1.6.3: Http caching, bugfixes and LCM

What's Changed

Bugfixes

• Fix for string checks for challenge 7, 13, and 14 by @commjoen in #788

New features

• Disabling springdoc on heroku by @commjoen in #761
• Performance improvement 1: Enable Http caching of js/css resources. by @commjoen and @nbaars in #763

LCM

• build(deps): bump lycheeverse/lychee-action from 1.6.1 to 1.7.0 by @dependabot in #764
• build(deps-dev): bump @commitlint/config-conventional from 17.4.4 to 17.6.1 by @dependabot in #768
• build(deps-dev): bump eslint from 8.37.0 to 8.39.0 by @dependabot in #767
• build(deps): bump spring-boot-starter-parent from 3.0.5 to 3.0.6 by @dependabot in #771
• build(deps): bump maven-checkstyle-plugin from 3.2.1 to 3.2.2 by @dependabot in #774
• build(deps): bump cyclonedx-maven-plugin from 2.7.6 to 2.7.7 by @dependabot in #786
• build(deps): bump spotbugs-maven-plugin from 4.7.3.3 to 4.7.3.4 by @dependabot in #785
• build(deps): bump spring-cloud-gcp-dependencies from 4.1.3 to 4.2.0 by @dependabot in #770
• build(deps): bump aws.sdk.version from 2.20.39 to 2.20.53 by @dependabot in #787
• build(deps): bump hashicorp/google-beta from 4.59.0 to 4.62.1 in /gcp by @dependabot in #769
• build(deps): update terraform-aws-modules/vpc/aws requirement from ~> 3.19.0 to ~> 4.0.1 in /aws by @dependabot in #783
• build(deps): bump random from 3.4.3 to 3.5.1 in /aws by @dependabot in #781
• build(deps): bump aws from 4.61.0 to 4.64.0 in /aws by @dependabot in #780
• build(deps): bump terraform-aws-modules/eks/aws from 19.12.0 to 19.13.1 in /aws by @dependabot in #782
• build(deps): bump azurerm from 3.50.0 to 3.53.0 in /azure by @dependabot in #773
• build(deps): bump random from 3.4.3 to 3.5.1 in /gcp by @dependabot in #778
• build(deps): bump random from 3.4.3 to 3.5.1 in /azure by @dependabot in #776
• build(deps): bump hashicorp/google from 4.59.0 to 4.62.1 in /gcp by @dependabot in #775
• Update README.md by @commjoen in #766

Full Changelog: 1.6.2...1.6.3

Special Thanks

Special thanks to @commjoen and @nbaars for their hard work on this release!

1.6.2: Improved UI, big doc update, LCM, and Challenge29

What's Changed

This is a big documentation update, with which we are now at 100% passing of the OpenSSF: .
Next, we have a new challenge added, and are preparing to add a few more in a couple of weeks ;-).

Documentation:

• Fix: Small fix in Contributing.md by @puneeth072003 in #712
• fix: fix link in pre-commit badge by @bendehaan in #711
• feat(#680): first swagger api setup by @commjoen in #710
• fix: add new challenge label to issue template by @bendehaan in #720
• Feat(#695): mention AWS as a sponsor by @commjoen in #722
• Updates the Javadocs and required docs for OpenSSF by @commjoen in #718
• Add missing period by @szh in #725
• feat(#680): added more javadoc by @commjoen in #739
• Make readme more inviting by @commjoen in #759
• (noticket): adding missing contributors by @commjoen in #760
• Update readme with badge locations and setup linkedin post by @commjoen in #741

LCM:

• build(deps-dev): bump eslint from 8.36.0 to 8.37.0 by @dependabot in #733
• build(deps-dev): bump eslint-plugin-n from 15.6.1 to 15.7.0 by @dependabot in #735
• build(deps): bump spring-boot-starter-parent from 3.0.4 to 3.0.5 by @dependabot in #726
• build(deps): bump cyclonedx-maven-plugin from 2.7.5 to 2.7.6 by @dependabot in #730
• build(deps): bump checkstyle from 10.8.0 to 10.9.3 by @dependabot in #744
• build(deps): bump spotbugs-maven-plugin from 4.7.3.2 to 4.7.3.3 by @dependabot in #745
• build(deps): bump aws.sdk.version from 2.20.23 to 2.20.37 by @dependabot in #728
• build(deps): bump spring-cloud-dependencies from 2022.0.1 to 2022.0.2 by @dependabot in #748
• build(deps): bump spring-cloud-gcp-dependencies from 4.1.1 to 4.1.3 by @dependabot in #729
• build(deps): bump jruby-complete from 9.4.1.0 to 9.4.2.0 by @dependabot in #731
• build(deps): bump asciidoctor-maven-plugin from 2.2.2 to 2.2.3 by @dependabot in #746
• build(deps): bump thymeleaf-layout-dialect from 3.2.0 to 3.2.1 by @dependabot in #749
• build(deps): bump springdoc-openapi-starter-webmvc-ui from 2.0.4 to 2.1.0 by @dependabot in #747
• build(deps): bump aws.sdk.version from 2.20.37 to 2.20.38 by @dependabot in #750
• build(deps): bump spotbugs-annotations from 4.6.0 to 4.7.3 by @dependabot in #753
• build(deps): bump aws.sdk.version from 2.20.37 to 2.20.39 by @dependabot in #752
• build(deps): bump hashicorp/google from 4.55.0 to 4.59.0 in /gcp by @dependabot in #732
• build(deps): bump hashicorp/google-beta from 4.55.0 to 4.59.0 in /gcp by @dependabot in #734
• build(deps): bump azurerm from 3.45.0 to 3.50.0 in /azure by @dependabot in #736
• build(deps): bump terraform-aws-modules/eks/aws from 19.10.0 to 19.12.0 in /aws by @dependabot in #738
• build(deps): bump aws from 4.56.0 to 4.61.0 in /aws by @dependabot in #737
• build(deps): bump minimatch from 7.3.0 to 8.0.3 in /js by @dependabot in #754
• build(deps): bump jquery from 3.6.3 to 3.6.4 by @dependabot in #751

Bugfixes

• fix: save selected theme by @turjoc120 in #715

New Challenges

• Addition of Challenge 29 by @puneeth072003 in #697

New Contributors

• @szh made their first contribution in #725
• @turjoc120 made their first contribution in #715

Special thanks to

Special thanks to: @bendehaan , @puneeth072003 , @szh , @turjoc120, @nbaars , and @commjoen for their hard work on this release!

Full Changelog: 1.6.1...1.6.2

1.6.1: UI extended, OpenSSF compliance, improved Q/A, and Challenge28

What's Changed

UI Changes:

• Add a link to our OWASP Project page and add a Donate link for cloud cost coverage by @commjoen in #691
• feat(#707): Initial overhaul for ui, licenses to be included by @commjoen in #708

Bugfixes:

• Fix(#701): ui rendering on XS screens (stack not rendering) fixed: empty collumn filled again on mobile in portraid by @commjoen in #704

Improved Q/A and OpenSSF Compliance:

• Feat(#683): fix codeql build and a fix for detected issues by @commjoen in #693
• feat(#696): add pre-commit auto-fix by @bendehaan in #703
• feat(#684): add DAST with ZAP by @bendehaan in #705
• 698 Integrate spotbugs and fix many potential java bugs by @commjoen in #700

New Challenge:

• Adding Challenge 28 by @puneeth072003 in #690

Special thanks to:
Special thanks to @bendehaan , @puneeth072003, @nbaars , and @commjoen for making this release a reality!

Full Changelog: 1.6.0...1.6.1

1.6.0: Kubernetes 1.25, big development support update, new License, Okteto environment update, bug fixes, and LCM

What's Changed

Key Changes

the following items where the core of this release:

• BREAKING CHANGE: re-license project under AGPLv3 by @bendehaan in #627
• Upgrade to kubernetes 1.25 for all K8s environments by @commjoen in #652
• Enable CTF party in Okteto as we no longer always have heroku. Try https://wrongsecrets-ctf-commjoen.cloud.okteto.net/ . By @commjoen in #675

Bug fixes

The following bug fixes were introduced in order to have a smooth experience with the challenges as a user:

• Update challenge13.yml so that the workflow is triggered every month so you can do the challenge by @commjoen in #620
• fix(#676): replaced thymeleaf unwrapped expressions and updated contributing.md by @commjoen in #677
• Fix for challenge 19 and 20 on ARM: now all challenges work on (Linux/Mac OS) with ARM (aarch64) again.
• Updated with #649 RBAC detailed description reason by @madhuakula in #672

Development support updates

We had a lot of work in this release done to make it easier for you to contribute to the project:

• fix: improve PR template by @bendehaan so that PR checklists are more complete in #622
• feat: add CODEOWNERS by @bendehaan so that PRs are better automated in #629
• feat: add commitlint by @bendehaan in #628
• feat: add issue templates for three categories by @bendehaan in #655
• Create SECURITY.md by @commjoen in #656
• Beginner Guide Submission by @puneeth072003 in #653
• Extended support for ARM on linux and Musl based development environments: Feat(#618) detect musl by @commjoen in #664
• Adding the Table of contents by @puneeth072003 in #668
• doc(x): added @puneeth072003 as contributor by @commjoen in #669
• Change in code for windows users and adding remark in contributing.md by @puneeth072003 in #678
• feat: add eslint to pre-commit by @bendehaan in #688
• feat(#631):first podman and Colima test by @commjoen in #651
• include spring boot baeldung tutorial by @commjoen in #621
• Reduce confusion on slack channel links by @commjoen in #626
• Small cleanups from spring boot3 migration by @commjoen in #674

LCM/Patches:

• Bump class-validator and javascript-obfuscator in /js by @dependabot in #623
• Bump s4u/setup-maven-action from 1.6.0 to 1.7.0 by @dependabot in #633
• Bump lycheeverse/lychee-action from 1.5.4 to 1.6.1 by @dependabot in #63
• Bump cyclonedx-maven-plugin from 2.7.4 to 2.7.5 by @dependabot in #636
• Bump spring-boot-starter-parent from 3.0.2 to 3.0.3 by @dependabot in #643
• Bump spring-cloud-gcp-dependencies from 4.0.0 to 4.1.1 by @dependabot in #644
• Bump aws.sdk.version from 2.19.33 to 2.20.12 by @dependabot in #641
• Bump datatables from 1.13.1 to 1.13.2 by @dependabot in #645
• Update hashicorp/google requirement from ~> 4.52.0 to ~> 4.54.0 in /gcp by @dependabot in #642
• Bump terraform-aws-modules/eks/aws from 19.7.0 to 19.10.0 in /aws by @dependabot in #638
• Update aws requirement from ~> 4.53.0 to ~> 4.56.0 in /aws by @dependabot in #639
• Update hashicorp/google-beta requirement from ~> 4.52.0 to ~> 4.54.0 in /gcp by @dependabot in #637
• Update azurerm requirement from ~> 3.42.0 to ~> 3.45.0 in /azure by @dependabot in #635
• build(deps): bump cyclonedx-core-java from 7.3.1 to 7.3.2 by @dependabot in #662
• build(deps): bump checkstyle from 10.7.0 to 10.8.0 by @dependabot in #657
• build(deps): bump erzz/codeclimate-standalone from 0.0.4 to 0.0.5 by @dependabot in #671
• build(deps): bump minimatch from 6.1.6 to 7.3.0 in /js by @dependabot in #658
• build(deps): bump aws.sdk.version from 2.20.12 to 2.20.14 by @dependabot in #661
• build(deps): update hashicorp/google requirement from ~> 4.54.0 to ~> 4.55.0 in /gcp by @dependabot in #660
• build(deps): update hashicorp/google-beta requirement from ~> 4.54.0 to ~> 4.55.0 in /gcp by @dependabot in #659

New Contributors

• @puneeth072003 made their first contribution in #653

Special thanks to

Special thanks to @madhuakula , @bendehaan , @puneeth072003, @MarcinNowak-codes, and @commjoen for making this release a reality!

Full Changelog: 1.5.14...1.6.0

1.5.14: LCM, Windows binaries, webtop improvements & bugfixes

What's Changed

• Fixing Heroku test redirection to HTTPS based on suggestion from Spring community by @MarcinNowak-codes in #570
• Fixing bootstrap application by removing PortMapper from production configuration by @MarcinNowak-codes in #572
• Fix for #569 : Adding Windows Binaries and a detection method by @commjoen in #571
• limit windows development by @commjoen in #575
• Bump maven-checkstyle-plugin from 3.2.0 to 3.2.1 by @dependabot in #577
• Bump spring-boot-starter-parent from 3.0.1 to 3.0.2 by @dependabot in #578
• Bump cyclonedx-maven-plugin from 2.7.3 to 2.7.4 by @dependabot in #582
• Bump spring-cloud-gcp-dependencies from 3.4.1 to 3.4.2 by @dependabot in #583
• Bump aws.sdk.version from 2.19.8 to 2.19.21 by @dependabot in #584
• Bump minimatch from 5.1.2 to 6.1.5 in /js by @dependabot in #579
• Bump spring-cloud-azure-dependencies from 4.5.0 to 5.0.0 by @dependabot in #580
• Bump thymeleaf-layout-dialect from 3.1.0 to 3.2.0 by @dependabot in #585
• Bump checkstyle from 10.6.0 to 10.7.0 by @dependabot in #598
• Bump aws.sdk.version from 2.19.21 to 2.19.28 by @dependabot in #591
• Bump system-stubs-jupiter from 2.0.1 to 2.0.2 by @dependabot in #596
• Bump minimatch from 6.1.5 to 6.1.6 in /js by @dependabot in #600
• Revise docker images to have less & only relevant executables by @commjoen in #601
• Bump spring-cloud-gcp-dependencies from 3.4.2 to 4.0.0 by @dependabot in #597
• Bump terraform-aws-modules/eks/aws from 19.4.2 to 19.7.0 in /aws by @dependabot in #606
• Update hashicorp/google requirement from ~> 4.47.0 to ~> 4.52.0 in /gcp by @dependabot in #605
• Update hashicorp/google-beta requirement from ~> 4.47.0 to ~> 4.52.0 in /gcp by @dependabot in #604
• Update azurerm requirement from ~> 3.37.0 to ~> 3.42.0 in /azure by @dependabot in #603
• Update terraform-aws-modules/vpc/aws requirement from ~> 3.18.1 to ~> 3.19.0 in /aws by @dependabot in #595
• Update aws requirement from ~> 4.48.0 to ~> 4.53.0 in /aws by @dependabot in #602
• Bump jquery from 3.6.1 to 3.6.3 by @dependabot in #581
• Bump lombok from 1.18.24 to 1.18.26 by @dependabot in #607
• Bump spring-cloud-dependencies from 2022.0.0 to 2022.0.1 by @dependabot in #608
• Bump aws.sdk.version from 2.19.28 to 2.19.33 by @dependabot in #609
• Bump jruby-complete from 9.4.0.0 to 9.4.1.0 by @dependabot in #610

Full Changelog: 1.5.13...1.5.14

Thanks

We would like to thank @MarcinNowak-codes & @commjoen for their work on this release

1.5.13: Spring Boot 3, LCM, and Okteto support

What's Changed

• spring boot 3.0.0 by @MarcinNowak-codes in #518
• Add scanners (Trufflehog) by @commjoen in #531
• Go back in base image as newer ones don't always seem to work on aws? by @commjoen in #533
• Bump azure/setup-helm from 3.4 to 3.5 by @dependabot in #534
• Bump aws.sdk.version from 2.18.28 to 2.18.41 by @dependabot in #539
• Bump spring-cloud-azure-dependencies from 4.4.1 to 4.5.0 by @dependabot in #537
• Setup develop @ okteto button #535 by @commjoen in #542
• Bump bootstrap from 5.2.2 to 5.2.3 by @dependabot in #541
• Bump spring-cloud-gcp-dependencies from 3.4.0 to 3.4.1 by @dependabot in #538
• Bump datatables from 1.12.1 to 1.13.1 by @dependabot in #540
• fix: add envsubst to okteto by @bendehaan in #545
• Add a share-to-mastodon-button by @commjoen in #544
• Update pom.xml to make versioning consistent by @commjoen in #551
• fix: typo in readme by @bendehaan in #554
• Update readme to have intelliJ IDEA instructions by @commjoen in #552
• Bump cyclonedx-core-java from 7.2.0 to 7.3.1 by @dependabot in #550
• Bump thymeleaf-extras-springsecurity6 from 3.1.0.RELEASE to 3.1.1.RELEASE by @dependabot in #546
• Bump aws.sdk.version from 2.18.41 to 2.19.6 by @dependabot in #557
• Bump spring-boot-starter-parent from 3.0.0 to 3.0.1 by @dependabot in #549
• Bump spring-cloud-dependencies from 2021.0.4 to 2022.0.0 by @dependabot in #548
• Bump checkstyle from 10.5.0 to 10.6.0 by @dependabot in #565
• Bump minimatch from 5.1.1 to 5.1.2 in /js by @dependabot in #560
• Bump aws.sdk.version from 2.19.6 to 2.19.8 by @dependabot in #566
• Update hashicorp/google requirement from ~> 4.44.1 to ~> 4.47.0 in /gcp by @dependabot in #562
• Update aws requirement from ~> 4.45.0 to ~> 4.48.0 in /aws by @dependabot in #561
• Update hashicorp/google-beta requirement from ~> 4.44.1 to ~> 4.47.0 in /gcp by @dependabot in #564
• Bump terraform-aws-modules/eks/aws from 18.31.2 to 19.4.2 in /aws by @dependabot in #563
• Update azurerm requirement from ~> 3.33.0 to ~> 3.37.0 in /azure by @dependabot in #559
• Fixes for new TF provider in AWS by @commjoen in #567

Full Changelog: 1.5.12...1.5.13

Special thanks

Special thanks to @bendehaan , @MarcinNowak-codes , @nhumblot & @commjoen for their hard work on this release.

1.5.12: New Azure SDK & LCM

What's Changed

• Fix for kubernetes minikube tests by @commjoen in #516
• First attempt to migrate to azure its new SDKs for #490 & solve challenge 11 on azure again #225 by @commjoen in #500
• Bump aws.sdk.version from 2.18.24 to 2.18.28 by @dependabot in #523
• Bump checkstyle from 10.4 to 10.5.0 by @dependabot in #521
• Bump jruby-complete from 9.3.9.0 to 9.4.0.0 by @dependabot in #522
• Bump minimatch from 5.1.0 to 5.1.1 in /js by @dependabot in #519
• Replace depreciated security configuration by @MarcinNowak-codes in #526
• #525 Replace Asciidoctor::convert() and OptionsBuilder::options() dep… by @nhumblot in #528
• Spring Security 5.8.0 by @MarcinNowak-codes in #529
• Update aws requirement from ~> 4.41.0 to ~> 4.45.0 in /aws by @dependabot in #527

New Contributors

• @nhumblot made their first contribution in #528

Full Changelog: 1.5.11...1.5.12

##Special Thanks
Special thanks to @nhumblot , @MarcinNowak-codes , @commjoen & @saragluna for their work on this release.
Special thanks from the Azure SDK team for their support during this release.

1.5.11b Fix a few TF items

This release is a patch to fix some of the TF related issues as a deprecation for the http provider was not fixed properly in 1.5.11.

1.5.11: LCM, UI, and small updates

What's Changed

• first thank you to sponsors by @commjoen in #487
• Bump lycheeverse/lychee-action from 1.5.1 to 1.5.2 by @dependabot in #488
• Update README.md by @commjoen in #491
• Bump lycheeverse/lychee-action from 1.5.2 to 1.5.3 by @dependabot in #493
• Fix for CTFD issue (start with 0 instead of 1) by @commjoen in #492
• Add russian info by @commjoen in #495
• Adding Juiceshop links in FE challenges by @commjoen in #489
• Bump lycheeverse/lychee-action from 1.5.3 to 1.5.4 by @dependabot in #496
• Bump s4u/setup-maven-action from 1.5.1 to 1.6.0 by @dependabot in #498
• GCP: Migrate to new springboot SDK & update azure identity to 1.7.0 and mvn dependency-check 7.3.0 by @commjoen in #499
• Bump terraform-linters/setup-tflint from 2 to 3 by @dependabot in #503
• Datatable implementation (#415) by @commjoen in #450
• Added git and a clone for the k8s container. by @commjoen in #505
• Bump aws.sdk.version from 2.18.11 to 2.18.24 by @dependabot in #506
• Bump cyclonedx-maven-plugin from 2.7.2 to 2.7.3 by @dependabot in #515
• Update aws requirement from ~> 4.37.0 to ~> 4.41.0 in /aws by @dependabot in #507
• Bump terraform-aws-modules/eks/aws from 18.30.2 to 18.31.2 in /aws by @dependabot in #510
• Update hashicorp/google-beta requirement from ~> 4.42.0 to ~> 4.44.1 in /gcp by @dependabot in #509
• Update hashicorp/google requirement from ~> 4.42.0 to ~> 4.44.1 in /gcp by @dependabot in #511
• Update azurerm requirement from ~> 3.29.1 to ~> 3.33.0 in /azure by @dependabot in #508
• Bump azure-security-keyvault-secrets from 4.5.1 to 4.5.2 by @dependabot in #513

Full Changelog: 1.5.10...1.5.11

1.5.10: LCM, OWASP Migration & challenge text updates

What's Changed

• Bump azure/setup-helm from 3.3 to 3.4 by @dependabot in #464
• Move all references to the new location as part of #453 by @commjoen in #481
• Bump checkstyle from 10.3.4 to 10.4 by @dependabot in #479
• Bump spring.security.version from 5.7.4 to 5.7.5 by @dependabot in #471
• Bump libraries-bom from 26.1.3 to 26.1.4 by @dependabot in #480
• Bump aws.sdk.version from 2.17.285 to 2.18.7 by @dependabot in #483
• Bump azure-identity from 1.6.0 to 1.6.1 by @dependabot in #476
• Bump azure-security-keyvault-secrets from 4.5.0 to 4.5.1 by @dependabot in #478
• Update hashicorp/google-beta requirement from ~> 4.39.0 to ~> 4.42.0 in /gcp by @dependabot in #484
• Update hashicorp/google requirement from ~> 4.39.0 to ~> 4.42.0 in /gcp by @dependabot in #482
• Update http requirement from ~> 3.1.0 to ~> 3.2.0 in /gcp by @dependabot in #475
• Update terraform-aws-modules/vpc/aws requirement from ~> 3.16.0 to ~> 3.18.1 in /aws by @dependabot in #466
• Update terraform-aws-modules/iam/aws requirement from ~> 4.12 to ~> 5.5 in /aws by @dependabot in #472
• Update aws requirement from ~> 4.33.0 to ~> 4.37.0 in /aws by @dependabot in #473
• Bump terraform-aws-modules/eks/aws from 18.30.0 to 18.30.2 in /aws by @dependabot in #469
• Update http requirement from ~> 3.1.0 to ~> 3.2.0 in /azure by @dependabot in #468
• Fix minimatch vuln by @commjoen in #485
• fix for minimatch -2 by @commjoen in #486

Full Changelog: 1.5.9...1.5.10

** Special thanks **:
Special thanks to @bendehaan and @hblankenship for their work on this release!