Merge develop into master for release #3283
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- add command line parameter and extend parts to save the specified browser id - update tests that needed change
2 - After Github Action release: Merge master back into develop [auto-generated]
…se-workflow-forsechub-action Feature 3202 create release workflow for SecHub Action
also - updated action.yml - updated package-lock.json (npm ci) - updated release action order
…entation docs updated #3216
- pds config provides new field "envWhitelist" as an array - environment cleaner has now only one method (comma separation parts are now removed) - refactoring: logic for environment variables is now complete inside PDSExecutionEnvironmentService - PDSExecutionEnvironmentService tests now calculated values (was not done before) - removed settings in application-pds_integrationtest.yml and setup this in prepare mock pds config - documented "envWhitelist" in pds documentation
…nv-whitelist-as-config-instead-variable Replace PDS_SCRIPT_ENV_WHITELIST env entry by PDS config entry
* Integrated upload classes and archive support for prepare #3026 * Moved LogSanitizer in pds-commons-core #3026 * Fixed storage problem and enhanced integration tests #3026 - fixed failure in javadoc of Scenario 22 * Skopeo call changes #3026 - replaced process builder call for cleanup on skopeo with java file api variant (delete auth file) - skopeo now called with stdin input for password - introduced process builder factory + tests - process adapter supports now user input per stdin - added test for process adapter support (stdin) - moved logic for skopeo location conversion to own class (SkopeoLocationConverter) and wrote tests, afterwards implementation was changed * Changed directory cleanup from process to plain java #3026 - introduced DirectoryAndFileSupport, wrote tests - introduced AutoCleanupGitFilesFilter, wrote tests - updated GitWrapperTest - separated former git auto clean environment entry to KEY_PDS_PREPARE_MODULE_GIT_REMOVE_GIT_FILES_BEFORE_UPLOAD KEY_PDS_PREPARE_MODULE_GIT_CLONE_WITHOUT_GIT_HISTORY - changed environment entries for skopeo as well, everything from a module is now prefixed "pds.prepare.module." etc. * Changed git prepare module cleanup behavior and documentatino #3026 - when git history is not wanted, the .git folder is now always removed - additional gitfiles are treated extra - pds config file in pds prepare solution has now the parameters inside as optional --------- Co-authored-by: Albert Tregnaghi <[email protected]>
- `DOWNLOAD_FOLDER` (not necessary) - `HELPER_FOLDER` only used by findsecuritybugs(prod), pds-base (mock), scancode (prod + mock), tern (mock) - `MOCK_FOLDER` added to all mocked products - `PDS_VERSION` only used by scancode for output - `SCRIPT_FOLDER` used by pmd and gitleaks - `TOOL_FOLDER` added to all real products
…y-envvar-visiblity-for-pds-solutions Added necessary environment whitelist entries for pds-solutions #3226
Bumps [gradle/actions](https://github.com/gradle/actions) from af6e5767241073b8ab20cc8cf7e95ec63fadc160 to dbbdc275be76ac10734476cc723d82dfe7ec6eda. - [Release notes](https://github.com/gradle/actions/releases) - [Commits](gradle/actions@af6e576...dbbdc27) --- updated-dependencies: - dependency-name: gradle/actions dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@a5ac7e5...692973e) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
…/actions/checkout-4.1.7 Bump actions/checkout from 4.1.6 to 4.1.7
…/gradle/actions-dbbdc275be76ac10734476cc723d82dfe7ec6eda Bump gradle/actions from af6e5767241073b8ab20cc8cf7e95ec63fadc160 to dbbdc275be76ac10734476cc723d82dfe7ec6eda
- documentation build also changed - normal unit tests do disable the assertion - added unit tests - added spring boot test - changed upload size configuration class from service to component
…ome-config-to-env-variables-only PDS start, allow some config parts only as ENV variables
- environment registry has now dedicated methods to distinguish between nullable values and notNullValue definitions Means: it is ensured, that a null vlaue at configuration time is no longer allowed - except when it is really optional - added tests for crypto access - added missing PDS documentation for disable feature of assertion
…tup-problems-with-securityconfiguration Fix PDS startup problems #3246
…on-name-problem Feature 3243 fix extraction name problem
* implement SafeArchiveInputStream and use it in ArchiveSupport to safeguard against ZipBombs #3029
…TYPE-into-default-whitelist Added LOGGING_TYPE to default script environment whitelist #3252
- problem was that the fallback objects used at asciidoc generation, did not contain non-nullable values - wrote unit test to check that this fails in normal build as well (fail early) - UNDEFINED values are now not only set by spring container, but also set as default when used as POJO
…documentation-build Fixed documentation build by providing correct fallback objects #3257
- main problem was that transfer managers were not shutdown when no longer needed - removed also old convienence getter method for job storage (was only used by one test and one implementation) - renamed getJobStorage to createJobStorage and mentioned in javadoc the close method must be called after no longer need of object - close job storage on every point (PDS, SecHub and also prepare wrapper when no longer needed
- fixes failing test, the method and the injected object are not necessary
- only project6 integration test was executed before - changed this, now multi project test is executed instead again
…epare-s3-storage-problem Feature 3255 solve PDS prepare s3 storage problem
…-of-ajaxspider-configurable Make browser to use during ajax scan configurable #1483
- Added storage variables as non-spring parameter - Added additional tags to skopeo wrapper - Make git-clone into repository name
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.