaml .Values.scanner.tolerations | nindent 12 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: @@ -38,9 +38,7 @@ spec: image: "{{ .Values.scanner.image.repository }}:{{ .Values.scanner.image.tag | default .Chart.Version }}" imagePullPolicy: {{ .Values.scanner.image.pullPolicy }} command: - - "python" - - "-m" - - "git_repo_scanner" + - "/git-repo-scanner" - "--file-output" - "/home/securecodebox" resources: diff --git a/scanners/git-repo-scanner/tests/__snapshot__/scanner_test.yaml.snap b/scanners/git-repo-scanner/tests/__snapshot__/scanner_test.yaml.snap index 79d7837be9..82db039ed9 100644 --- a/scanners/git-repo-scanner/tests/__snapshot__/scanner_test.yaml.snap +++ b/scanners/git-repo-scanner/tests/__snapshot__/scanner_test.yaml.snap @@ -40,9 +40,7 @@ matches the snapshot: foo: bar containers: - command: - - python - - -m - - git_repo_scanner + - /git-repo-scanner - --file-output - /home/securecodebox env: diff --git a/scanners/gitleaks/Chart.yaml b/scanners/gitleaks/Chart.yaml index b53e1eac7d..7232138dd1 100644 --- a/scanners/gitleaks/Chart.yaml +++ b/scanners/gitleaks/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the gitleaks repository scanner that integrates wi type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v8.30.0" +appVersion: "v8.30.1" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/zricethezav/gitleaks/releases/latest diff --git a/scanners/gitleaks/README.md b/scanners/gitleaks/README.md index 5d5cef98d7..8443f4baec 100644 --- a/scanners/gitleaks/README.md +++ b/scanners/gitleaks/README.md @@ -3,7 +3,7 @@ title: "Gitleaks" category: "scanner" type: "Repository" state: "released" -appVersion: "v8.30.0" +appVersion: "v8.30.1" usecase: "Find potential secrets in repositories" --- diff --git a/scanners/gitleaks/Taskfile.yaml b/scanners/gitleaks/Taskfile.yaml index 8988f3f9fd..6f75690389 100644 --- a/scanners/gitleaks/Taskfile.yaml +++ b/scanners/gitleaks/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/gitleaks/docs/README.DockerHub-Parser.md b/scanners/gitleaks/docs/README.DockerHub-Parser.md index 2b96784304..6ae8382a82 100644 --- a/scanners/gitleaks/docs/README.DockerHub-Parser.md +++ b/scanners/gitleaks/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v8.30.0` +- tagged releases, e.g. `v8.30.1` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/gitleaks. diff --git a/scanners/kube-hunter/Taskfile.yaml b/scanners/kube-hunter/Taskfile.yaml index cee4e0e134..3a92a86d15 100644 --- a/scanners/kube-hunter/Taskfile.yaml +++ b/scanners/kube-hunter/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/ncrack/Taskfile.yaml b/scanners/ncrack/Taskfile.yaml index 832eab3ea0..eb4c31118f 100644 --- a/scanners/ncrack/Taskfile.yaml +++ b/scanners/ncrack/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/ncrack/scanner/Dockerfile b/scanners/ncrack/scanner/Dockerfile index 991912dc24..9b354f437a 100644 --- a/scanners/ncrack/scanner/Dockerfile +++ b/scanners/ncrack/scanner/Dockerfile @@ -2,11 +2,11 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM ubuntu:24.04 +FROM ubuntu:26.04 ARG scannerVersion RUN apt-get update \ - && apt-get install ncrack=$scannerVersion+debian-5ubuntu1 -y \ + && apt-get install ncrack=$scannerVersion+debian-6build1 -y \ && rm -rf /var/lib/apt/lists/* RUN groupadd -g 1001 ncrack \ && useradd -M -u 1001 -g 1001 ncrack diff --git a/scanners/nikto/Chart.yaml b/scanners/nikto/Chart.yaml index 46f9471d54..cdaf3b673d 100644 --- a/scanners/nikto/Chart.yaml +++ b/scanners/nikto/Chart.yaml @@ -10,7 +10,7 @@ type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 # appVersion - Nikto doesn't really version its releases -appVersion: 2.5.0 +appVersion: 2.6.0 kubeVersion: ">=v1.11.0-0" annotations: diff --git a/scanners/nikto/README.md b/scanners/nikto/README.md index 0efea6a7b3..923d91448a 100644 --- a/scanners/nikto/README.md +++ b/scanners/nikto/README.md @@ -3,7 +3,7 @@ title: "Nikto" category: "scanner" type: "Webserver" state: "released" -appVersion: "2.5.0" +appVersion: "2.6.0" usecase: "Webserver Vulnerability Scanner" --- diff --git a/scanners/nikto/Taskfile.yaml b/scanners/nikto/Taskfile.yaml index 8ca7765e7d..3036a678cd 100644 --- a/scanners/nikto/Taskfile.yaml +++ b/scanners/nikto/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/nikto/integration-tests/nikto.test.js b/scanners/nikto/integration-tests/nikto.test.js index 4e8521ef7d..caa87b130a 100644 --- a/scanners/nikto/integration-tests/nikto.test.js +++ b/scanners/nikto/integration-tests/nikto.test.js @@ -22,15 +22,13 @@ test( expect(categories).toMatchInlineSnapshot(` { "Identified Software": 1, - "Nikto Finding": 3, - "Potential Vulnerability": 12, - "X-Content-Type-Options Header": 1, + "Potential Vulnerability": 15, } `); expect(severities).toMatchInlineSnapshot(` { - "high": 12, - "informational": 5, + "high": 15, + "informational": 1, } `); }, diff --git a/scanners/nikto/scanner/Dockerfile b/scanners/nikto/scanner/Dockerfile index 4618f0cfd5..6bdbd8324b 100644 --- a/scanners/nikto/scanner/Dockerfile +++ b/scanners/nikto/scanner/Dockerfile @@ -16,6 +16,11 @@ COPY --chown=root:root --chmod=755 wrapper.sh /wrapper.sh RUN apk add --update --no-cache --virtual .build-deps \ perl \ perl-net-ssleay \ + perl-json \ + perl-io-socket-ssl \ + perl-xml-writer \ + perl-mime-base64 \ + perl-xml-libxml \ && addgroup -g 1001 nikto \ && adduser -G nikto -s /bin/sh -D -u 1001 nikto diff --git a/scanners/nmap/Taskfile.yaml b/scanners/nmap/Taskfile.yaml index b3b42498e0..bbe225f530 100644 --- a/scanners/nmap/Taskfile.yaml +++ b/scanners/nmap/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js index afa97cfb55..d6a71e6a1a 100644 --- a/scanners/nmap/parser/parser.js +++ b/scanners/nmap/parser/parser.js @@ -52,7 +52,7 @@ function transformToFindings(hosts) { name: `Host: ${getHostOrIp({ hostname, ips })}`, category: "Host", description: "Found a host", - location: hostname, + location: getHostOrIp({ hostname, ips }), severity: "INFORMATIONAL", osi_layer: "NETWORK", attributes: { diff --git a/scanners/nmap/parser/parser.test.js b/scanners/nmap/parser/parser.test.js index 3d4083192b..a5ffda26e5 100644 --- a/scanners/nmap/parser/parser.test.js +++ b/scanners/nmap/parser/parser.test.js @@ -1202,7 +1202,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.32", "name": "Host: 192.168.178.32", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", @@ -1217,7 +1217,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.42", "name": "Host: 192.168.178.42", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", @@ -1232,7 +1232,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.49", "name": "Host: 192.168.178.49", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", @@ -1247,7 +1247,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.166", "name": "Host: 192.168.178.166", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", diff --git a/scanners/nuclei/Chart.yaml b/scanners/nuclei/Chart.yaml index e17c1b4841..99bec4b8a5 100644 --- a/scanners/nuclei/Chart.yaml +++ b/scanners/nuclei/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the nuclei security scanner that integrates with t type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v3.6.0" +appVersion: "v3.8.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/projectdiscovery/nuclei/releases/latest diff --git a/scanners/nuclei/README.md b/scanners/nuclei/README.md index 379f23972d..a93cce08fc 100644 --- a/scanners/nuclei/README.md +++ b/scanners/nuclei/README.md @@ -3,7 +3,7 @@ title: "Nuclei" category: "scanner" type: "Website" state: "released" -appVersion: "v3.6.0" +appVersion: "v3.8.0" usecase: "Nuclei is a fast, template based vulnerability scanner." --- diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml index a530451afc..d35d545e51 100644 --- a/scanners/nuclei/Taskfile.yaml +++ b/scanners/nuclei/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/nuclei/docs/README.DockerHub-Parser.md b/scanners/nuclei/docs/README.DockerHub-Parser.md index d9b85d29a5..1c51c7c9d1 100644 --- a/scanners/nuclei/docs/README.DockerHub-Parser.md +++ b/scanners/nuclei/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v3.6.0` +- tagged releases, e.g. `v3.8.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/nuclei. diff --git a/scanners/screenshooter/README.md b/scanners/screenshooter/README.md index 2d79bdf6ec..eaf7d6380f 100644 --- a/scanners/screenshooter/README.md +++ b/scanners/screenshooter/README.md @@ -76,7 +76,7 @@ Kubernetes: `>=v1.11.0-0` | scanner.activeDeadlineSeconds | string | `nil` | There are situations where you want to fail a scan Job after some amount of time. To do so, set activeDeadlineSeconds to define an active deadline (in seconds) when considering a scan Job as failed. (see: https://kubernetes.io/docs/concepts/workloads/controllers/job/#job-termination-and-cleanup) | | scanner.affinity | object | `{}` | Optional affinity settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | scanner.backoffLimit | int | 3 | There are situations where you want to fail a scan Job after some amount of retries due to a logical error in configuration etc. To do so, set backoffLimit to specify the number of retries before considering a scan Job as failed. (see: https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy) | -| scanner.env | list | `[]` | Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | +| scanner.env | list | `[{"name":"MOZ_HEADLESS","value":"1"},{"name":"MOZ_DISABLE_CONTENT_SANDBOX","value":"1"},{"name":"MOZ_ENABLE_WAYLAND","value":"0"}]` | Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/). Has default env vars set to run firefox without sandboxing. (the container is already sandboxed.) If you have a cluster with proper linux namespace support you might be able to use it without disabling the sandbox. | | scanner.extraContainers | list | `[]` | Optional additional Containers started with each scanJob (see: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) | | scanner.extraVolumeMounts | list | `[]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.extraVolumes | list | `[]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | diff --git a/scanners/screenshooter/Taskfile.yaml b/scanners/screenshooter/Taskfile.yaml index 11e85fd93f..53ea2a6940 100644 --- a/scanners/screenshooter/Taskfile.yaml +++ b/scanners/screenshooter/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/screenshooter/docs/README.ArtifactHub.md b/scanners/screenshooter/docs/README.ArtifactHub.md index 9b4c7bc494..d910818be3 100644 --- a/scanners/screenshooter/docs/README.ArtifactHub.md +++ b/scanners/screenshooter/docs/README.ArtifactHub.md @@ -81,7 +81,7 @@ Kubernetes: `>=v1.11.0-0` | scanner.activeDeadlineSeconds | string | `nil` | There are situations where you want to fail a scan Job after some amount of time. To do so, set activeDeadlineSeconds to define an active deadline (in seconds) when considering a scan Job as failed. (see: https://kubernetes.io/docs/concepts/workloads/controllers/job/#job-termination-and-cleanup) | | scanner.affinity | object | `{}` | Optional affinity settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | scanner.backoffLimit | int | 3 | There are situations where you want to fail a scan Job after some amount of retries due to a logical error in configuration etc. To do so, set backoffLimit to specify the number of retries before considering a scan Job as failed. (see: https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy) | -| scanner.env | list | `[]` | Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | +| scanner.env | list | `[{"name":"MOZ_HEADLESS","value":"1"},{"name":"MOZ_DISABLE_CONTENT_SANDBOX","value":"1"},{"name":"MOZ_ENABLE_WAYLAND","value":"0"}]` | Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/). Has default env vars set to run firefox without sandboxing. (the container is already sandboxed.) If you have a cluster with proper linux namespace support you might be able to use it without disabling the sandbox. | | scanner.extraContainers | list | `[]` | Optional additional Containers started with each scanJob (see: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) | | scanner.extraVolumeMounts | list | `[]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.extraVolumes | list | `[]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | diff --git a/scanners/screenshooter/scanner/Dockerfile b/scanners/screenshooter/scanner/Dockerfile index c715348b79..9b71c0ac16 100644 --- a/scanners/screenshooter/scanner/Dockerfile +++ b/scanners/screenshooter/scanner/Dockerfile @@ -4,8 +4,15 @@ # This is using debian rather than alpine, as firefox on alpine seems to be missing some crucial fonts. # This lets the screenshots taken on alpine look weird -FROM debian:13.2 -RUN apt-get update && apt-get install firefox-esr -y +FROM debian:13.5 +RUN apt-get update && apt-get install -y \ + firefox-esr \ + libpci-dev \ + libgl1-mesa-dri \ + libglx-mesa0 \ + libdbus-glib-1-2 \ + && rm -rf /var/lib/apt/lists/* + RUN groupadd -g 1001 screenshooter \ && useradd -M -u 1001 -g 1001 securecodebox COPY wrapper.sh ./ diff --git a/scanners/screenshooter/values.yaml b/scanners/screenshooter/values.yaml index 2f57966b69..e35fc19595 100644 --- a/scanners/screenshooter/values.yaml +++ b/scanners/screenshooter/values.yaml @@ -65,8 +65,14 @@ scanner: # memory: "512Mi" # cpu: "500m" - # scanner.env -- Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) - env: [] + # scanner.env -- Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/). Has default env vars set to run firefox without sandboxing. (the container is already sandboxed.) If you have a cluster with proper linux namespace support you might be able to use it without disabling the sandbox. + env: + - name: MOZ_HEADLESS + value: "1" + - name: MOZ_DISABLE_CONTENT_SANDBOX + value: "1" + - name: MOZ_ENABLE_WAYLAND + value: "0" # scanner.extraVolumes -- Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) extraVolumes: [] diff --git a/scanners/semgrep/Chart.yaml b/scanners/semgrep/Chart.yaml index f748c65345..c0b3e0eee7 100644 --- a/scanners/semgrep/Chart.yaml +++ b/scanners/semgrep/Chart.yaml @@ -22,7 +22,7 @@ version: "v3.1.0-alpha1" # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.145.0" +appVersion: "1.163.0" annotations: versionApi: https://api.github.com/repos/semgrep/semgrep/releases/latest supported-platforms: linux/amd64,linux/arm64 diff --git a/scanners/semgrep/README.md b/scanners/semgrep/README.md index f7c2636a9d..d417cc60f0 100644 --- a/scanners/semgrep/README.md +++ b/scanners/semgrep/README.md @@ -3,7 +3,7 @@ title: "Semgrep" category: "scanner" type: "Repository" state: "released" -appVersion: "1.145.0" +appVersion: "1.163.0" usecase: "Static Code Analysis" --- diff --git a/scanners/semgrep/Taskfile.yaml b/scanners/semgrep/Taskfile.yaml index 142059348c..659cf8dc42 100644 --- a/scanners/semgrep/Taskfile.yaml +++ b/scanners/semgrep/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/semgrep/docs/README.DockerHub-Parser.md b/scanners/semgrep/docs/README.DockerHub-Parser.md index 6e2f0d2b57..ae9f4cb398 100644 --- a/scanners/semgrep/docs/README.DockerHub-Parser.md +++ b/scanners/semgrep/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `1.145.0` +- tagged releases, e.g. `1.163.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/semgrep. diff --git a/scanners/ssh-audit/Taskfile.yaml b/scanners/ssh-audit/Taskfile.yaml index d67db7f0ce..a4d4795685 100644 --- a/scanners/ssh-audit/Taskfile.yaml +++ b/scanners/ssh-audit/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/sslyze/Chart.yaml b/scanners/sslyze/Chart.yaml index f9678a225c..1cd7c918f1 100644 --- a/scanners/sslyze/Chart.yaml +++ b/scanners/sslyze/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the SSLyze security scanner that integrates with t type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "6.2.0" +appVersion: "6.3.1" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/nabla-c0d3/sslyze/releases/latest diff --git a/scanners/sslyze/README.md b/scanners/sslyze/README.md index 5192751849..0e058ed941 100644 --- a/scanners/sslyze/README.md +++ b/scanners/sslyze/README.md @@ -3,7 +3,7 @@ title: "SSLyze" category: "scanner" type: "SSL" state: "released" -appVersion: "6.2.0" +appVersion: "6.3.1" usecase: "SSL/TLS Configuration Scanner" --- diff --git a/scanners/sslyze/Taskfile.yaml b/scanners/sslyze/Taskfile.yaml index 6c6db81f31..9417789158 100644 --- a/scanners/sslyze/Taskfile.yaml +++ b/scanners/sslyze/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/subfinder/Chart.yaml b/scanners/subfinder/Chart.yaml index 7ee5e363d9..4f9ecfbd89 100644 --- a/scanners/subfinder/Chart.yaml +++ b/scanners/subfinder/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the subfinder security Scanner that integrates wit type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v2.10.1" +appVersion: "v2.14.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/projectdiscovery/subfinder/releases/latest diff --git a/scanners/subfinder/README.md b/scanners/subfinder/README.md index a636193cba..9b89de36d6 100644 --- a/scanners/subfinder/README.md +++ b/scanners/subfinder/README.md @@ -3,7 +3,7 @@ title: "subfinder" category: "scanner" type: "Network" state: "released" -appVersion: "v2.10.1" +appVersion: "v2.14.0" usecase: "Subdomain Enumeration Scanner" --- @@ -65,6 +65,7 @@ Kubernetes: `>=v1.11.0-0` |-----|------|---------|-------------| | cascadingRules.enabled | bool | `false` | Enables or disables the installation of the default cascading rules for this scanner | | imagePullSecrets | list | `[]` | Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) | +| includeTargetDomain | bool | `false` | include target domain in findings | | parser.affinity | object | `{}` | Optional affinity settings that control how the parser job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | parser.env | list | `[]` | Optional environment variables mapped into each parseJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | | parser.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | diff --git a/scanners/subfinder/Taskfile.yaml b/scanners/subfinder/Taskfile.yaml index e21299b463..76f5438615 100644 --- a/scanners/subfinder/Taskfile.yaml +++ b/scanners/subfinder/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/subfinder/docs/README.ArtifactHub.md b/scanners/subfinder/docs/README.ArtifactHub.md index ee3f4a846e..c674bf2fac 100644 --- a/scanners/subfinder/docs/README.ArtifactHub.md +++ b/scanners/subfinder/docs/README.ArtifactHub.md @@ -70,6 +70,7 @@ Kubernetes: `>=v1.11.0-0` |-----|------|---------|-------------| | cascadingRules.enabled | bool | `false` | Enables or disables the installation of the default cascading rules for this scanner | | imagePullSecrets | list | `[]` | Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) | +| includeTargetDomain | bool | `false` | include target domain in findings | | parser.affinity | object | `{}` | Optional affinity settings that control how the parser job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | parser.env | list | `[]` | Optional environment variables mapped into each parseJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | | parser.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | diff --git a/scanners/subfinder/docs/README.DockerHub-Parser.md b/scanners/subfinder/docs/README.DockerHub-Parser.md index e4e5ad9bf1..c1866530d7 100644 --- a/scanners/subfinder/docs/README.DockerHub-Parser.md +++ b/scanners/subfinder/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v2.10.1` +- tagged releases, e.g. `v2.14.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://github.com/projectdiscovery/subfinder. diff --git a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap index 901da3c7c9..e35673f89f 100644 --- a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap +++ b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap @@ -157,3 +157,471 @@ exports[`should properly parse subfinder json file with ip output 1`] = ` `; exports[`should properly parse empty json file 1`] = `[]`; + +exports[`should properly parse subfinder json file and add target domain to findings with param -d 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "releases.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain releases.example.com", + "identified_at": null, + "location": "releases.example.com", + "name": "releases.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "myap.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain myap.example.com", + "identified_at": null, + "location": "myap.example.com", + "name": "myap.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "not-exist.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain not-exist.example.com", + "identified_at": null, + "location": "not-exist.example.com", + "name": "not-exist.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "new-client.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain new-client.example.com", + "identified_at": null, + "location": "new-client.example.com", + "name": "new-client.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "op.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain op.example.com", + "identified_at": null, + "location": "op.example.com", + "name": "op.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "mall.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain mall.example.com", + "identified_at": null, + "location": "mall.example.com", + "name": "mall.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "cdn1.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain cdn1.example.com", + "identified_at": null, + "location": "cdn1.example.com", + "name": "cdn1.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "xn--rksmrgs-5wao1o.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain xn--rksmrgs-5wao1o.example.com", + "identified_at": null, + "location": "xn--rksmrgs-5wao1o.example.com", + "name": "xn--rksmrgs-5wao1o.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; + +exports[`should properly parse subfinder json file and add target domain to findings with param -domain 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "releases.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain releases.example.com", + "identified_at": null, + "location": "releases.example.com", + "name": "releases.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "myap.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain myap.example.com", + "identified_at": null, + "location": "myap.example.com", + "name": "myap.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "not-exist.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain not-exist.example.com", + "identified_at": null, + "location": "not-exist.example.com", + "name": "not-exist.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "new-client.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain new-client.example.com", + "identified_at": null, + "location": "new-client.example.com", + "name": "new-client.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "op.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain op.example.com", + "identified_at": null, + "location": "op.example.com", + "name": "op.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "mall.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain mall.example.com", + "identified_at": null, + "location": "mall.example.com", + "name": "mall.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "cdn1.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain cdn1.example.com", + "identified_at": null, + "location": "cdn1.example.com", + "name": "cdn1.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "xn--rksmrgs-5wao1o.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain xn--rksmrgs-5wao1o.example.com", + "identified_at": null, + "location": "xn--rksmrgs-5wao1o.example.com", + "name": "xn--rksmrgs-5wao1o.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; + +exports[`should properly parse subfinder json file and add target domain to findings with param --domain= 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "releases.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain releases.example.com", + "identified_at": null, + "location": "releases.example.com", + "name": "releases.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "myap.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain myap.example.com", + "identified_at": null, + "location": "myap.example.com", + "name": "myap.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "not-exist.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain not-exist.example.com", + "identified_at": null, + "location": "not-exist.example.com", + "name": "not-exist.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "new-client.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain new-client.example.com", + "identified_at": null, + "location": "new-client.example.com", + "name": "new-client.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "op.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain op.example.com", + "identified_at": null, + "location": "op.example.com", + "name": "op.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "mall.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain mall.example.com", + "identified_at": null, + "location": "mall.example.com", + "name": "mall.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "cdn1.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain cdn1.example.com", + "identified_at": null, + "location": "cdn1.example.com", + "name": "cdn1.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "xn--rksmrgs-5wao1o.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain xn--rksmrgs-5wao1o.example.com", + "identified_at": null, + "location": "xn--rksmrgs-5wao1o.example.com", + "name": "xn--rksmrgs-5wao1o.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; + +exports[`should properly parse empty json file with includeTargetDomain=true 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js index 7bd8135618..6c5be9b787 100644 --- a/scanners/subfinder/parser/parser.js +++ b/scanners/subfinder/parser/parser.js @@ -2,32 +2,89 @@ // // SPDX-License-Identifier: Apache-2.0 -export async function parse(fileContent) { - if (!fileContent) - return []; +const DOMAIN_FLAGS = ["-d", "-domain", "--domain"]; + +export async function parse( + fileContent, + scan, + options = {}, +) { + const includeTargetDomain = options.includeTargetDomain ?? + (process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() === "true"); const targets = parseResultFile(fileContent); - return transformToFindings(targets); + const findings = transformToFindings(targets); + + const domain = includeTargetDomain + ? extractDomainFromArgs(scan.spec.parameters) + : null; + if (domain) { + findings.push(getTargetDomainFinding(domain)); + } + + return findings; } -function transformToFindings(targets) { - return targets.map((item) => ({ - "name": item.host, - "identified_at": null, - "description": `Found subdomain ${item.host}`, - "category": "Subdomain", - "location": item.host, - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - "attributes": { - "domain": item.input, - "hostname": item.host, - "ip_address": item?.ip || null, - "ip_addresses": [item?.ip || null].filter(Boolean), - "source": item.source, +function extractDomainFromArgs(args) { + for (let i = 0; i < args.length; i++) { + const arg = args[i]; + + // Check for --domain=value or --domain="value" format + for (const flag of DOMAIN_FLAGS) { + if (arg.startsWith(`${flag}=`)) { + const value = arg.slice(flag.length + 1); + // Remove surrounding quotes if present + return value + .replace(/^["']/, "") // Remove leading quote + .replace(/["']$/, ""); // Remove trailing quote } } - )); + + // Check for -d value, -domain value, --domain value format + if (DOMAIN_FLAGS.includes(arg) && i + 1 < args.length) { + return args[i + 1]; + } + } + + return null; +} + +function getTargetDomainFinding(domain) { + return { + name: domain, + identified_at: null, + description: `Found subdomain ${domain}`, + category: "Subdomain", + location: domain, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + domain: domain, + hostname: domain, + ip_address: null, + ip_addresses: [], + source: "parser", + }, + }; +} + +function transformToFindings(targets) { + return targets.map((item) => ({ + name: item.host, + identified_at: null, + description: `Found subdomain ${item.host}`, + category: "Subdomain", + location: item.host, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + domain: item.input, + hostname: item.host, + ip_address: item?.ip || null, + ip_addresses: [item?.ip || null].filter(Boolean), + source: item.source, + }, + })); } /** @@ -35,7 +92,10 @@ function transformToFindings(targets) { * @param {*} fileContent */ function parseResultFile(fileContent) { - return fileContent.trim() - .split('\n') - .map(line => JSON.parse(line)); + const trimmed = fileContent.trim(); + if (!trimmed) return []; + + return trimmed + .split("\n") + .map((line) => JSON.parse(line)); } diff --git a/scanners/subfinder/parser/parser.test.js b/scanners/subfinder/parser/parser.test.js index 9e1c85abc2..8fc20c91b8 100644 --- a/scanners/subfinder/parser/parser.test.js +++ b/scanners/subfinder/parser/parser.test.js @@ -41,3 +41,104 @@ test("should properly parse empty json file", async () => { expect(validateParser(findings)).toBeUndefined(); expect(findings).toMatchSnapshot(); }); + +test("should properly parse empty json file with includeTargetDomain=true", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "-d", "example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile(__dirname + "/__testFiles__/empty.jsonl", { + encoding: "utf8", + }); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); + +test("should properly parse subfinder json file and add target domain to findings with param -d", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "-d", "example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile( + __dirname + "/__testFiles__/passive_scan_without_ip_example.com.jsonl", + { + encoding: "utf8", + }, + ); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); + +test("should properly parse subfinder json file and add target domain to findings with param -domain", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "-domain", "example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile( + __dirname + "/__testFiles__/passive_scan_without_ip_example.com.jsonl", + { + encoding: "utf8", + }, + ); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); + +test("should properly parse subfinder json file and add target domain to findings with param --domain=", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "--domain=example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile( + __dirname + "/__testFiles__/passive_scan_without_ip_example.com.jsonl", + { + encoding: "utf8", + }, + ); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); diff --git a/scanners/subfinder/templates/subfinder-parse-definition.yaml b/scanners/subfinder/templates/subfinder-parse-definition.yaml index 66ed1a34f8..9af468d3ce 100644 --- a/scanners/subfinder/templates/subfinder-parse-definition.yaml +++ b/scanners/subfinder/templates/subfinder-parse-definition.yaml @@ -10,7 +10,10 @@ spec: image: "{{ .Values.parser.image.repository }}:{{ .Values.parser.image.tag | default .Chart.Version }}" imagePullPolicy: {{.Values.parser.image.pullPolicy}} ttlSecondsAfterFinished: {{.Values.parser.ttlSecondsAfterFinished}} - env: {{- toYaml .Values.parser.env | nindent 4}} + env: + {{- $env := .Values.parser.env | default (list) }} + {{- $env = append $env (dict "name" "INCLUDE_TARGET_DOMAIN" "value" (.Values.includeTargetDomain | toString)) }} + {{- toYaml $env | nindent 4 }} scopeLimiterAliases: {{- toYaml .Values.parser.scopeLimiterAliases | nindent 4}} affinity: {{- toYaml .Values.parser.affinity | nindent 4}} diff --git a/scanners/subfinder/values.yaml b/scanners/subfinder/values.yaml index b3dea8c4de..393b04e84f 100644 --- a/scanners/subfinder/values.yaml +++ b/scanners/subfinder/values.yaml @@ -5,6 +5,9 @@ # -- Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) imagePullSecrets: [] +# includeTargetDomain -- include target domain in findings +includeTargetDomain: false + parser: image: # parser.image.repository -- Parser image repository @@ -75,7 +78,6 @@ scanner: - name: subfinder-config emptyDir: {} - # scanner.extraVolumeMounts -- Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) extraVolumeMounts: - name: subfinder-config @@ -85,10 +87,7 @@ scanner: extraContainers: [] # scanner.podSecurityContext -- Optional securityContext set on scanner pod (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) - podSecurityContext: - { - runAsUser: 10001 - } + podSecurityContext: {runAsUser: 10001} # scanner.securityContext -- Optional securityContext set on scanner container (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) securityContext: diff --git a/scanners/test-scan/Chart.yaml b/scanners/test-scan/Chart.yaml index de6ef2f5ff..078a48e331 100644 --- a/scanners/test-scan/Chart.yaml +++ b/scanners/test-scan/Chart.yaml @@ -12,6 +12,9 @@ version: v3.1.0-alpha1 appVersion: "1.0" kubeVersion: ">=v1.11.0-0" +annotations: + supported-platforms: linux/amd64,linux/arm64 + keywords: - security - scanner diff --git a/scanners/test-scan/Taskfile.yaml b/scanners/test-scan/Taskfile.yaml index aa578895e3..f2dd303f4a 100644 --- a/scanners/test-scan/Taskfile.yaml +++ b/scanners/test-scan/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/trivy-sbom/Chart.yaml b/scanners/trivy-sbom/Chart.yaml index e24aec0955..458d906fdd 100644 --- a/scanners/trivy-sbom/Chart.yaml +++ b/scanners/trivy-sbom/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the trivy-sbom security scanner that integrates wi type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "0.68.1" +appVersion: "0.70.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/aquasecurity/trivy/releases/latest diff --git a/scanners/trivy-sbom/README.md b/scanners/trivy-sbom/README.md index 1f165b73b9..4476b4b2a5 100644 --- a/scanners/trivy-sbom/README.md +++ b/scanners/trivy-sbom/README.md @@ -3,7 +3,7 @@ title: "Trivy SBOM" category: "scanner" type: "Container" state: "released" -appVersion: "0.68.1" +appVersion: "0.70.0" usecase: "Container Dependency Scanner" --- diff --git a/scanners/trivy-sbom/Taskfile.yaml b/scanners/trivy-sbom/Taskfile.yaml index a63be5bb22..8eb3d5f61c 100644 --- a/scanners/trivy-sbom/Taskfile.yaml +++ b/scanners/trivy-sbom/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/trivy-sbom/docs/README.DockerHub-Parser.md b/scanners/trivy-sbom/docs/README.DockerHub-Parser.md index 6f82b20ce7..c3ced98dab 100644 --- a/scanners/trivy-sbom/docs/README.DockerHub-Parser.md +++ b/scanners/trivy-sbom/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `0.68.1` +- tagged releases, e.g. `0.70.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/trivy-sbom. diff --git a/scanners/trivy/Chart.yaml b/scanners/trivy/Chart.yaml index 1c47a78cfa..62a772156f 100644 --- a/scanners/trivy/Chart.yaml +++ b/scanners/trivy/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the trivy security scanner that integrates with th type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "0.68.1" +appVersion: "0.70.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/aquasecurity/trivy/releases/latest diff --git a/scanners/trivy/README.md b/scanners/trivy/README.md index 753741e86a..c9274eadee 100644 --- a/scanners/trivy/README.md +++ b/scanners/trivy/README.md @@ -3,7 +3,7 @@ title: "Trivy" category: "scanner" type: "Container" state: "released" -appVersion: "0.68.1" +appVersion: "0.70.0" usecase: "Container Vulnerability Scanner" --- diff --git a/scanners/trivy/Taskfile.yaml b/scanners/trivy/Taskfile.yaml index e59e71ce7a..45fe6102b8 100644 --- a/scanners/trivy/Taskfile.yaml +++ b/scanners/trivy/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/whatweb/Chart.yaml b/scanners/whatweb/Chart.yaml index 6fac0ad15f..cabbdc64e6 100644 --- a/scanners/whatweb/Chart.yaml +++ b/scanners/whatweb/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the whatweb security Scanner that integrates with type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v0.6.3" +appVersion: "v0.6.4" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/urbanadventurer/WhatWeb/releases/latest diff --git a/scanners/whatweb/README.md b/scanners/whatweb/README.md index a5af58cc4f..142a7dc97a 100644 --- a/scanners/whatweb/README.md +++ b/scanners/whatweb/README.md @@ -3,7 +3,7 @@ title: "Whatweb" category: "scanner" type: "Network" state: "released" -appVersion: "v0.6.3" +appVersion: "v0.6.4" usecase: "Website identification" --- diff --git a/scanners/whatweb/Taskfile.yaml b/scanners/whatweb/Taskfile.yaml index 0d5660bfad..e93e74dbdc 100644 --- a/scanners/whatweb/Taskfile.yaml +++ b/scanners/whatweb/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/whatweb/docs/README.DockerHub-Parser.md b/scanners/whatweb/docs/README.DockerHub-Parser.md index d1c7e1e3ee..78c1b0304d 100644 --- a/scanners/whatweb/docs/README.DockerHub-Parser.md +++ b/scanners/whatweb/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v0.6.3` +- tagged releases, e.g. `v0.6.4` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/Whatweb. diff --git a/scanners/whatweb/docs/README.DockerHub-Scanner.md b/scanners/whatweb/docs/README.DockerHub-Scanner.md index e93e3aba86..6a09d19664 100644 --- a/scanners/whatweb/docs/README.DockerHub-Scanner.md +++ b/scanners/whatweb/docs/README.DockerHub-Scanner.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v0.6.3` +- tagged releases, e.g. `v0.6.4` ## How to use this image This `scanner` image is intended to work in combination with the corresponding `parser` image to parse the scanner `findings` to generic secureCodeBox results. For more information details please take a look at the [project page][scb-docs] or [documentation page][https://www.securecodebox.io/docs/scanners/Whatweb]. diff --git a/scanners/wpscan/Taskfile.yaml b/scanners/wpscan/Taskfile.yaml index a3af82c558..2ad783ef31 100644 --- a/scanners/wpscan/Taskfile.yaml +++ b/scanners/wpscan/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/zap-automation-framework/.helm-docs.gotmpl b/scanners/zap-automation-framework/.helm-docs.gotmpl index 250c6fbf3e..c53c35d3a2 100644 --- a/scanners/zap-automation-framework/.helm-docs.gotmpl +++ b/scanners/zap-automation-framework/.helm-docs.gotmpl @@ -27,7 +27,7 @@ usecase: "WebApp & OpenAPI Vulnerability Scanner" {{- define "extra.chartAboutSection" -}} ## What is ZAP? -The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. +The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way. To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/). diff --git a/scanners/zap-automation-framework/Chart.yaml b/scanners/zap-automation-framework/Chart.yaml index 86f9db4aaf..bbce697515 100644 --- a/scanners/zap-automation-framework/Chart.yaml +++ b/scanners/zap-automation-framework/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the ZAP Automation Framework that integrates with type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "2.16.1" +appVersion: "2.17.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/zaproxy/zaproxy/releases/latest diff --git a/scanners/zap-automation-framework/README.md b/scanners/zap-automation-framework/README.md index aeb98fef2b..1f3a7758e2 100644 --- a/scanners/zap-automation-framework/README.md +++ b/scanners/zap-automation-framework/README.md @@ -3,7 +3,7 @@ title: "ZAP Automation Framework" category: "scanner" type: "WebApplication" state: "released" -appVersion: "2.16.1" +appVersion: "2.17.0" usecase: "WebApp & OpenAPI Vulnerability Scanner" --- @@ -37,7 +37,7 @@ Otherwise your changes will be reverted/overwritten automatically due to the bui ## What is ZAP? -The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. +The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way. To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/). diff --git a/scanners/zap-automation-framework/Taskfile.yaml b/scanners/zap-automation-framework/Taskfile.yaml index b3c480bcef..d17964df2e 100644 --- a/scanners/zap-automation-framework/Taskfile.yaml +++ b/scanners/zap-automation-framework/Taskfile.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -version: "3.44.0" +version: "3.48.0" includes: scanner: diff --git a/scanners/zap-automation-framework/docs/README.ArtifactHub.md b/scanners/zap-automation-framework/docs/README.ArtifactHub.md index 581cb20d4e..bb20ae675a 100644 --- a/scanners/zap-automation-framework/docs/README.ArtifactHub.md +++ b/scanners/zap-automation-framework/docs/README.ArtifactHub.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## What is ZAP? -The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. +The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way. To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/). diff --git a/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md b/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md index 5ecc940e34..73d9f08d8c 100644 --- a/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md +++ b/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md @@ -53,7 +53,7 @@ docker pull securecodebox/parser-zap-automation-framework ## What is ZAP? -The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. +The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way. To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/). diff --git a/scbctl/go.mod b/scbctl/go.mod index 435be2f3e3..6ec198d990 100644 --- a/scbctl/go.mod +++ b/scbctl/go.mod @@ -3,84 +3,91 @@ // SPDX-License-Identifier: Apache-2.0 module github.com/secureCodeBox/secureCodeBox/scbctl -go 1.24.5 +go 1.26.2 require ( - github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 - github.com/spf13/cobra v1.9.1 - k8s.io/api v0.32.3 - k8s.io/apimachinery v0.32.3 - k8s.io/cli-runtime v0.32.3 - sigs.k8s.io/controller-runtime v0.20.4 + github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4 + github.com/spf13/cobra v1.10.2 + k8s.io/api v0.35.3 + k8s.io/apimachinery v0.35.3 + k8s.io/cli-runtime v0.35.3 + sigs.k8s.io/controller-runtime v0.23.3 ) -require github.com/stretchr/testify v1.10.0 +require github.com/stretchr/testify v1.11.1 require ( github.com/blang/semver/v4 v4.0.0 // indirect - github.com/fatih/color v1.18.0 // indirect - github.com/fxamacker/cbor/v2 v2.8.0 // indirect - github.com/google/go-cmp v0.7.0 // indirect + github.com/fatih/color v1.19.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.1 // indirect + github.com/go-openapi/swag/cmdutils v0.25.5 // indirect + github.com/go-openapi/swag/conv v0.25.5 // indirect + github.com/go-openapi/swag/fileutils v0.25.5 // indirect + github.com/go-openapi/swag/jsonname v0.25.5 // indirect + github.com/go-openapi/swag/jsonutils v0.25.5 // indirect + github.com/go-openapi/swag/loading v0.25.5 // indirect + github.com/go-openapi/swag/mangling v0.25.5 // indirect + github.com/go-openapi/swag/netutils v0.25.5 // indirect + github.com/go-openapi/swag/stringutils v0.25.5 // indirect + github.com/go-openapi/swag/typeutils v0.25.5 // indirect + github.com/go-openapi/swag/yamlutils v0.25.5 // indirect + github.com/goccy/go-yaml v1.19.2 // indirect + github.com/kr/text v0.2.0 // indirect github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect - github.com/pelletier/go-toml/v2 v2.2.4 // indirect + github.com/pelletier/go-toml/v2 v2.3.0 // indirect github.com/x448/float16 v0.8.4 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + go.yaml.in/yaml/v2 v2.4.4 // indirect + go.yaml.in/yaml/v3 v3.0.4 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect ) require ( github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/ddddddO/gtree v1.11.2 - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/ddddddO/gtree v1.13.5 + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/go-errors/errors v1.5.1 // indirect - github.com/go-logr/logr v1.4.2 // indirect - github.com/go-openapi/jsonpointer v0.21.1 // indirect - github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/protobuf v1.5.4 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/go-openapi/jsonpointer v0.22.5 // indirect + github.com/go-openapi/jsonreference v0.21.5 // indirect + github.com/go-openapi/swag v0.25.5 // indirect github.com/google/btree v1.1.3 // indirect - github.com/google/gnostic-models v0.6.9 // indirect - github.com/google/gofuzz v1.2.0 // indirect - github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect + github.com/google/gnostic-models v0.7.1 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect - github.com/mailru/easyjson v0.9.0 // indirect github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect github.com/moby/term v0.5.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/spf13/pflag v1.0.10 // indirect github.com/xlab/treeprint v1.2.0 // indirect - golang.org/x/net v0.39.0 // indirect - golang.org/x/oauth2 v0.29.0 // indirect - golang.org/x/sync v0.13.0 // indirect - golang.org/x/sys v0.32.0 // indirect - golang.org/x/term v0.31.0 // indirect - golang.org/x/text v0.24.0 // indirect - golang.org/x/time v0.11.0 // indirect - google.golang.org/protobuf v1.36.6 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sync v0.20.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/term v0.41.0 // indirect + golang.org/x/text v0.35.0 // indirect + golang.org/x/time v0.15.0 // indirect + google.golang.org/protobuf v1.36.11 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/client-go v0.32.3 // indirect - k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect - k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect - sigs.k8s.io/kustomize/api v0.19.0 // indirect - sigs.k8s.io/kustomize/kyaml v0.19.0 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.6.0 // indirect - sigs.k8s.io/yaml v1.4.0 // indirect + k8s.io/client-go v0.35.3 // indirect + k8s.io/klog/v2 v2.140.0 // indirect + k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 // indirect + k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect + sigs.k8s.io/kustomize/api v0.21.1 // indirect + sigs.k8s.io/kustomize/kyaml v0.21.1 // indirect + sigs.k8s.io/yaml v1.6.0 // indirect ) diff --git a/scbctl/go.sum b/scbctl/go.sum index 12ff7cdb1a..174baa3a36 100644 --- a/scbctl/go.sum +++ b/scbctl/go.sum @@ -1,78 +1,100 @@ github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg= github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= +github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= +github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/ddddddO/gtree v1.11.2 h1:PxVEVBFmmnUimvLauepZakEl92Ojv8zubSOZLNekw8Y= -github.com/ddddddO/gtree v1.11.2/go.mod h1:LSpmrl3TbJjchcRZqneN5D2GghkPWbtM6mrZFjEZfz8= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/ddddddO/gtree v1.13.5 h1:lw3vfTocJyVbLa952P7LMksOIOwfy2VgYk6uqEgWbcQ= +github.com/ddddddO/gtree v1.13.5/go.mod h1:H2oFzILcNU9EVdIDh9flmeaogyudGF9PFYEfBPwsCJM= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= -github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= -github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= -github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= -github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/fxamacker/cbor/v2 v2.8.0 h1:fFtUGXUzXPHTIUdne5+zzMPTfffl3RD5qYnkY40vtxU= -github.com/fxamacker/cbor/v2 v2.8.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/fatih/color v1.19.0 h1:Zp3PiM21/9Ld6FzSKyL5c/BULoe/ONr9KlbYVOfG8+w= +github.com/fatih/color v1.19.0/go.mod h1:zNk67I0ZUT1bEGsSGyCZYZNrHuTkJJB+r6Q9VuMi0LE= +github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= +github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= +github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= +github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-errors/errors v1.5.1 h1:ZwEMSLRCapFLflTpT7NKaAc7ukJ8ZPEjzlxt8rPN8bk= github.com/go-errors/errors v1.5.1/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= -github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= -github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= -github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= -github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= -github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/jsonpointer v0.22.5 h1:8on/0Yp4uTb9f4XvTrM2+1CPrV05QPZXu+rvu2o9jcA= +github.com/go-openapi/jsonpointer v0.22.5/go.mod h1:gyUR3sCvGSWchA2sUBJGluYMbe1zazrYWIkWPjjMUY0= +github.com/go-openapi/jsonreference v0.21.5 h1:6uCGVXU/aNF13AQNggxfysJ+5ZcU4nEAe+pJyVWRdiE= +github.com/go-openapi/jsonreference v0.21.5/go.mod h1:u25Bw85sX4E2jzFodh1FOKMTZLcfifd1Q+iKKOUxExw= +github.com/go-openapi/swag v0.25.5 h1:pNkwbUEeGwMtcgxDr+2GBPAk4kT+kJ+AaB+TMKAg+TU= +github.com/go-openapi/swag v0.25.5/go.mod h1:B3RT6l8q7X803JRxa2e59tHOiZlX1t8viplOcs9CwTA= +github.com/go-openapi/swag/cmdutils v0.25.5 h1:yh5hHrpgsw4NwM9KAEtaDTXILYzdXh/I8Whhx9hKj7c= +github.com/go-openapi/swag/cmdutils v0.25.5/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.5 h1:wAXBYEXJjoKwE5+vc9YHhpQOFj2JYBMF2DUi+tGu97g= +github.com/go-openapi/swag/conv v0.25.5/go.mod h1:CuJ1eWvh1c4ORKx7unQnFGyvBbNlRKbnRyAvDvzWA4k= +github.com/go-openapi/swag/fileutils v0.25.5 h1:B6JTdOcs2c0dBIs9HnkyTW+5gC+8NIhVBUwERkFhMWk= +github.com/go-openapi/swag/fileutils v0.25.5/go.mod h1:V3cT9UdMQIaH4WiTrUc9EPtVA4txS0TOmRURmhGF4kc= +github.com/go-openapi/swag/jsonname v0.25.5 h1:8p150i44rv/Drip4vWI3kGi9+4W9TdI3US3uUYSFhSo= +github.com/go-openapi/swag/jsonname v0.25.5/go.mod h1:jNqqikyiAK56uS7n8sLkdaNY/uq6+D2m2LANat09pKU= +github.com/go-openapi/swag/jsonutils v0.25.5 h1:XUZF8awQr75MXeC+/iaw5usY/iM7nXPDwdG3Jbl9vYo= +github.com/go-openapi/swag/jsonutils v0.25.5/go.mod h1:48FXUaz8YsDAA9s5AnaUvAmry1UcLcNVWUjY42XkrN4= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5 h1:SX6sE4FrGb4sEnnxbFL/25yZBb5Hcg1inLeErd86Y1U= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.5/go.mod h1:/2KvOTrKWjVA5Xli3DZWdMCZDzz3uV/T7bXwrKWPquo= +github.com/go-openapi/swag/loading v0.25.5 h1:odQ/umlIZ1ZVRteI6ckSrvP6e2w9UTF5qgNdemJHjuU= +github.com/go-openapi/swag/loading v0.25.5/go.mod h1:I8A8RaaQ4DApxhPSWLNYWh9NvmX2YKMoB9nwvv6oW6g= +github.com/go-openapi/swag/mangling v0.25.5 h1:hyrnvbQRS7vKePQPHHDso+k6CGn5ZBs5232UqWZmJZw= +github.com/go-openapi/swag/mangling v0.25.5/go.mod h1:6hadXM/o312N/h98RwByLg088U61TPGiltQn71Iw0NY= +github.com/go-openapi/swag/netutils v0.25.5 h1:LZq2Xc2QI8+7838elRAaPCeqJnHODfSyOa7ZGfxDKlU= +github.com/go-openapi/swag/netutils v0.25.5/go.mod h1:lHbtmj4m57APG/8H7ZcMMSWzNqIQcu0RFiXrPUara14= +github.com/go-openapi/swag/stringutils v0.25.5 h1:NVkoDOA8YBgtAR/zvCx5rhJKtZF3IzXcDdwOsYzrB6M= +github.com/go-openapi/swag/stringutils v0.25.5/go.mod h1:PKK8EZdu4QJq8iezt17HM8RXnLAzY7gW0O1KKarrZII= +github.com/go-openapi/swag/typeutils v0.25.5 h1:EFJ+PCga2HfHGdo8s8VJXEVbeXRCYwzzr9u4rJk7L7E= +github.com/go-openapi/swag/typeutils v0.25.5/go.mod h1:itmFmScAYE1bSD8C4rS0W+0InZUBrB2xSPbWt6DLGuc= +github.com/go-openapi/swag/yamlutils v0.25.5 h1:kASCIS+oIeoc55j28T4o8KwlV2S4ZLPT6G0iq2SSbVQ= +github.com/go-openapi/swag/yamlutils v0.25.5/go.mod h1:Gek1/SjjfbYvM+Iq4QGwa/2lEXde9n2j4a3wI3pNuOQ= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0 h1:7SgOMTvJkM8yWrQlU8Jm18VeDPuAvB/xWrdxFJkoFag= +github.com/go-openapi/testify/enable/yaml/v2 v2.4.0/go.mod h1:14iV8jyyQlinc9StD7w1xVPW3CO3q1Gj04Jy//Kw4VM= +github.com/go-openapi/testify/v2 v2.4.0 h1:8nsPrHVCWkQ4p8h1EsRVymA2XABB4OT40gcvAu+voFM= +github.com/go-openapi/testify/v2 v2.4.0/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM= +github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw= -github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= +github.com/google/gnostic-models v0.7.1/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= -github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= -github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= -github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= -github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= @@ -84,8 +106,9 @@ github.com/moby/term v0.5.2/go.mod h1:d3djjFCrjnB+fl8NJux+EJzu0msscUP+f8it8hPkFL github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= @@ -94,99 +117,85 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.22.0 h1:Yed107/8DjTr0lKCNt7Dn8yQ6ybuDRQoMGrNFKzMfHg= -github.com/onsi/ginkgo/v2 v2.22.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.36.2 h1:koNYke6TVk6ZmnyHrCXba/T/MoLBXFjeC1PtvYgw0A8= -github.com/onsi/gomega v1.36.2/go.mod h1:DdwyADRjrc825LhMEkD76cHR5+pUnjhUN8GlHlRPHzY= -github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4= -github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.39.1 h1:1IJLAad4zjPn2PsnhH70V4DKRFlrCzGBNrNaru+Vf28= +github.com/onsi/gomega v1.39.1/go.mod h1:hL6yVALoTOxeWudERyfppUcZXjMwIMLnuSfruD2lcfg= +github.com/pelletier/go-toml/v2 v2.3.0 h1:k59bC/lIZREW0/iVaQR8nDHxVq8OVlIzYCOJf421CaM= +github.com/pelletier/go-toml/v2 v2.3.0/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= +github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= +github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= +github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= +github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= +github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= +github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= +github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 h1:bA5TfYaqlHXqrDGAZJuIPVpC+BqUU4wKSJzrOH6V6oU= -github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589/go.mod h1:C2aY0MPPrtn+VkOpWXJKpd+2xmFogMy4sjBH406XrDA= -github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= -github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= -github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4 h1:ykAUZDe7VqS5gJQlzFDrz8IYHy/yQX/5DVQIarW+iWM= +github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20260408091312-ed3ef305dfd4/go.mod h1:K45+gtNFgX4paHyqQT1uESPhYy5xuPbH6F+yfYaGRyM= +github.com/sergi/go-diff v1.4.0 h1:n/SP9D5ad1fORl+llWyN+D6qoUETXNZARKjyY2/KVCw= +github.com/sergi/go-diff v1.4.0/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= +github.com/spf13/cobra v1.10.2 h1:DMTTonx5m65Ic0GOoRY2c16WCbHxOOw6xxezuLaBpcU= +github.com/spf13/cobra v1.10.2/go.mod h1:7C1pvHqHw5A4vrJfjNwvOdzYu0Gml16OCs2GRiTUUS4= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY= -golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E= -golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98= -golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610= -golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= +go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= +go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= +go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= +golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= +golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20= -golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o= -golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0= -golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= -golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= -google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= +golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= +golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= +golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= +google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= +google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= @@ -194,34 +203,33 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.32.3 h1:Hw7KqxRusq+6QSplE3NYG4MBxZw1BZnq4aP4cJVINls= -k8s.io/api v0.32.3/go.mod h1:2wEDTXADtm/HA7CCMD8D8bK4yuBUptzaRhYcYEEYA3k= -k8s.io/apiextensions-apiserver v0.32.1 h1:hjkALhRUeCariC8DiVmb5jj0VjIc1N0DREP32+6UXZw= -k8s.io/apiextensions-apiserver v0.32.1/go.mod h1:sxWIGuGiYov7Io1fAS2X06NjMIk5CbRHc2StSmbaQto= -k8s.io/apimachinery v0.32.3 h1:JmDuDarhDmA/Li7j3aPrwhpNBA94Nvk5zLeOge9HH1U= -k8s.io/apimachinery v0.32.3/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= -k8s.io/cli-runtime v0.32.3 h1:khLF2ivU2T6Q77H97atx3REY9tXiA3OLOjWJxUrdvss= -k8s.io/cli-runtime v0.32.3/go.mod h1:vZT6dZq7mZAca53rwUfdFSZjdtLyfF61mkf/8q+Xjak= -k8s.io/client-go v0.32.3 h1:RKPVltzopkSgHS7aS98QdscAgtgah/+zmpAogooIqVU= -k8s.io/client-go v0.32.3/go.mod h1:3v0+3k4IcT9bXTc4V2rt+d2ZPPG700Xy6Oi0Gdl2PaY= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4= -k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8= -k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e h1:KqK5c/ghOm8xkHYhlodbp6i6+r+ChV2vuAuVRdFbLro= -k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.20.4 h1:X3c+Odnxz+iPTRobG4tp092+CvBU9UK0t/bRf+n0DGU= -sigs.k8s.io/controller-runtime v0.20.4/go.mod h1:xg2XB0K5ShQzAgsoujxuKN4LNXR2LfwwHsPj7Iaw+XY= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= -sigs.k8s.io/kustomize/api v0.19.0 h1:F+2HB2mU1MSiR9Hp1NEgoU2q9ItNOaBJl0I4Dlus5SQ= -sigs.k8s.io/kustomize/api v0.19.0/go.mod h1:/BbwnivGVcBh1r+8m3tH1VNxJmHSk1PzP5fkP6lbL1o= -sigs.k8s.io/kustomize/kyaml v0.19.0 h1:RFge5qsO1uHhwJsu3ipV7RNolC7Uozc0jUBC/61XSlA= -sigs.k8s.io/kustomize/kyaml v0.19.0/go.mod h1:FeKD5jEOH+FbZPpqUghBP8mrLjJ3+zD3/rf9NNu1cwY= -sigs.k8s.io/randfill v0.0.0-20250304075658-069ef1bbf016/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +k8s.io/api v0.35.3 h1:pA2fiBc6+N9PDf7SAiluKGEBuScsTzd2uYBkA5RzNWQ= +k8s.io/api v0.35.3/go.mod h1:9Y9tkBcFwKNq2sxwZTQh1Njh9qHl81D0As56tu42GA4= +k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4= +k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU= +k8s.io/apimachinery v0.35.3 h1:MeaUwQCV3tjKP4bcwWGgZ/cp/vpsRnQzqO6J6tJyoF8= +k8s.io/apimachinery v0.35.3/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/cli-runtime v0.35.3 h1:UZq4ipNimtzBmhN7PPKbfAdqo8quK0H0UdGl6qAQnqI= +k8s.io/cli-runtime v0.35.3/go.mod h1:O7MUmCqcKSd5xI+O5X7/pRkB5l0O2NIhOdUVwbHLXu4= +k8s.io/client-go v0.35.3 h1:s1lZbpN4uI6IxeTM2cpdtrwHcSOBML1ODNTCCfsP1pg= +k8s.io/client-go v0.35.3/go.mod h1:RzoXkc0mzpWIDvBrRnD+VlfXP+lRzqQjCmKtiwZ8Q9c= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 h1:V+sn9a/1fEYDGwnllCmqXBk8x7obZ+hl869Q3Abumkg= +k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= +k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/controller-runtime v0.23.3 h1:VjB/vhoPoA9l1kEKZHBMnQF33tdCLQKJtydy4iqwZ80= +sigs.k8s.io/controller-runtime v0.23.3/go.mod h1:B6COOxKptp+YaUT5q4l6LqUJTRpizbgf9KSRNdQGns0= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/kustomize/api v0.21.1 h1:lzqbzvz2CSvsjIUZUBNFKtIMsEw7hVLJp0JeSIVmuJs= +sigs.k8s.io/kustomize/api v0.21.1/go.mod h1:f3wkKByTrgpgltLgySCntrYoq5d3q7aaxveSagwTlwI= +sigs.k8s.io/kustomize/kyaml v0.21.1 h1:IVlbmhC076nf6foyL6Taw4BkrLuEsXUXNpsE+ScX7fI= +sigs.k8s.io/kustomize/kyaml v0.21.1/go.mod h1:hmxADesM3yUN2vbA5z1/YTBnzLJ1dajdqpQonwBL1FQ= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v4 v4.6.0 h1:IUA9nvMmnKWcj5jl84xn+T5MnlZKThmUW1TdblaLVAc= -sigs.k8s.io/structured-merge-diff/v4 v4.6.0/go.mod h1:dDy58f92j70zLsuZVuUX5Wp9vtxXpaZnkPGWeqDfCps= -sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= -sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/sdk.mk b/sdk.mk deleted file mode 100644 index 73d0a8123a..0000000000 --- a/sdk.mk +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# This include is a base for all SDK make files. - -name = ${sdk} -module = ${sdk} -include ../../test-base.mk -include ../../env-paths.mk -# Telling the env-paths file where the root project dir is. This is done to allow the generation of the paths of the -# different project folders relative to where the makefile is being run from. So BIN_DIR= $(PROJECT_DIR)/bin will be -# BIN_DIR=../../bin -PROJECT_DIR=../.. - -.PHONY: docker-build -docker-build: | docker-build-sdk - -.PHONY: docker-export -docker-export: | docker-export-sdk - -.PHONY: kind-import -kind-import: | kind-import-sdk - -.PHONY: docker-build-sdk -docker-build-sdk: - @echo ".: ⚙️ Build '$(name)'." - docker build -t $(IMG_NS)/$(name)-nodejs:$(IMG_TAG) . - -.PHONY: docker-export-sdk -docker-export-sdk: - @echo ".: ⚙️ Build '$(name)'." - docker save $(IMG_NS)/$(name)-nodejs:$(IMG_TAG) -o $(name).tar - -.PHONY: kind-import-sdk -kind-import-sdk: - @echo ".: 💾 Importing the image archive '$(name).tar' to local kind cluster." - kind load image-archive ./$(name).tar diff --git a/test-base.mk b/test-base.mk deleted file mode 100644 index b0749566b0..0000000000 --- a/test-base.mk +++ /dev/null @@ -1,223 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# This include is a base test setup used for hooks, scanners, and SDKs. -# - -# include must be two levels up because this file is included effectivity two levels deeper in the modules hierarchy. -include ../../prerequisites.mk - -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq ($(include_guard),) -$(error you should never run this makefile directly!) -endif - -# IMPORTANT: The body of conditionals MUST not be indented! Indentation result in -# errors on macOS/FreeBSD because the line wil be interpreted as command which must -# inside a recipe (target). (see https://github.com/secureCodeBox/secureCodeBox/issues/1353) -ifeq ($(name),) -$(error name ENV is not set) -endif - -# Variables you might want to override: -# -# IMG_NS: Defines the namespace under which the images are build. -# For `securecodebox/scanner-nmap` `securecodebox` is the namespace -# Defaults to `securecodebox` -# -# BASE_IMG_TAG: Defines the tag of the base image used to build this scanner/hook -# -# IMG_TAG: Tag used to tag the newly created image. Defaults to the shortened commit hash -# prefixed with `sha-` e.g. `sha-ef8de4b7` -# -# KIND_CLUSTER_NAME: Defines the name of the kind cluster (created by kind create cluster --name cluster-name) -# -# Examples: -# make all IMG_TAG=main -# make deploy IMG_TAG=$(git rev-parse --short HEAD) -# make kind-import KIND_CLUSTER_NAME=your-cluster-name -# make integration-tests -# - -SHELL = /bin/sh - -IMG_NS ?= securecodebox -GIT_TAG ?= $$(git rev-parse --short HEAD) -BASE_IMG_TAG ?= sha-$(GIT_TAG) -IMG_TAG ?= "sha-$(GIT_TAG)" -KIND_CLUSTER_NAME ?= kind - -parser-prefix = parser -scanner-prefix = scanner -hook-prefix = hook - -all: help - -.PHONY: test -test: | reset-integration-tests-namespace reset-demo-targets-namespace clean-operator clean-parser-sdk clean-hook-sdk unit-tests docker-build docker-export kind-import deploy deploy-test-deps integration-tests ## 🧪 Complete clean Test for this module. - -.PHONY: install-deps-js -install-deps-js: - @echo ".: ⚙️ Installing all $(module) specific javascript dependencies." - cd .. && npm ci - cd ../.. && npm ci - cd ../../${module}-sdk/nodejs && npm ci - cd ${module}/ && npm ci - -.PHONY: unit-test-js -unit-test-js: install-deps-js - @echo ".: 🧪 Starting unit-tests for '$(name)' $(module)." - npm run test:unit -- ${name}/${module}/ - -.PHONY: install-deps-py -install-deps-py: - @echo ".: ⚙️ Installing all $(module) specific python dependencies." - $(PYTHON) -m pip install --upgrade pip setuptools wheel pytest - cd $(module)/ && $(PYTHON) -m pip install -r requirements.txt - -.PHONY: unit-test-py -unit-test-py: install-deps-py - cd $(module)/ && $(PYTHON) -m pytest --ignore-glob='*_local.py' --ignore=tests/docker - -.PHONY: unit-test-java -unit-test-java: - cd $(module)/ && ./gradlew test - -.PHONY: common-docker-build -common-docker-build: - @echo ".: ⚙️ Build '$(name)' $(module) with BASE_IMG_TAG: '$(BASE_IMG_TAG)'." - docker build \ - --build-arg=scannerVersion=$(shell yq -e .appVersion ./Chart.yaml) \ - --build-arg=baseImageTag=$(BASE_IMG_TAG) \ - --build-arg=namespace=$(IMG_NS) \ - -t $(IMG_NS)/$(module)-$(name):$(IMG_TAG) \ - -f ./$(module)/Dockerfile \ - ./$(module) - -.PHONY: common-docker-export -common-docker-export: - @echo ".: ⚙️ Saving new docker image archive to '$(module)-$(name).tar'." - docker save $(IMG_NS)/$(module)-$(name):$(IMG_TAG) -o $(module)-$(name).tar - -.PHONY: common-kind-import -common-kind-import: - @echo ".: 💾 Importing the image archive '$(module)-$(name).tar' to local kind cluster." - kind load image-archive ./$(module)-$(name).tar --name $(KIND_CLUSTER_NAME) - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-namespace - -.PHONY: deploy-test-dep-namespace -deploy-test-dep-namespace: - # If not exists create namespace where the tests will be executed - kubectl create namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - - -.PHONY: deploy-test-dep-dummy-ssh -deploy-test-dep-dummy-ssh: - helm -n demo-targets upgrade --install dummy-ssh ../../demo-targets/dummy-ssh/ --set="fullnameOverride=dummy-ssh" --wait - -.PHONY: deploy-test-dep-unsafe-https -deploy-test-dep-unsafe-https: - helm -n demo-targets upgrade --install unsafe-https ../../demo-targets/unsafe-https/ --set="fullnameOverride=unsafe-https" --wait - -.PHONY: deploy-test-dep-bodgeit -deploy-test-dep-bodgeit: - helm -n demo-targets upgrade --install bodgeit ../../demo-targets/bodgeit/ --set="fullnameOverride=bodgeit" --wait - -.PHONY: deploy-test-dep-petstore -deploy-test-dep-petstore: - helm -n demo-targets upgrade --install petstore ../../demo-targets/swagger-petstore/ --set="fullnameOverride=petstore" --wait - -.PHONY: deploy-test-dep-old-wordpress -deploy-test-dep-old-wordpress: - helm -n demo-targets upgrade --install old-wordpress ../../demo-targets/old-wordpress/ --set="fullnameOverride=old-wordpress" --wait - -.PHONY: deploy-test-dep-old-typo3 -deploy-test-dep-old-typo3: - helm -n demo-targets upgrade --install old-typo3 ../../demo-targets/old-typo3/ --set="fullnameOverride=old-typo3" --wait - -.PHONY: deploy-test-dep-juiceshop -deploy-test-dep-juiceshop: - helm -n demo-targets upgrade --install juiceshop ../../demo-targets/juice-shop/ --set="fullnameOverride=juiceshop" --wait - -.PHONY: deploy-test-dep-vulnerable-log4j -deploy-test-dep-vulnerable-log4j: - helm -n demo-targets upgrade --install vulnerable-log4j ../../demo-targets/vulnerable-log4j/ --set="fullnameOverride=vulnerable-log4j" --wait - -.PHONY: deploy-test-dep-nginx -deploy-test-dep-nginx: - # Delete leftover nginx's. Unfortunately can't create deployment only if not exists (like namespaces) - kubectl delete deployment nginx --namespace demo-targets --ignore-not-found --wait - kubectl delete svc nginx --namespace demo-targets --ignore-not-found --wait - # Install plain nginx server - kubectl create deployment --image nginx:alpine nginx --namespace demo-targets - kubectl expose deployment nginx --port 80 --namespace demo-targets - -.PHONY: deploy-test-dep-http-webhook -deploy-test-dep-http-webhook: - helm -n integration-tests upgrade --install http-webhook ../../demo-targets/http-webhook/ - -.PHONY: deploy-test-dep-test-scan -deploy-test-dep-test-scan: - cd ../../scanners/test-scan/ && $(MAKE) docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install test-scan . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-test-scan" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-test-scan" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" - -.PHONY: deploy-test-dep-old-joomla -deploy-test-dep-old-joomla: - helm -n demo-targets install old-joomla ../../demo-targets/old-joomla/ --set="fullnameOverride=old-joomla" --wait - -.PHONY: reset -reset: ## 🧹 removing all generated files for this module. - @echo ".: 🧹 removing all generated files." - rm -f ./$(module)-$(name).tar - rm -rf ./$(module)/node_modules - rm -rf ./$(module)/coverage - rm -rf ./integration-tests/node_modules - rm -rf ./integration-tests/coverage - rm -rf ../node_modules - rm -rf ../coverage - -.PHONY: reset-integration-tests-namespace -reset-integration-tests-namespace: - @echo ".: 🧹 Resetting 'integration-tests' namespace" - kubectl delete namespace integration-tests --wait || true - kubectl create namespace integration-tests - -.PHONY: reset-demo-targets-namespace -reset-demo-targets-namespace: - @echo ".: 🧹 Resetting 'demo-targets' namespace" - kubectl delete namespace demo-targets --wait || true - kubectl create namespace demo-targets - -.PHONY: clean-operator -clean-operator: - make -C $(OPERATOR_DIR) docker-build - make -C $(OPERATOR_DIR) docker-export - make -C $(OPERATOR_DIR) kind-import - rm $(OPERATOR_DIR)/operator.tar $(OPERATOR_DIR)/lurker.tar - make -C $(OPERATOR_DIR) helm-deploy - -.PHONY: clean-parser-sdk -clean-parser-sdk: - make -C $(PARSER_SDK_DIR) docker-build-sdk - -.PHONY: clean-hook-sdk -clean-hook-sdk: - make -C $(HOOK_SDK_DIR) docker-build-sdk - -.PHONY: help -help: ## 🔮 Display this help screen. - @grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \ - awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/tests/integration/package-lock.json b/tests/integration/package-lock.json index 69fdee11ea..a15270081d 100644 --- a/tests/integration/package-lock.json +++ b/tests/integration/package-lock.json @@ -20,13 +20,13 @@ "license": "Apache-2.0", "dependencies": { "@kubernetes/client-node": "^1.4.0", - "ajv": "^8.17.1", + "ajv": "^8.20.0", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^24.10.0" + "@types/node": "^25.6.0" } }, "node_modules/@jsep-plugin/assignment": { @@ -492,26 +492,15 @@ } }, "node_modules/ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "version": "10.2.0", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", + "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==", "dev": true, "license": "MIT", - "dependencies": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - }, "engines": { "node": ">= 12" } }, - "node_modules/ip-address/node_modules/sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", - "dev": true, - "license": "BSD-3-Clause" - }, "node_modules/isomorphic-ws": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", @@ -543,13 +532,6 @@ "js-yaml": "bin/js-yaml.js" } }, - "node_modules/jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", - "dev": true, - "license": "MIT" - }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", @@ -701,13 +683,13 @@ } }, "node_modules/socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.8.tgz", + "integrity": "sha512-NlGELfPrgX2f1TAAcz0WawlLn+0r3FyhhCRpFFK2CemXenPYvzMWWZINv3eDNo9ucdwme7oCHRY0Jnbs4aIkog==", "dev": true, "license": "MIT", "dependencies": { - "ip-address": "^9.0.5", + "ip-address": "^10.1.1", "smart-buffer": "^4.2.0" }, "engines": { @@ -893,8 +875,8 @@ "version": "file:../../parser-sdk/nodejs", "requires": { "@kubernetes/client-node": "^1.4.0", - "@types/node": "^24.10.0", - "ajv": "^8.17.1", + "@types/node": "^25.6.0", + "ajv": "^8.20.0", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", "jsonpointer": "^5.0.1" @@ -1181,22 +1163,10 @@ "dev": true }, "ip-address": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", - "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", - "dev": true, - "requires": { - "jsbn": "1.1.0", - "sprintf-js": "^1.1.3" - }, - "dependencies": { - "sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", - "dev": true - } - } + "version": "10.2.0", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", + "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==", + "dev": true }, "isomorphic-ws": { "version": "5.0.0", @@ -1220,12 +1190,6 @@ "argparse": "^2.0.1" } }, - "jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", - "dev": true - }, "jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", @@ -1327,12 +1291,12 @@ "dev": true }, "socks": { - "version": "2.8.5", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", - "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.8.tgz", + "integrity": "sha512-NlGELfPrgX2f1TAAcz0WawlLn+0r3FyhhCRpFFK2CemXenPYvzMWWZINv3eDNo9ucdwme7oCHRY0Jnbs4aIkog==", "dev": true, "requires": { - "ip-address": "^9.0.5", + "ip-address": "^10.1.1", "smart-buffer": "^4.2.0" } },