Skip to content

Releases: OWASP/wrongsecrets

1.7.2 quickfix for ui

26 Oct 20:24
0333283
Compare
Choose a tag to compare

What's Changed

Process

  • Added github actions to un-assigned issues after 90 days of inactivity by @za in #1050

Required UI Fixes

###LCM

  • Bump google.golang.org/grpc from 1.51.0 to 1.56.3 in /gcp by @dependabot in #1053
  • Bump google.golang.org/grpc from 1.51.0 to 1.56.3 in /azure by @dependabot in #1051
  • Bump google.golang.org/grpc from 1.51.0 to 1.56.3 in /aws by @dependabot in #1052

New Contributors

  • @za made their first contribution in #1050

Full Changelog: 1.7.1...1.7.2

1.7.1: hacktoberfest 2! New challenges and changes

25 Oct 19:06
f30d22c
Compare
Choose a tag to compare

What's Changed

This is the second Hacktoberfest release with small ui updates and some very cool new challenges!

New Challenges

  • feat: Challenge 39 based on filename as encryption key by @adarsh-a-tw in #1023
  • feat: Challenge 40 based on storing encryption key and secret in the same file by @adarsh-a-tw in #1027
  • feat: Challenge 41 based on Password shucking by @adarsh-a-tw in #1037

Updates and fixes

LCM

  • Bump golang.org/x/net from 0.8.0 to 0.17.0 in /gcp by @dependabot in #1029
  • Bump golang.org/x/net from 0.8.0 to 0.17.0 in /azure by @dependabot in #1030
  • Bump golang.org/x/net from 0.8.0 to 0.17.0 in /aws by @dependabot in #1031
  • Bump jeroenwillemsen/wrongsecrets from 1.7.0RC4-no-vault to 1.7.0-no-vault by @dependabot in #1032
  • Bump urllib3 from 2.0.6 to 2.0.7 in /scripts/sort_contibutors by @dependabot in #1038
  • Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.8.0 to 4.8.2 by @dependabot in #1041
  • Bump org.cyclonedx:cyclonedx-core-java from 7.3.2 to 8.0.1 by @dependabot in #1043
  • Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 by @dependabot in #1044
  • Bump com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.8.0 by @dependabot in #1039
  • Bump aws.sdk.version from 2.20.157 to 2.21.2 by @dependabot in #1042
  • Bump com.github.spotbugs:spotbugs from 4.7.3 to 4.8.0 by @dependabot in #1040
  • Bump actions/setup-node from 3 to 4 by @dependabot in #1048

New Contributors

Special thanks

We would like to thank @adarsh-a-tw , @alphasecio , @commjoen , @bendehaan , @mikewoudenberg, and @roddas for their hard work on this release!

Full Changelog: 1.7.0...1.7.1

1.7.0: Hacktoberfest 1: Java 21, K8s 1.28 and 3 new challenges

06 Oct 06:30
eea166a
Compare
Choose a tag to compare

Project upgrade

This is another big release as part of #Hacktoberfest! and we have loads of great news:

  • we have many #Hacktoberfest PRs which are part of this release.
  • our project got upgraded to "Production Status" in OWASP!
  • this release includes upgrades of K8S to 1.28 and Java to 21(LTS), which means we can easily deploy this project to various cloud providers for at least another year without the need for a lot of maintenance & we can continue development of the Java app as we are now compatible with a new LTS version of Java.

What's Changed

Major upgrades

New challenges:

  • Add challenge36: Advanced reverse engineering game by @roddas in #947
  • Add challenge 37 for ZAP configuration with authenticated endpoint by @commjoen in #941
  • Feature(#614): Challenge38 - Git notes challenge by @RemakingEden in #903

Other changes:

LCM:

  • Bump s4u/setup-maven-action from 1.9.0 to 1.10.0 by @dependabot in #988
  • Bump terraform-linters/setup-tflint from 3 to 4 by @dependabot in #989
  • Bump eslint-plugin-jest from 27.2.3 to 27.4.2 by @dependabot in #1007
  • Bump com.diffplug.spotless:spotless-maven-plugin from 2.39.0 to 2.40.0 by @dependabot in #1001
  • Bump aws.sdk.version from 2.20.139 to 2.20.157 by @dependabot in #999
  • Bump com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.5 to 4.7.3.6 by @dependabot in #1010
  • Bump eslint from 8.48.0 to 8.50.0 by @dependabot in #1006
  • Bump eslint-plugin-n from 16.0.2 to 16.1.0 by @dependabot in #1005
  • Bump cypress from 13.1.0 to 13.3.0 by @dependabot in #1004
  • Bump eslint-plugin-cypress from 2.14.0 to 2.15.1 by @dependabot in #1003
  • Bump hashicorp/azurerm from 3.71.0 to 3.75.0 in /azure by @dependabot in #995
  • Bump hashicorp/google from 4.80.0 to 4.84.0 in /gcp by @dependabot in #994
  • Bump hashicorp/google-beta from 4.80.0 to 4.84.0 in /gcp by @dependabot in #993
  • Bump hashicorp/aws from 5.15.0 to 5.19.0 in /aws by @dependabot in #997
  • Bump com.github.eirslett:frontend-maven-plugin from 1.13.4 to 1.14.0 by @dependabot in #1002
  • Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.7.2 to 4.8.0 by @dependabot in #1009
  • Bump javascript-obfuscator from 4.0.2 to 4.1.0 in /js by @dependabot in #996
  • Bump uk.org.webcompere:system-stubs-jupiter from 2.0.2 to 2.1.3 by @dependabot in #1012
  • Bump nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect from 3.2.1 to 3.3.0 by @dependabot in #998

New Contributors

Full Changelog: 1.6.10...1.7.0

Special Thanks:

Special thanks to @roddas , @nbaars , @bendehaan , @drnow4u , @RemakingEden , and @commjoen for their hard work on this release!

1.6.10: Small updates and fixes

15 Sep 08:17
5d79578
Compare
Choose a tag to compare

What's Changed

Features

  • Create render.yaml for render.io deployment by @commjoen in #983

Small fixes

LCM

  • Bump eslint-plugin-import from 2.28.0 to 2.28.1 by @dependabot in #955
  • Bump eslint from 8.46.0 to 8.48.0 by @dependabot in #952
  • Bump com.puppycrawl.tools:checkstyle from 10.12.2 to 10.12.3 by @dependabot in #961
  • Bump com.diffplug.spotless:spotless-maven-plugin from 2.38.0 to 2.39.0 by @dependabot in #958
  • Bump org.springframework.boot:spring-boot-starter-parent from 3.1.2 to 3.1.3 by @dependabot in #960
  • Bump aws.sdk.version from 2.20.116 to 2.20.139 by @dependabot in #972
  • Bump com.google.cloud:spring-cloud-gcp-dependencies from 4.7.0 to 4.7.2 by @dependabot in #971
  • Bump @commitlint/config-conventional from 17.6.7 to 17.7.0 by @dependabot in #953
  • Bump eslint-plugin-cypress from 2.13.3 to 2.14.0 by @dependabot in #969
  • Bump eslint-plugin-n from 16.0.1 to 16.0.2 by @dependabot in #956
  • Bump azurerm from 3.67.0 to 3.71.0 in /azure by @dependabot in #967
  • Bump hashicorp/google-beta from 4.76.0 to 4.80.0 in /gcp by @dependabot in #966
  • Bump hashicorp/google from 4.76.0 to 4.80.0 in /gcp by @dependabot in #965
  • Bump terraform-aws-modules/eks/aws from 19.15.4 to 19.16.0 in /aws by @dependabot in #963
  • Bump aws from 5.10.0 to 5.15.0 in /aws by @dependabot in #962
  • Bump org.linguafranca.pwdb:KeePassJava2 from 2.1.4 to 2.2.1 and fix local run issue with challenge14 by @dependabot in #970
  • Update container-alts-test.yml bumping Colima setup by @commjoen in #945
  • Update container-alts-test.yml to alpha.v10 by @commjoen in #976
  • Bump actions/checkout from 3 to 4 by @dependabot in #977
  • Feature: update node to version 20 as checkout v4 standard operates with v20 by @commjoen in #978
  • Bump org.webjars:jquery from 3.7.0 to 3.7.1 by @dependabot in #959
  • Bump com.azure.spring:spring-cloud-azure-dependencies from 5.3.0 to 5.5.0 by @dependabot in #973
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.1.0 to 2.2.0 by @dependabot in #957
  • Bump cypress from 12.17.2 to 13.1.0 by @dependabot in #954

New Contributors

Full Changelog: 1.6.9...1.6.10

Special Thanks

Special thanks to @djvinnie , @nbaars , @bendehaan , and @commjoen for their work on this release!

1.6.9: Bugfixes in challenges

31 Aug 09:40
91fdac4
Compare
Choose a tag to compare

What's Changed

Docs:

Bugfixes:

  • Update Challenge35 as there as a bug in the component ordering by @commjoen in #942
  • Update challenge32 to explain external website usage by @commjoen in #948
  • Replace Challenge32 with another prompting game (Gandalf) as the old prompting game is shut down by @commjoen in #950
  • Fix for challenge29 as there was an issue with decyrpting the actual answer by @commjoen in #949
  • Fixes for Challenge17 generation by @commjoen in #951

LCM:

Full Changelog: 1.6.8...1.6.9

Special Thanks

Special thanks to @bendehaan , @commjoen, and @djvinnie for their hard work on this release!

1.6.8

18 Aug 19:47
96ce218
Compare
Choose a tag to compare

What's Changed

New challenges

Bugfixes

  • Update container-alts-test.yml to test bug fix in action by @commjoen in #939

LCM

Full Changelog: 1.6.7...1.6.8

Special Thanks

Special thanks to @bendehaan and @commjoen for their hard work on this release!

1.6.7: Back to Java17(LTS) and other LCM

31 Jul 14:40
91f33e4
Compare
Choose a tag to compare

What's Changed

Bugfixes:

LCM:

Full Changelog: 1.6.6...1.6.7

Thanks

Thanks to @commjoen for his hard work on this release!

1.6.6: Challenge 34, LCM & Doc improvements

26 Jun 04:21
2d2b1b6
Compare
Choose a tag to compare

What's Changed

New Challenges

  • feat(#692): Challenge 34 with a focus on determenistic use of KDFs by @commjoen in #866

Small Fixes

LCM:

Full Changelog: 1.6.5...1.6.6

Special Thanks

We would like to thank @commjoen and @bendehaan for their hard work on this release.

1.6.5: Challenge 33, score-tracking on home, ui tests, small fixes & docs

02 Jun 22:28
42e63b0
Compare
Choose a tag to compare

What's Changed

Documentation:

  • #630 Docker image jeroenwillemsen/wrongsecrets:1.5.14-no-vault hangs … by @MarcinNowak-codes in #631
  • Update ctf instructions for challenge 30 by @commjoen in #821
  • Update README.md (badges & screenshots), challenge1 text, and a ui-bug by @commjoen in #825

Quality updates:

  • chore: add Spotless formatter by @nbaars in #790
  • UI Test Framework by @RemakingEden in #808
  • Automate spotless apply as part of pre-commit by @commjoen in #824
  • Fix for okteto; namespace substitution in challenge33.yml by @commjoen in #827
  • Scoring UI test tweaks by @RemakingEden in #828
  • Pre-release fixes (docs, tests, bugfixes in challenge 33 & challenge 13, pre-commit&node upgrades) and setting up 1.6.5 release by @commjoen in #829

New Features:

New Challenges:

LCM

Full Changelog: 1.6.4...1.6.5

Special Thanks

We would like to thank @bendehaan, @RemakingEden , @nbaars, @MarcinNowak-codes , @commjoen , and @devsecops

1.6.4: performance improvements, LCM, and 3 new challenges (LocalStorage, AI/LLM and documentation)

17 May 15:15
7b8fd5e
Compare
Choose a tag to compare

What's Changed

New challenges

Small updates

  • Code tidying, challenge difficulty refactor, removal of unnecessary code by @nbaars in #789
  • fix: wire challenges to compute size dynamically. by @nbaars in #820

Other features

  • Optimize performance of the app by means of JS minification and enabling GZIP compression by @commjoen in #805
  • Fixes for docs and challenges by @commjoen in #806
  • Update README.md to add new contributor Novice-Expert by @commjoen in #807

Dependency updates

  • build(deps): bump asciidoctorj.version from 2.5.7 to 2.5.8 by @dependabot in #777
  • build(deps): bump checkstyle from 10.9.3 to 10.10.0 by @dependabot in #792
  • build(deps): bump cyclonedx-maven-plugin from 2.7.7 to 2.7.8 by @dependabot in #794
  • build(deps): bump aws.sdk.version from 2.20.53 to 2.20.56 by @dependabot in #797
  • build(deps): bump spring-cloud-azure-dependencies from 5.0.0 to 5.1.0 by @dependabot in #800
  • build(deps): bump aws from 4.64.0 to 4.65.0 in /aws by @dependabot in #801
  • build(deps): bump hashicorp/google from 4.62.1 to 4.63.1 in /gcp by @dependabot in #799
  • build(deps): bump hashicorp/google-beta from 4.62.1 to 4.63.1 in /gcp by @dependabot in #791
  • build(deps): bump azurerm from 3.53.0 to 3.54.0 in /azure by @dependabot in #796
  • build(deps): bump http from 3.2.1 to 3.3.0 in /gcp by @dependabot in #793
  • build(deps): bump http from 3.2.1 to 3.3.0 in /azure by @dependabot in #798
  • build(deps): bump http from 3.2.1 to 3.3.0 in /aws by @dependabot in #795
  • build(deps): bump minimatch from 8.0.3 to 9.0.0 in /js by @dependabot in #779
  • build(deps): bump lycheeverse/lychee-action from 1.7.0 to 1.8.0 by @dependabot in #819

New Contributors

Full Changelog: 1.6.3...1.6.4

Special Thanks

Special thanks to @nbaars , @bendehaan , @Novice-expert , @puneeth072003 , @commjoen, @mikewoudenberg , and @h43z for their hard work on this release!