From 342f0f2fdbd462cd7f59689a389514eecfc4a96e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Dec 2025 15:37:14 +0000 Subject: [PATCH 01/31] Bump the gradle-version-updates group Bumps the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 3 updates: [org.mockito:mockito-core](https://github.com/mockito/mockito), [org.mockito:mockito-junit-jupiter](https://github.com/mockito/mockito) and org.sonarqube. Updates `org.mockito:mockito-core` from 5.20.0 to 5.21.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.20.0...v5.21.0) Updates `org.mockito:mockito-junit-jupiter` from 5.20.0 to 5.21.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.20.0...v5.21.0) Updates `org.sonarqube` from 7.2.0.6526 to 7.2.2.6593 --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-version: 5.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: org.mockito:mockito-junit-jupiter dependency-version: 5.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: org.sonarqube dependency-version: 7.2.2.6593 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gradle-version-updates ... Signed-off-by: dependabot[bot] --- hooks/persistence-defectdojo/hook/build.gradle | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle index 6e870eee2..65efcd46f 100644 --- a/hooks/persistence-defectdojo/hook/build.gradle +++ b/hooks/persistence-defectdojo/hook/build.gradle @@ -8,7 +8,7 @@ plugins { // https://github.com/ben-manes/gradle-versions-plugin // Run: ./gradlew dependencyUpdates -Drevision=release id "com.github.ben-manes.versions" version "0.53.0" - id "org.sonarqube" version "7.2.0.6526" + id "org.sonarqube" version "7.2.2.6593" } group = "io.securecodebox" @@ -40,8 +40,8 @@ dependencies { // https://github.com/junit-team/junit5-samples/blob/r5.10.0/junit5-jupiter-starter-gradle/build.gradle testImplementation(platform("org.junit:junit-bom:6.0.1")) testImplementation("org.junit.jupiter:junit-jupiter") - testImplementation group: "org.mockito", name: "mockito-core", version: "5.20.0" - testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.20.0" + testImplementation group: "org.mockito", name: "mockito-core", version: "5.21.0" + testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.21.0" testImplementation group: 'org.hamcrest', name: 'java-hamcrest', version: '2.0.0.0' testImplementation group: 'uk.org.webcompere', name: 'system-stubs-jupiter', version: '2.1.8' testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine") From 3cbe42e130d9a5ccfa7cae859ef477d34adbbc17 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 02:31:31 +0000 Subject: [PATCH 02/31] Update dependency go-task/task to v3.46.2 --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9fd03885b..0782604f3 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -30,7 +30,7 @@ env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest HELM_PLUGIN_UNITTEST_VERSION: "1.0.3" # renovate: datasource=github-releases depName=go-task/task - TASK_VERSION: "v3.45.5" + TASK_VERSION: "v3.46.2" jobs: test-nodejs-scanner-test-helpers: From f20ef6f5e2baa8e80570d5388ffca353be8c8653 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Dec 2025 15:37:54 +0000 Subject: [PATCH 03/31] Bump @types/node Bumps the npm-version-updates group with 1 update in the /parser-sdk/nodejs directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `@types/node` from 25.0.2 to 25.0.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] --- parser-sdk/nodejs/package-lock.json | 14 +++++++------- parser-sdk/nodejs/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index b718a6c7e..cea9275d1 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -16,7 +16,7 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.2" + "@types/node": "^25.0.3" } }, "node_modules/@jsep-plugin/assignment": { @@ -81,9 +81,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.0.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", - "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", + "version": "25.0.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", + "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", "dependencies": { "undici-types": "~7.16.0" } @@ -885,9 +885,9 @@ "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" }, "@types/node": { - "version": "25.0.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", - "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", + "version": "25.0.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", + "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", "requires": { "undici-types": "~7.16.0" } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index de3ba5da4..61268d115 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -18,6 +18,6 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.2" + "@types/node": "^25.0.3" } } From ce65fb26d4de040c0ca309cdc585ee74edc6da06 Mon Sep 17 00:00:00 2001 From: Samreet Singh Date: Fri, 19 Dec 2025 20:36:04 +0100 Subject: [PATCH 04/31] Revert "Bump @types/node" This reverts commit f20ef6f5e2baa8e80570d5388ffca353be8c8653. Caused issues in build process Signed-off-by: Samreet Singh --- parser-sdk/nodejs/package-lock.json | 14 +++++++------- parser-sdk/nodejs/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index cea9275d1..b718a6c7e 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -16,7 +16,7 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.3" + "@types/node": "^25.0.2" } }, "node_modules/@jsep-plugin/assignment": { @@ -81,9 +81,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.0.3", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", - "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", + "version": "25.0.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", + "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", "dependencies": { "undici-types": "~7.16.0" } @@ -885,9 +885,9 @@ "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" }, "@types/node": { - "version": "25.0.3", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", - "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", + "version": "25.0.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", + "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", "requires": { "undici-types": "~7.16.0" } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index 61268d115..de3ba5da4 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -18,6 +18,6 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.3" + "@types/node": "^25.0.2" } } From 17e5b923e1d8010bcb0e61205f717ae193c14e5f Mon Sep 17 00:00:00 2001 From: Samreet Singh Date: Fri, 19 Dec 2025 20:37:17 +0100 Subject: [PATCH 05/31] Revert "Update dependency go-task/task to v3.46.2" This reverts commit 3cbe42e130d9a5ccfa7cae859ef477d34adbbc17. Caused issues with integration tests Signed-off-by: Samreet Singh --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0782604f3..9fd03885b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -30,7 +30,7 @@ env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest HELM_PLUGIN_UNITTEST_VERSION: "1.0.3" # renovate: datasource=github-releases depName=go-task/task - TASK_VERSION: "v3.46.2" + TASK_VERSION: "v3.45.5" jobs: test-nodejs-scanner-test-helpers: From 86d8d841c4a6bf586e3a557db3f4b5e6b5c26ceb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Dec 2025 09:03:12 +0000 Subject: [PATCH 06/31] Bump the npm-version-updates group in /documentation with 2 updates Bumps the npm-version-updates group in /documentation with 2 updates: [sass](https://github.com/sass/dart-sass) and [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `sass` from 1.96.0 to 1.97.0 - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.96.0...1.97.0) Updates `@types/node` from 25.0.2 to 25.0.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: sass dependency-version: 1.97.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: "@types/node" dependency-version: 25.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] --- documentation/package-lock.json | 16 ++++++++-------- documentation/package.json | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/documentation/package-lock.json b/documentation/package-lock.json index 16bf8a0e4..962fe773d 100644 --- a/documentation/package-lock.json +++ b/documentation/package-lock.json @@ -24,13 +24,13 @@ "react": "^19.2.3", "react-dom": "^19.2.3", "rimraf": "^6.1.2", - "sass": "1.96" + "sass": "1.97" }, "devDependencies": { "@docusaurus/module-type-aliases": "^3.6.0", "@docusaurus/tsconfig": "^3.9.2", "@docusaurus/types": "^3.6.0", - "@types/node": "^25.0.2", + "@types/node": "^25.0.3", "@types/react": "^19.2.7", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", @@ -5459,9 +5459,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.0.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", - "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", + "version": "25.0.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", + "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", "license": "MIT", "dependencies": { "undici-types": "~7.16.0" @@ -16923,9 +16923,9 @@ "license": "MIT" }, "node_modules/sass": { - "version": "1.96.0", - "resolved": "https://registry.npmjs.org/sass/-/sass-1.96.0.tgz", - "integrity": "sha512-8u4xqqUeugGNCYwr9ARNtQKTOj4KmYiJAVKXf2CTIivTCR51j96htbMKWDru8H5SaQWpyVgTfOF8Ylyf5pun1Q==", + "version": "1.97.1", + "resolved": "https://registry.npmjs.org/sass/-/sass-1.97.1.tgz", + "integrity": "sha512-uf6HoO8fy6ClsrShvMgaKUn14f2EHQLQRtpsZZLeU/Mv0Q1K5P0+x2uvH6Cub39TVVbWNSrraUhDAoFph6vh0A==", "license": "MIT", "peer": true, "dependencies": { diff --git a/documentation/package.json b/documentation/package.json index 9c1a4c238..01d0e7ae3 100644 --- a/documentation/package.json +++ b/documentation/package.json @@ -34,7 +34,7 @@ "react": "^19.2.3", "react-dom": "^19.2.3", "rimraf": "^6.1.2", - "sass": "1.96" + "sass": "1.97" }, "browserslist": { "production": [ @@ -52,7 +52,7 @@ "@docusaurus/module-type-aliases": "^3.6.0", "@docusaurus/tsconfig": "^3.9.2", "@docusaurus/types": "^3.6.0", - "@types/node": "^25.0.2", + "@types/node": "^25.0.3", "@types/react": "^19.2.7", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", From 4d14bf81a8eb73a6e2e7669336cb1ffe1198ea66 Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Sat, 20 Dec 2025 09:23:40 +0000 Subject: [PATCH 07/31] Upgrading subfinder from v2.10.1 to v2.11.0 Signed-off-by: secureCodeBoxBot --- scanners/subfinder/Chart.yaml | 2 +- scanners/subfinder/README.md | 2 +- scanners/subfinder/docs/README.DockerHub-Parser.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scanners/subfinder/Chart.yaml b/scanners/subfinder/Chart.yaml index 7ee5e363d..913922217 100644 --- a/scanners/subfinder/Chart.yaml +++ b/scanners/subfinder/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the subfinder security Scanner that integrates wit type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v2.10.1" +appVersion: "v2.11.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/projectdiscovery/subfinder/releases/latest diff --git a/scanners/subfinder/README.md b/scanners/subfinder/README.md index a636193cb..a872c1261 100644 --- a/scanners/subfinder/README.md +++ b/scanners/subfinder/README.md @@ -3,7 +3,7 @@ title: "subfinder" category: "scanner" type: "Network" state: "released" -appVersion: "v2.10.1" +appVersion: "v2.11.0" usecase: "Subdomain Enumeration Scanner" --- diff --git a/scanners/subfinder/docs/README.DockerHub-Parser.md b/scanners/subfinder/docs/README.DockerHub-Parser.md index e4e5ad9bf..dde119c8a 100644 --- a/scanners/subfinder/docs/README.DockerHub-Parser.md +++ b/scanners/subfinder/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v2.10.1` +- tagged releases, e.g. `v2.11.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://github.com/projectdiscovery/subfinder. From f8953bb7eb0e5fc38f7560b3c84cb7f6b2ba034d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Dec 2025 09:04:49 +0000 Subject: [PATCH 08/31] Bump @types/node Bumps the npm-version-updates group with 1 update in the /parser-sdk/nodejs directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `@types/node` from 25.0.2 to 25.0.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] --- parser-sdk/nodejs/package-lock.json | 14 +++++++------- parser-sdk/nodejs/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index b718a6c7e..cea9275d1 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -16,7 +16,7 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.2" + "@types/node": "^25.0.3" } }, "node_modules/@jsep-plugin/assignment": { @@ -81,9 +81,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.0.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", - "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", + "version": "25.0.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", + "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", "dependencies": { "undici-types": "~7.16.0" } @@ -885,9 +885,9 @@ "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" }, "@types/node": { - "version": "25.0.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz", - "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==", + "version": "25.0.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", + "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", "requires": { "undici-types": "~7.16.0" } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index de3ba5da4..61268d115 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -18,6 +18,6 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.2" + "@types/node": "^25.0.3" } } From 21832d1aa360b3a79feaf5a7a89d1def9aecbe20 Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Wed, 31 Dec 2025 09:24:51 +0000 Subject: [PATCH 09/31] Upgrading sslyze from 6.2.0 to 6.3.0 Signed-off-by: secureCodeBoxBot --- scanners/sslyze/Chart.yaml | 2 +- scanners/sslyze/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/sslyze/Chart.yaml b/scanners/sslyze/Chart.yaml index f9678a225..1d396e7bd 100644 --- a/scanners/sslyze/Chart.yaml +++ b/scanners/sslyze/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the SSLyze security scanner that integrates with t type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "6.2.0" +appVersion: "6.3.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/nabla-c0d3/sslyze/releases/latest diff --git a/scanners/sslyze/README.md b/scanners/sslyze/README.md index 519275184..68a8643b5 100644 --- a/scanners/sslyze/README.md +++ b/scanners/sslyze/README.md @@ -3,7 +3,7 @@ title: "SSLyze" category: "scanner" type: "SSL" state: "released" -appVersion: "6.2.0" +appVersion: "6.3.0" usecase: "SSL/TLS Configuration Scanner" --- From 3c9ab7a0581d2495ba248866d4bd976ceda3852b Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Thu, 1 Jan 2026 09:24:40 +0000 Subject: [PATCH 10/31] Upgrading nuclei from v3.6.1 to v3.6.2 Signed-off-by: secureCodeBoxBot --- scanners/nuclei/Chart.yaml | 2 +- scanners/nuclei/README.md | 2 +- scanners/nuclei/docs/README.DockerHub-Parser.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scanners/nuclei/Chart.yaml b/scanners/nuclei/Chart.yaml index 0c8bf0f28..1b245dfcb 100644 --- a/scanners/nuclei/Chart.yaml +++ b/scanners/nuclei/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the nuclei security scanner that integrates with t type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v3.6.1" +appVersion: "v3.6.2" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/projectdiscovery/nuclei/releases/latest diff --git a/scanners/nuclei/README.md b/scanners/nuclei/README.md index ec71f4eee..658b1b4cb 100644 --- a/scanners/nuclei/README.md +++ b/scanners/nuclei/README.md @@ -3,7 +3,7 @@ title: "Nuclei" category: "scanner" type: "Website" state: "released" -appVersion: "v3.6.1" +appVersion: "v3.6.2" usecase: "Nuclei is a fast, template based vulnerability scanner." --- diff --git a/scanners/nuclei/docs/README.DockerHub-Parser.md b/scanners/nuclei/docs/README.DockerHub-Parser.md index 9e14ec012..4419e4793 100644 --- a/scanners/nuclei/docs/README.DockerHub-Parser.md +++ b/scanners/nuclei/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v3.6.1` +- tagged releases, e.g. `v3.6.2` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/nuclei. From 8f6ca6255213029cb61e881c947727da70562c7a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 13:35:39 +0000 Subject: [PATCH 11/31] Bump qs Bumps the npm-security-updates group with 1 update in the /documentation directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.13.0 to 6.14.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](https://github.com/ljharb/qs/compare/v6.13.0...v6.14.1) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.1 dependency-type: indirect dependency-group: npm-security-updates ... Signed-off-by: dependabot[bot] --- documentation/package-lock.json | 47 ++++++++++++++++++++++----------- 1 file changed, 31 insertions(+), 16 deletions(-) diff --git a/documentation/package-lock.json b/documentation/package-lock.json index 962fe773d..fc64a3ac9 100644 --- a/documentation/package-lock.json +++ b/documentation/package-lock.json @@ -8718,39 +8718,39 @@ } }, "node_modules/express": { - "version": "4.21.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", - "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", + "version": "4.22.1", + "resolved": "https://registry.npmjs.org/express/-/express-4.22.1.tgz", + "integrity": "sha512-F2X8g9P1X7uCPZMA3MVf9wcTqlyNp7IhH5qPCI0izhaOIYXaW9L535tGA3qmjRzpH+bZczqq7hVKxTR4NWnu+g==", "license": "MIT", "dependencies": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.3", - "content-disposition": "0.5.4", + "body-parser": "~1.20.3", + "content-disposition": "~0.5.4", "content-type": "~1.0.4", - "cookie": "0.7.1", - "cookie-signature": "1.0.6", + "cookie": "~0.7.1", + "cookie-signature": "~1.0.6", "debug": "2.6.9", "depd": "2.0.0", "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "etag": "~1.8.1", - "finalhandler": "1.3.1", - "fresh": "0.5.2", - "http-errors": "2.0.0", + "finalhandler": "~1.3.1", + "fresh": "~0.5.2", + "http-errors": "~2.0.0", "merge-descriptors": "1.0.3", "methods": "~1.1.2", - "on-finished": "2.4.1", + "on-finished": "~2.4.1", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.12", + "path-to-regexp": "~0.1.12", "proxy-addr": "~2.0.7", - "qs": "6.13.0", + "qs": "~6.14.0", "range-parser": "~1.2.1", "safe-buffer": "5.2.1", - "send": "0.19.0", - "serve-static": "1.16.2", + "send": "~0.19.0", + "serve-static": "~1.16.2", "setprototypeof": "1.2.0", - "statuses": "2.0.1", + "statuses": "~2.0.1", "type-is": "~1.6.18", "utils-merge": "1.0.1", "vary": "~1.1.2" @@ -8796,6 +8796,21 @@ "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==", "license": "MIT" }, + "node_modules/express/node_modules/qs": { + "version": "6.14.1", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz", + "integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==", + "license": "BSD-3-Clause", + "dependencies": { + "side-channel": "^1.1.0" + }, + "engines": { + "node": ">=0.6" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/express/node_modules/range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", From c1e9595e18a56d45b84ca395eb3c46f6d4f4f59c Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 7 Jan 2026 10:36:47 +0100 Subject: [PATCH 12/31] Ensure Host findings still have a valid location even when they are not named Signed-off-by: Jannik Hollenbach --- scanners/nmap/parser/parser.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js index afa97cfb5..d6a71e6a1 100644 --- a/scanners/nmap/parser/parser.js +++ b/scanners/nmap/parser/parser.js @@ -52,7 +52,7 @@ function transformToFindings(hosts) { name: `Host: ${getHostOrIp({ hostname, ips })}`, category: "Host", description: "Found a host", - location: hostname, + location: getHostOrIp({ hostname, ips }), severity: "INFORMATIONAL", osi_layer: "NETWORK", attributes: { From 31d9ab0ebc2022b7691134901039dfe15098c730 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 7 Jan 2026 10:40:19 +0100 Subject: [PATCH 13/31] Update snapshots to include location for unnamed hosts Signed-off-by: Jannik Hollenbach --- scanners/nmap/parser/parser.test.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scanners/nmap/parser/parser.test.js b/scanners/nmap/parser/parser.test.js index 3d4083192..a5ffda26e 100644 --- a/scanners/nmap/parser/parser.test.js +++ b/scanners/nmap/parser/parser.test.js @@ -1202,7 +1202,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.32", "name": "Host: 192.168.178.32", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", @@ -1217,7 +1217,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.42", "name": "Host: 192.168.178.42", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", @@ -1232,7 +1232,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.49", "name": "Host: 192.168.178.49", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", @@ -1247,7 +1247,7 @@ test("should parse output of runs run --verbose properly", async () => { }, "category": "Host", "description": "Found a host", - "location": null, + "location": "192.168.178.166", "name": "Host: 192.168.178.166", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", From db02b49722c9e6a23f8f83eaa96a966ac77bc3c6 Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Thu, 8 Jan 2026 09:25:21 +0000 Subject: [PATCH 14/31] Upgrading semgrep from 1.146.0 to 1.147.0 Signed-off-by: secureCodeBoxBot --- scanners/semgrep/Chart.yaml | 2 +- scanners/semgrep/README.md | 2 +- scanners/semgrep/docs/README.DockerHub-Parser.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scanners/semgrep/Chart.yaml b/scanners/semgrep/Chart.yaml index 08949b28a..5bc648901 100644 --- a/scanners/semgrep/Chart.yaml +++ b/scanners/semgrep/Chart.yaml @@ -22,7 +22,7 @@ version: "v3.1.0-alpha1" # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.146.0" +appVersion: "1.147.0" annotations: versionApi: https://api.github.com/repos/semgrep/semgrep/releases/latest supported-platforms: linux/amd64,linux/arm64 diff --git a/scanners/semgrep/README.md b/scanners/semgrep/README.md index 7d01a4101..13c9c0fa8 100644 --- a/scanners/semgrep/README.md +++ b/scanners/semgrep/README.md @@ -3,7 +3,7 @@ title: "Semgrep" category: "scanner" type: "Repository" state: "released" -appVersion: "1.146.0" +appVersion: "1.147.0" usecase: "Static Code Analysis" --- diff --git a/scanners/semgrep/docs/README.DockerHub-Parser.md b/scanners/semgrep/docs/README.DockerHub-Parser.md index ec31fa525..5b0269a1a 100644 --- a/scanners/semgrep/docs/README.DockerHub-Parser.md +++ b/scanners/semgrep/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `1.146.0` +- tagged releases, e.g. `1.147.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/semgrep. From 82bd6c7b74b92526477a4e07c0a7fb20237b93ba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 09:03:10 +0000 Subject: [PATCH 15/31] Bump sass in /documentation in the npm-version-updates group Bumps the npm-version-updates group in /documentation with 1 update: [sass](https://github.com/sass/dart-sass). Updates `sass` from 1.97.1 to 1.97.2 - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.97.1...1.97.2) --- updated-dependencies: - dependency-name: sass dependency-version: 1.97.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] --- documentation/package-lock.json | 36 ++++----------------------------- 1 file changed, 4 insertions(+), 32 deletions(-) diff --git a/documentation/package-lock.json b/documentation/package-lock.json index fc64a3ac9..e6483b948 100644 --- a/documentation/package-lock.json +++ b/documentation/package-lock.json @@ -247,7 +247,6 @@ "resolved": "https://registry.npmjs.org/@algolia/client-search/-/client-search-5.40.1.tgz", "integrity": "sha512-Mw6pAUF121MfngQtcUb5quZVqMC68pSYYjCRZkSITC085S3zdk+h/g7i6FxnVdbSU6OztxikSDMh1r7Z+4iPlA==", "license": "MIT", - "peer": true, "dependencies": { "@algolia/client-common": "5.40.1", "@algolia/requester-browser-xhr": "5.40.1", @@ -386,7 +385,6 @@ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", "license": "MIT", - "peer": true, "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.26.0", @@ -2191,7 +2189,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" }, @@ -2214,7 +2211,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" } @@ -2324,7 +2320,6 @@ "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -2746,7 +2741,6 @@ "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -3428,7 +3422,6 @@ "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-3.9.2.tgz", "integrity": "sha512-HbjwKeC+pHUFBfLMNzuSjqFE/58+rLVKmOU3lxQrpsxLBOGosYco/Q0GduBb0/jEMRiyEqjNT/01rRdOMWq5pw==", "license": "MIT", - "peer": true, "dependencies": { "@docusaurus/babel": "3.9.2", "@docusaurus/bundler": "3.9.2", @@ -3610,7 +3603,6 @@ "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-3.9.2.tgz", "integrity": "sha512-C5wZsGuKTY8jEYsqdxhhFOe1ZDjH0uIYJ9T/jebHwkyxqnr4wW0jTkB72OMqNjsoQRcb0JN3PcSeTwFlVgzCZg==", "license": "MIT", - "peer": true, "dependencies": { "@docusaurus/core": "3.9.2", "@docusaurus/logger": "3.9.2", @@ -4397,7 +4389,6 @@ "resolved": "https://registry.npmjs.org/@mdx-js/react/-/react-3.1.1.tgz", "integrity": "sha512-f++rKLQgUVYDAtECQ6fn/is15GkEH9+nZPM3MS0RcxVqoTfawHvDlSCH7JbMhAM6uJ32v3eXLvLmLvjGu7PTQw==", "license": "MIT", - "peer": true, "dependencies": { "@types/mdx": "^2.0.0" }, @@ -5126,7 +5117,6 @@ "resolved": "https://registry.npmjs.org/@svgr/core/-/core-8.1.0.tgz", "integrity": "sha512-8QqtOQT5ACVlmsvKOJNEaWmRPmcojMOzCz4Hs2BGG/toAp/K38LcsMRyLp349glq5AzJbCEeimEoxaX6v/fLrA==", "license": "MIT", - "peer": true, "dependencies": { "@babel/core": "^7.21.3", "@svgr/babel-preset": "8.1.0", @@ -5504,7 +5494,6 @@ "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.7.tgz", "integrity": "sha512-MWtvHrGZLFttgeEj28VXHxpmwYbor/ATPYbBfSFZEIRK0ecCFLl2Qo55z52Hss+UV9CRN7trSeq1zbgx7YDWWg==", "license": "MIT", - "peer": true, "dependencies": { "csstype": "^3.2.2" } @@ -5856,7 +5845,6 @@ "version": "6.4.2", "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.2.tgz", "integrity": "sha512-XtGIhXwF8YM8bJhGxG5kXgjkEuNGLTkoYqVE+KMR+aspr4KGYmKYg7yUe3KghyQ9yheNwLnjmzh/7+gfDBmHCQ==", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -5957,7 +5945,6 @@ "version": "6.12.6", "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "peer": true, "dependencies": { "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", @@ -6021,7 +6008,6 @@ "resolved": "https://registry.npmjs.org/algoliasearch/-/algoliasearch-5.40.1.tgz", "integrity": "sha512-iUNxcXUNg9085TJx0HJLjqtDE0r1RZ0GOGrt8KNQqQT5ugu8lZsHuMUYW/e0lHhq6xBvmktU9Bw4CXP9VQeKrg==", "license": "MIT", - "peer": true, "dependencies": { "@algolia/abtesting": "1.6.1", "@algolia/client-abtesting": "5.40.1", @@ -6503,7 +6489,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "baseline-browser-mapping": "^2.8.3", "caniuse-lite": "^1.0.30001741", @@ -7447,7 +7432,6 @@ "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -14299,7 +14283,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "nanoid": "^3.3.11", "picocolors": "^1.1.1", @@ -15203,7 +15186,6 @@ "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz", "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==", "license": "MIT", - "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -15971,7 +15953,6 @@ "resolved": "https://registry.npmjs.org/react/-/react-19.2.3.tgz", "integrity": "sha512-Ku/hhYbVjOQnXDZFv2+RibmLFGwFdeeKHFcOTlrt7xplBnya5OGn/hIRDsqDiSUcfORsDC7MPxwork8jBwsIWA==", "license": "MIT", - "peer": true, "engines": { "node": ">=0.10.0" } @@ -15981,7 +15962,6 @@ "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.3.tgz", "integrity": "sha512-yELu4WmLPw5Mr/lmeEpox5rw3RETacE++JgHqQzd2dg+YbJuat3jH4ingc+WPZhxaoFzdv9y33G+F7Nl5O0GBg==", "license": "MIT", - "peer": true, "dependencies": { "scheduler": "^0.27.0" }, @@ -16052,7 +16032,6 @@ "resolved": "https://registry.npmjs.org/@docusaurus/react-loadable/-/react-loadable-6.0.0.tgz", "integrity": "sha512-YMMxTUQV/QFSnbgrP3tjDzLHRg7vsbMn8e9HAa8o/1iXoiomo48b7sk/kkmWEuWNDPJVlKSJRB6Y2fHqdJk+SQ==", "license": "MIT", - "peer": true, "dependencies": { "@types/react": "*" }, @@ -16079,7 +16058,6 @@ "version": "5.3.4", "resolved": "https://registry.npmjs.org/react-router/-/react-router-5.3.4.tgz", "integrity": "sha512-Ys9K+ppnJah3QuaRiLxk+jDWOR1MekYQrlytiXxC1RyfbdsZkS5pvKAzCCr031xHixZwpnsYNT5xysdFHQaYsA==", - "peer": true, "dependencies": { "@babel/runtime": "^7.12.13", "history": "^4.9.0", @@ -16938,11 +16916,10 @@ "license": "MIT" }, "node_modules/sass": { - "version": "1.97.1", - "resolved": "https://registry.npmjs.org/sass/-/sass-1.97.1.tgz", - "integrity": "sha512-uf6HoO8fy6ClsrShvMgaKUn14f2EHQLQRtpsZZLeU/Mv0Q1K5P0+x2uvH6Cub39TVVbWNSrraUhDAoFph6vh0A==", + "version": "1.97.2", + "resolved": "https://registry.npmjs.org/sass/-/sass-1.97.2.tgz", + "integrity": "sha512-y5LWb0IlbO4e97Zr7c3mlpabcbBtS+ieiZ9iwDooShpFKWXf62zz5pEPdwrLYm+Bxn1fnbwFGzHuCLSA9tBmrw==", "license": "MIT", - "peer": true, "dependencies": { "chokidar": "^4.0.0", "immutable": "^5.0.2", @@ -17066,7 +17043,6 @@ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", "license": "MIT", - "peer": true, "dependencies": { "fast-deep-equal": "^3.1.3", "fast-uri": "^3.0.1", @@ -18351,8 +18327,7 @@ "node_modules/tslib": { "version": "2.8.1", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "peer": true + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" }, "node_modules/type-fest": { "version": "2.19.0", @@ -18413,7 +18388,6 @@ "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "devOptional": true, "license": "Apache-2.0", - "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -18962,7 +18936,6 @@ "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.96.1.tgz", "integrity": "sha512-l2LlBSvVZGhL4ZrPwyr8+37AunkcYj5qh8o6u2/2rzoPc8gxFJkLj1WxNgooi9pnoc06jh0BjuXnamM4qlujZA==", "license": "MIT", - "peer": true, "dependencies": { "@types/eslint-scope": "^3.7.7", "@types/estree": "^1.0.6", @@ -19665,7 +19638,6 @@ "resolved": "https://registry.npmjs.org/zod/-/zod-4.1.12.tgz", "integrity": "sha512-JInaHOamG8pt5+Ey8kGmdcAcg3OL9reK8ltczgHTAwNhMys/6ThXHityHxVV2p3fkw/c+MAvBHFVYHFZDmjMCQ==", "license": "MIT", - "peer": true, "funding": { "url": "https://github.com/sponsors/colinhacks" } From 6de6ee9e4ba36706fbe2d8ea6dab361e3d5f1baa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Dec 2025 01:04:57 +0000 Subject: [PATCH 16/31] Update dependency go-task/task to v3.46.4 --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9fd03885b..fb0f9e07b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -30,7 +30,7 @@ env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest HELM_PLUGIN_UNITTEST_VERSION: "1.0.3" # renovate: datasource=github-releases depName=go-task/task - TASK_VERSION: "v3.45.5" + TASK_VERSION: "v3.46.4" jobs: test-nodejs-scanner-test-helpers: From af45935f8872a598b13b563aba5472f40ed0c040 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 09:07:12 +0000 Subject: [PATCH 17/31] Bump the github-actions-version-updates group across 1 directory with 4 updates Bumps the github-actions-version-updates group with 4 updates in the /.github/workflows directory: [oven-sh/setup-bun](https://github.com/oven-sh/setup-bun), [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter), [github/codeql-action](https://github.com/github/codeql-action) and [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action). Updates `oven-sh/setup-bun` from 2.0.2 to 2.1.0 - [Release notes](https://github.com/oven-sh/setup-bun/releases) - [Commits](https://github.com/oven-sh/setup-bun/compare/735343b667d3e6f658f44d0eca948eb6282f2b76...b7a1c7ccf290d58743029c4f6903da283811b979) Updates `oxsecurity/megalinter` from 9.2.0 to 9.3.0 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/oxsecurity/megalinter/compare/55a59b24a441e0e1943080d4a512d827710d4a9d...42bb470545e359597e7f12156947c436e4e3fb9a) Updates `github/codeql-action` from 4.31.8 to 4.31.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/1b168cd39490f61582a9beae412bb7057a6b2c4e...5d4e8d1aca955e8d8589aabd499c5cae939e33c7) Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f) --- updated-dependencies: - dependency-name: oven-sh/setup-bun dependency-version: 2.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-version-updates - dependency-name: oxsecurity/megalinter dependency-version: 9.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-version-updates - dependency-name: github/codeql-action dependency-version: 4.31.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-version-updates - dependency-name: docker/setup-buildx-action dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-version-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yaml | 6 +++--- .github/workflows/mega-linter.yml | 2 +- .github/workflows/oss-scorecard.yaml | 2 +- .github/workflows/release-build.yaml | 20 ++++++++++---------- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fb0f9e07b..576aa6410 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -40,7 +40,7 @@ jobs: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install bun - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 + uses: oven-sh/setup-bun@b7a1c7ccf290d58743029c4f6903da283811b979 # v2.1.0 - name: Install dependencies working-directory: tests/integration @@ -460,7 +460,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install bun - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 + uses: oven-sh/setup-bun@b7a1c7ccf290d58743029c4f6903da283811b979 # v2.1.0 - name: Download Task uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 @@ -619,7 +619,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install bun - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 + uses: oven-sh/setup-bun@b7a1c7ccf290d58743029c4f6903da283811b979 # v2.1.0 - name: Download Task uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index c7ced2237..f632e4a04 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -46,7 +46,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.github.io/flavors/ - uses: oxsecurity/megalinter@55a59b24a441e0e1943080d4a512d827710d4a9d # v9.2.0 + uses: oxsecurity/megalinter@42bb470545e359597e7f12156947c436e4e3fb9a # v9.3.0 env: # All available variables are described in documentation # https://megalinter.github.io/configuration/ diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml index 8df36b754..647ce8f97 100644 --- a/.github/workflows/oss-scorecard.yaml +++ b/.github/workflows/oss-scorecard.yaml @@ -33,6 +33,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 + uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: sarif_file: results.sarif diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml index 58ea90a5b..3885bcdce 100644 --- a/.github/workflows/release-build.yaml +++ b/.github/workflows/release-build.yaml @@ -45,7 +45,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -92,7 +92,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -139,7 +139,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -192,7 +192,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -245,7 +245,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -297,7 +297,7 @@ jobs: type=semver,pattern={{version}} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -361,7 +361,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -447,7 +447,7 @@ jobs: ${{ env.scannerVersion }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -504,7 +504,7 @@ jobs: type=semver,pattern={{version}} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -572,7 +572,7 @@ jobs: ${{ env.targetVersion }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 From 1bb58d825469d8ae6614166da72b74409a37c325 Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Mon, 12 Jan 2026 09:25:43 +0000 Subject: [PATCH 18/31] Upgrading subfinder from v2.11.0 to v2.12.0 Signed-off-by: secureCodeBoxBot --- scanners/subfinder/Chart.yaml | 2 +- scanners/subfinder/README.md | 2 +- scanners/subfinder/docs/README.DockerHub-Parser.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scanners/subfinder/Chart.yaml b/scanners/subfinder/Chart.yaml index 913922217..ce1a2cf2b 100644 --- a/scanners/subfinder/Chart.yaml +++ b/scanners/subfinder/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the subfinder security Scanner that integrates wit type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v2.11.0" +appVersion: "v2.12.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/projectdiscovery/subfinder/releases/latest diff --git a/scanners/subfinder/README.md b/scanners/subfinder/README.md index a872c1261..44b8feab9 100644 --- a/scanners/subfinder/README.md +++ b/scanners/subfinder/README.md @@ -3,7 +3,7 @@ title: "subfinder" category: "scanner" type: "Network" state: "released" -appVersion: "v2.11.0" +appVersion: "v2.12.0" usecase: "Subdomain Enumeration Scanner" --- diff --git a/scanners/subfinder/docs/README.DockerHub-Parser.md b/scanners/subfinder/docs/README.DockerHub-Parser.md index dde119c8a..7e61c90c2 100644 --- a/scanners/subfinder/docs/README.DockerHub-Parser.md +++ b/scanners/subfinder/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v2.11.0` +- tagged releases, e.g. `v2.12.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://github.com/projectdiscovery/subfinder. From 2b6886971762bf3e6ed3282b6727a60444f1f217 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Jan 2026 09:13:12 +0000 Subject: [PATCH 19/31] Bump org.junit:junit-bom Bumps the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 1 update: [org.junit:junit-bom](https://github.com/junit-team/junit-framework). Updates `org.junit:junit-bom` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.1...r6.0.2) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gradle-version-updates ... Signed-off-by: dependabot[bot] --- hooks/persistence-defectdojo/hook/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle index 65efcd46f..9c6253ef0 100644 --- a/hooks/persistence-defectdojo/hook/build.gradle +++ b/hooks/persistence-defectdojo/hook/build.gradle @@ -38,7 +38,7 @@ dependencies { // If I try to notate this like the others (with separate strings) I got errors. No idea why sh... Gradle // want it like this. It is the official documented example: // https://github.com/junit-team/junit5-samples/blob/r5.10.0/junit5-jupiter-starter-gradle/build.gradle - testImplementation(platform("org.junit:junit-bom:6.0.1")) + testImplementation(platform("org.junit:junit-bom:6.0.2")) testImplementation("org.junit.jupiter:junit-jupiter") testImplementation group: "org.mockito", name: "mockito-core", version: "5.21.0" testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.21.0" From 03f4062a93150f8fe45644deb6561614f033025f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Jan 2026 09:22:13 +0000 Subject: [PATCH 20/31] Bump the go-version-updates group across 4 directories with 7 updates Bumps the go-version-updates group with 5 updates in the /auto-discovery/cloud-aws directory: | Package | From | To | | --- | --- | --- | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.27.3` | `2.27.5` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.38.3` | `1.39.0` | | [k8s.io/api](https://github.com/kubernetes/api) | `0.34.3` | `0.35.0` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.34.3` | `0.35.0` | | [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) | `0.34.3` | `0.35.0` | Bumps the go-version-updates group with 2 updates in the /auto-discovery/kubernetes directory: [github.com/onsi/gomega](https://github.com/onsi/gomega) and [k8s.io/client-go](https://github.com/kubernetes/client-go). Bumps the go-version-updates group with 1 update in the /lurker directory: [k8s.io/client-go](https://github.com/kubernetes/client-go). Bumps the go-version-updates group with 2 updates in the /operator directory: [github.com/onsi/gomega](https://github.com/onsi/gomega) and [k8s.io/client-go](https://github.com/kubernetes/client-go). Updates `github.com/onsi/ginkgo/v2` from 2.27.3 to 2.27.5 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.27.3...v2.27.5) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/cli-runtime` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/utils` from 0.0.0-20250604170112-4c0f3b243397 to 0.0.0-20251002143259-bc988d571ff4 - [Commits](https://github.com/kubernetes/utils/commits) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.38.3...v1.39.0) Updates `k8s.io/api` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/api/compare/v0.34.3...v0.35.0) Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.3...v0.35.0) Updates `k8s.io/client-go` from 0.34.3 to 0.35.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.34.3...v0.35.0) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-version: 2.27.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/cli-runtime dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/utils dependency-version: 0.0.0-20251002143259-bc988d571ff4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: github.com/onsi/gomega dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/api dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/apimachinery dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates - dependency-name: k8s.io/client-go dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-version-updates ... Signed-off-by: dependabot[bot] --- auto-discovery/cloud-aws/go.mod | 29 ++++---- auto-discovery/cloud-aws/go.sum | 57 +++++++------- auto-discovery/kubernetes/go.mod | 23 +++--- auto-discovery/kubernetes/go.sum | 52 ++++++------- lurker/go.mod | 32 ++++---- lurker/go.sum | 123 ++++++++++++------------------- operator/go.mod | 23 +++--- operator/go.sum | 52 ++++++------- 8 files changed, 180 insertions(+), 211 deletions(-) diff --git a/auto-discovery/cloud-aws/go.mod b/auto-discovery/cloud-aws/go.mod index f4c33f434..afafb0cc3 100644 --- a/auto-discovery/cloud-aws/go.mod +++ b/auto-discovery/cloud-aws/go.mod @@ -4,18 +4,18 @@ module github.com/secureCodeBox/secureCodeBox/auto-discovery/cloud-aws -go 1.24.5 +go 1.25.0 require ( github.com/aws/aws-sdk-go v1.55.8 github.com/go-logr/logr v1.4.3 github.com/novln/docker-parser v1.0.0 - github.com/onsi/ginkgo/v2 v2.27.3 - github.com/onsi/gomega v1.38.3 + github.com/onsi/ginkgo/v2 v2.27.5 + github.com/onsi/gomega v1.39.0 github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1 github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 - k8s.io/api v0.34.3 - k8s.io/client-go v0.34.3 + k8s.io/api v0.35.0 + k8s.io/client-go v0.35.0 k8s.io/klog/v2 v2.130.1 sigs.k8s.io/controller-runtime v0.22.4 sigs.k8s.io/yaml v1.6.0 @@ -64,19 +64,18 @@ require ( github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_golang v1.23.2 // indirect github.com/prometheus/client_model v0.6.2 // indirect github.com/prometheus/common v0.66.1 // indirect github.com/prometheus/procfs v0.16.1 // indirect - github.com/spf13/cobra v1.9.1 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/spf13/cobra v1.10.0 // indirect + github.com/spf13/pflag v1.0.9 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xlab/treeprint v1.2.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/crypto v0.45.0 // indirect golang.org/x/mod v0.29.0 // indirect @@ -90,13 +89,13 @@ require ( golang.org/x/tools v0.38.0 // indirect gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect google.golang.org/protobuf v1.36.8 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiextensions-apiserver v0.34.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/kustomize/api v0.20.1 // indirect sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect sigs.k8s.io/randfill v1.0.0 // indirect @@ -105,6 +104,6 @@ require ( require ( github.com/jmespath/go-jmespath v0.4.0 // indirect - k8s.io/apimachinery v0.34.3 - k8s.io/cli-runtime v0.34.3 + k8s.io/apimachinery v0.35.0 + k8s.io/cli-runtime v0.35.0 ) diff --git a/auto-discovery/cloud-aws/go.sum b/auto-discovery/cloud-aws/go.sum index b16fe9bfb..0bab6a0b3 100644 --- a/auto-discovery/cloud-aws/go.sum +++ b/auto-discovery/cloud-aws/go.sum @@ -128,10 +128,10 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.27.3 h1:ICsZJ8JoYafeXFFlFAG75a7CxMsJHwgKwtO+82SE9L8= -github.com/onsi/ginkgo/v2 v2.27.3/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= -github.com/onsi/gomega v1.38.3 h1:eTX+W6dobAYfFeGC2PV6RwXRu/MyT+cQguijutvkpSM= -github.com/onsi/gomega v1.38.3/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= +github.com/onsi/ginkgo/v2 v2.27.5 h1:ZeVgZMx2PDMdJm/+w5fE/OyG6ILo1Y3e+QX4zSR0zTE= +github.com/onsi/ginkgo/v2 v2.27.5/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q= +github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -146,8 +146,8 @@ github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9Z github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1 h1:RR7V/tWCsJPwVVrUssYsM9mvG7BdqzspN3fiZVbMI8E= github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1/go.mod h1:1yO4sAVFa6nBekvAs/yXvPqknKqdbYPhdFhS22tu8YM= @@ -155,10 +155,11 @@ github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c95 github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589/go.mod h1:C2aY0MPPrtn+VkOpWXJKpd+2xmFogMy4sjBH406XrDA= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= -github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/cobra v1.10.0 h1:a5/WeUlSDCvV5a45ljW2ZFtV0bTDpkfSAj3uqB6Sc+0= +github.com/spf13/cobra v1.10.0/go.mod h1:9dhySC7dnTtEiqzmqfkLj47BslqLCUPMXjG2lj/NgoE= +github.com/spf13/pflag v1.0.8/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -187,8 +188,8 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -244,8 +245,8 @@ google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXn gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= @@ -256,26 +257,26 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.3 h1:D12sTP257/jSH2vHV2EDYrb16bS7ULlHpdNdNhEw2S4= -k8s.io/api v0.34.3/go.mod h1:PyVQBF886Q5RSQZOim7DybQjAbVs8g7gwJNhGtY5MBk= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI= k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= -k8s.io/apimachinery v0.34.3 h1:/TB+SFEiQvN9HPldtlWOTp0hWbJ+fjU+wkxysf/aQnE= -k8s.io/apimachinery v0.34.3/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/cli-runtime v0.34.3 h1:YRyMhiwX0dT9lmG0AtZDaeG33Nkxgt9OlCTZhRXj9SI= -k8s.io/cli-runtime v0.34.3/go.mod h1:GVwL1L5uaGEgM7eGeKjaTG2j3u134JgG4dAI6jQKhMc= -k8s.io/client-go v0.34.3 h1:wtYtpzy/OPNYf7WyNBTj3iUA0XaBHVqhv4Iv3tbrF5A= -k8s.io/client-go v0.34.3/go.mod h1:OxxeYagaP9Kdf78UrKLa3YZixMCfP6bgPwPwNBQBzpM= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/cli-runtime v0.35.0 h1:PEJtYS/Zr4p20PfZSLCbY6YvaoLrfByd6THQzPworUE= +k8s.io/cli-runtime v0.35.0/go.mod h1:VBRvHzosVAoVdP3XwUQn1Oqkvaa8facnokNkD7jOTMY= +k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= +k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/kustomize/api v0.20.1 h1:iWP1Ydh3/lmldBnH/S5RXgT98vWYMaTUL1ADcr+Sv7I= sigs.k8s.io/kustomize/api v0.20.1/go.mod h1:t6hUFxO+Ph0VxIk1sKp1WS0dOjbPCtLJ4p8aADLwqjM= sigs.k8s.io/kustomize/kyaml v0.20.1 h1:PCMnA2mrVbRP3NIB6v9kYCAc38uvFLVs8j/CD567A78= diff --git a/auto-discovery/kubernetes/go.mod b/auto-discovery/kubernetes/go.mod index 93c129a5b..ec8c65e0a 100644 --- a/auto-discovery/kubernetes/go.mod +++ b/auto-discovery/kubernetes/go.mod @@ -4,19 +4,19 @@ module github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes -go 1.24.5 +go 1.25.0 require ( github.com/Masterminds/sprig v2.22.0+incompatible github.com/go-logr/logr v1.4.3 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.38.3 + github.com/onsi/gomega v1.39.0 github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 - k8s.io/api v0.34.3 - k8s.io/apimachinery v0.34.3 - k8s.io/client-go v0.34.3 + k8s.io/api v0.35.0 + k8s.io/apimachinery v0.35.0 + k8s.io/client-go v0.35.0 k8s.io/klog/v2 v2.130.1 - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 sigs.k8s.io/controller-runtime v0.22.4 sigs.k8s.io/yaml v1.6.0 ) @@ -51,17 +51,16 @@ require ( github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_golang v1.23.2 // indirect github.com/prometheus/client_model v0.6.2 // indirect github.com/prometheus/common v0.66.1 // indirect github.com/prometheus/procfs v0.16.1 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/spf13/pflag v1.0.9 // indirect github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/crypto v0.45.0 // indirect golang.org/x/net v0.47.0 // indirect @@ -73,13 +72,13 @@ require ( golang.org/x/time v0.11.0 // indirect gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect google.golang.org/protobuf v1.36.8 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiextensions-apiserver v0.34.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect ) diff --git a/auto-discovery/kubernetes/go.sum b/auto-discovery/kubernetes/go.sum index a4ea96196..8b93fb164 100644 --- a/auto-discovery/kubernetes/go.sum +++ b/auto-discovery/kubernetes/go.sum @@ -105,12 +105,12 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.25.3 h1:Ty8+Yi/ayDAGtk4XxmmfUy4GabvM+MegeB4cDLRi6nw= -github.com/onsi/ginkgo/v2 v2.25.3/go.mod h1:43uiyQC4Ed2tkOzLsEYm7hnrb7UJTWHYNsuy3bG/snE= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.38.3 h1:eTX+W6dobAYfFeGC2PV6RwXRu/MyT+cQguijutvkpSM= -github.com/onsi/gomega v1.38.3/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= +github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q= +github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -123,12 +123,12 @@ github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9Z github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589 h1:bA5TfYaqlHXqrDGAZJuIPVpC+BqUU4wKSJzrOH6V6oU= github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589/go.mod h1:C2aY0MPPrtn+VkOpWXJKpd+2xmFogMy4sjBH406XrDA= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -140,16 +140,14 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= -go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -159,6 +157,8 @@ golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= +golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -218,8 +218,8 @@ google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXn gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -230,24 +230,24 @@ gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.3 h1:D12sTP257/jSH2vHV2EDYrb16bS7ULlHpdNdNhEw2S4= -k8s.io/api v0.34.3/go.mod h1:PyVQBF886Q5RSQZOim7DybQjAbVs8g7gwJNhGtY5MBk= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI= k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= -k8s.io/apimachinery v0.34.3 h1:/TB+SFEiQvN9HPldtlWOTp0hWbJ+fjU+wkxysf/aQnE= -k8s.io/apimachinery v0.34.3/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.3 h1:wtYtpzy/OPNYf7WyNBTj3iUA0XaBHVqhv4Iv3tbrF5A= -k8s.io/client-go v0.34.3/go.mod h1:OxxeYagaP9Kdf78UrKLa3YZixMCfP6bgPwPwNBQBzpM= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= +k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= diff --git a/lurker/go.mod b/lurker/go.mod index ccc95a499..c450a8aa4 100644 --- a/lurker/go.mod +++ b/lurker/go.mod @@ -4,12 +4,12 @@ module github.com/secureCodeBox/secureCodeBox/lurker -go 1.24.5 +go 1.25.0 require ( - k8s.io/api v0.34.3 - k8s.io/apimachinery v0.34.3 - k8s.io/client-go v0.34.3 + k8s.io/api v0.35.0 + k8s.io/apimachinery v0.35.0 + k8s.io/client-go v0.35.0 ) require ( @@ -20,7 +20,6 @@ require ( github.com/go-openapi/jsonpointer v0.21.1 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/swag v0.23.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect github.com/google/gnostic-models v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect github.com/josharian/intern v1.0.0 // indirect @@ -29,24 +28,23 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/x448/float16 v0.8.4 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/net v0.39.0 // indirect - golang.org/x/oauth2 v0.29.0 // indirect - golang.org/x/sys v0.32.0 // indirect - golang.org/x/term v0.31.0 // indirect - golang.org/x/text v0.24.0 // indirect + golang.org/x/net v0.47.0 // indirect + golang.org/x/oauth2 v0.30.0 // indirect + golang.org/x/sys v0.38.0 // indirect + golang.org/x/term v0.37.0 // indirect + golang.org/x/text v0.31.0 // indirect golang.org/x/time v0.11.0 // indirect - google.golang.org/protobuf v1.36.6 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + google.golang.org/protobuf v1.36.8 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect sigs.k8s.io/yaml v1.6.0 // indirect diff --git a/lurker/go.sum b/lurker/go.sum index 17f0a100c..e993d23ca 100644 --- a/lurker/go.sum +++ b/lurker/go.sum @@ -1,3 +1,5 @@ +github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= +github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -16,23 +18,19 @@ github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZ github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -47,96 +45,71 @@ github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFd github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= -github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= -github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= +github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY= -golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E= -golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98= -golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20= -golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o= -golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0= -golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= +golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= +golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= +golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= +golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= +golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= +golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= +golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= +golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= +golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= +golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= -golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= -google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= +golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= +golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= +google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= +google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.3 h1:D12sTP257/jSH2vHV2EDYrb16bS7ULlHpdNdNhEw2S4= -k8s.io/api v0.34.3/go.mod h1:PyVQBF886Q5RSQZOim7DybQjAbVs8g7gwJNhGtY5MBk= -k8s.io/apimachinery v0.34.3 h1:/TB+SFEiQvN9HPldtlWOTp0hWbJ+fjU+wkxysf/aQnE= -k8s.io/apimachinery v0.34.3/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.3 h1:wtYtpzy/OPNYf7WyNBTj3iUA0XaBHVqhv4Iv3tbrF5A= -k8s.io/client-go v0.34.3/go.mod h1:OxxeYagaP9Kdf78UrKLa3YZixMCfP6bgPwPwNBQBzpM= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= +k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= diff --git a/operator/go.mod b/operator/go.mod index 77c2fbcf5..dab52991c 100644 --- a/operator/go.mod +++ b/operator/go.mod @@ -4,17 +4,17 @@ module github.com/secureCodeBox/secureCodeBox/operator -go 1.24.5 +go 1.25.0 require ( github.com/go-logr/logr v1.4.3 github.com/minio/minio-go/v7 v7.0.97 github.com/mitchellh/hashstructure/v2 v2.0.2 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.38.3 - k8s.io/api v0.34.3 - k8s.io/apimachinery v0.34.3 - k8s.io/client-go v0.34.3 + github.com/onsi/gomega v1.39.0 + k8s.io/api v0.35.0 + k8s.io/apimachinery v0.35.0 + k8s.io/client-go v0.35.0 sigs.k8s.io/controller-runtime v0.22.4 ) @@ -31,10 +31,10 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/tinylib/msgp v1.3.0 // indirect github.com/x448/float16 v0.8.4 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/sync v0.18.0 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect sigs.k8s.io/randfill v1.0.0 // indirect sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect ) @@ -63,14 +63,13 @@ require ( github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.23.2 github.com/prometheus/client_model v0.6.2 // indirect github.com/prometheus/common v0.66.1 // indirect github.com/prometheus/procfs v0.16.1 // indirect github.com/robfig/cron v1.2.0 github.com/rs/xid v1.6.0 // indirect - github.com/spf13/pflag v1.0.6 // indirect + github.com/spf13/pflag v1.0.9 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect golang.org/x/crypto v0.45.0 // indirect @@ -87,8 +86,8 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiextensions-apiserver v0.34.1 // indirect k8s.io/klog/v2 v2.130.1 - k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/yaml v1.6.0 // indirect ) diff --git a/operator/go.sum b/operator/go.sum index 208f1cfab..6a60bc32b 100644 --- a/operator/go.sum +++ b/operator/go.sum @@ -108,12 +108,12 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.25.3 h1:Ty8+Yi/ayDAGtk4XxmmfUy4GabvM+MegeB4cDLRi6nw= -github.com/onsi/ginkgo/v2 v2.25.3/go.mod h1:43uiyQC4Ed2tkOzLsEYm7hnrb7UJTWHYNsuy3bG/snE= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.38.3 h1:eTX+W6dobAYfFeGC2PV6RwXRu/MyT+cQguijutvkpSM= -github.com/onsi/gomega v1.38.3/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= +github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q= +github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= github.com/philhofer/fwd v1.2.0 h1:e6DnBTl7vGY+Gz322/ASL4Gyp1FspeMvx1RNDoToZuM= github.com/philhofer/fwd v1.2.0/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -130,12 +130,12 @@ github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzM github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ= github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU= github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -149,16 +149,14 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= -go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -168,6 +166,8 @@ golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= +golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -227,8 +227,8 @@ google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXn gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -239,24 +239,24 @@ gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.34.3 h1:D12sTP257/jSH2vHV2EDYrb16bS7ULlHpdNdNhEw2S4= -k8s.io/api v0.34.3/go.mod h1:PyVQBF886Q5RSQZOim7DybQjAbVs8g7gwJNhGtY5MBk= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI= k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= -k8s.io/apimachinery v0.34.3 h1:/TB+SFEiQvN9HPldtlWOTp0hWbJ+fjU+wkxysf/aQnE= -k8s.io/apimachinery v0.34.3/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= -k8s.io/client-go v0.34.3 h1:wtYtpzy/OPNYf7WyNBTj3iUA0XaBHVqhv4Iv3tbrF5A= -k8s.io/client-go v0.34.3/go.mod h1:OxxeYagaP9Kdf78UrKLa3YZixMCfP6bgPwPwNBQBzpM= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= +k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= -k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= From 7f98041fff914068cd68363631ff7817ab5ea466 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 5 Jan 2026 08:47:38 +0100 Subject: [PATCH 21/31] Update CRDs and hashes for kubernetes 1.35 Signed-off-by: Jannik Hollenbach --- ...ading.securecodebox.io_cascadingrules.yaml | 23 ++++++-- ...urecodebox.io_clusterparsedefinitions.yaml | 19 +++++- ...codebox.io_clusterscancompletionhooks.yaml | 19 +++++- ...ion.securecodebox.io_clusterscantypes.yaml | 59 ++++++++++++++++--- ...ion.securecodebox.io_parsedefinitions.yaml | 19 +++++- ....securecodebox.io_scancompletionhooks.yaml | 19 +++++- .../execution.securecodebox.io_scans.yaml | 23 ++++++-- .../execution.securecodebox.io_scantypes.yaml | 59 ++++++++++++++++--- ...ution.securecodebox.io_scheduledscans.yaml | 23 ++++++-- operator/utils/hash_test.go | 2 +- 10 files changed, 222 insertions(+), 43 deletions(-) diff --git a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml index 7b0b6fcf1..c5de22357 100644 --- a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml +++ b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml @@ -2113,7 +2113,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -2786,7 +2788,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -3354,8 +3356,11 @@ spec: - name type: object resources: - description: resources represents the minimum - resources the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -4122,6 +4127,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml b/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml index 7e49751e8..efc4ea272 100644 --- a/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml +++ b/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml @@ -1143,7 +1143,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1706,8 +1706,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2471,6 +2474,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml b/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml index 41310fde4..4bbd0611a 100644 --- a/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml +++ b/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml @@ -1149,7 +1149,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1716,8 +1716,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2481,6 +2484,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_clusterscantypes.yaml b/operator/crds/execution.securecodebox.io_clusterscantypes.yaml index 2fa577b84..34e200b2f 100644 --- a/operator/crds/execution.securecodebox.io_clusterscantypes.yaml +++ b/operator/crds/execution.securecodebox.io_clusterscantypes.yaml @@ -234,7 +234,6 @@ spec: it is required that specified type equals the pod condition type. type: string required: - - status - type type: object type: array @@ -2057,8 +2056,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -5049,8 +5049,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -6093,7 +6094,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -6738,9 +6739,11 @@ spec: - name type: object resources: - description: resources represents - the minimum resources the volume - should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -7536,6 +7539,16 @@ spec: CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName @@ -7942,6 +7955,34 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + workloadRef: + description: |- + WorkloadRef provides a reference to the Workload object that this Pod belongs to. + This field is used by the scheduler to identify the PodGroup and apply the + correct group scheduling policies. + properties: + name: + description: |- + Name defines the name of the Workload object this Pod belongs to. + Workload must be in the same namespace as the Pod. + type: string + podGroup: + description: |- + PodGroup is the name of the PodGroup within the Workload that this Pod + belongs to. If it doesn't match any existing PodGroup within the Workload, + the Pod will remain unschedulable until the Workload object is recreated + and observed by the kube-scheduler. + type: string + podGroupReplicaKey: + description: |- + PodGroupReplicaKey specifies the replica key of the PodGroup to which this + Pod belongs. It is used to distinguish pods belonging to different replicas + of the same pod group. The pod group policy is applied separately to each replica. + type: string + required: + - name + - podGroup + type: object required: - containers type: object diff --git a/operator/crds/execution.securecodebox.io_parsedefinitions.yaml b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml index faf8c61cc..3428809ad 100644 --- a/operator/crds/execution.securecodebox.io_parsedefinitions.yaml +++ b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml @@ -1142,7 +1142,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1705,8 +1705,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2470,6 +2473,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml index 57ced53aa..7edaee293 100644 --- a/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml +++ b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml @@ -1149,7 +1149,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -1716,8 +1716,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -2481,6 +2484,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_scans.yaml b/operator/crds/execution.securecodebox.io_scans.yaml index 1191be7f4..bf626f1e7 100644 --- a/operator/crds/execution.securecodebox.io_scans.yaml +++ b/operator/crds/execution.securecodebox.io_scans.yaml @@ -2059,7 +2059,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -2729,7 +2731,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -3293,8 +3295,11 @@ spec: - name type: object resources: - description: resources represents the minimum resources - the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -4058,6 +4063,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/crds/execution.securecodebox.io_scantypes.yaml b/operator/crds/execution.securecodebox.io_scantypes.yaml index 392e42dce..aa08ae534 100644 --- a/operator/crds/execution.securecodebox.io_scantypes.yaml +++ b/operator/crds/execution.securecodebox.io_scantypes.yaml @@ -234,7 +234,6 @@ spec: it is required that specified type equals the pod condition type. type: string required: - - status - type type: object type: array @@ -2057,8 +2056,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -5049,8 +5049,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the - container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -6093,7 +6094,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -6738,9 +6739,11 @@ spec: - name type: object resources: - description: resources represents - the minimum resources the volume - should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -7536,6 +7539,16 @@ spec: CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName @@ -7942,6 +7955,34 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + workloadRef: + description: |- + WorkloadRef provides a reference to the Workload object that this Pod belongs to. + This field is used by the scheduler to identify the PodGroup and apply the + correct group scheduling policies. + properties: + name: + description: |- + Name defines the name of the Workload object this Pod belongs to. + Workload must be in the same namespace as the Pod. + type: string + podGroup: + description: |- + PodGroup is the name of the PodGroup within the Workload that this Pod + belongs to. If it doesn't match any existing PodGroup within the Workload, + the Pod will remain unschedulable until the Workload object is recreated + and observed by the kube-scheduler. + type: string + podGroupReplicaKey: + description: |- + PodGroupReplicaKey specifies the replica key of the PodGroup to which this + Pod belongs. It is used to distinguish pods belonging to different replicas + of the same pod group. The pod group policy is applied separately to each replica. + type: string + required: + - name + - podGroup + type: object required: - containers type: object diff --git a/operator/crds/execution.securecodebox.io_scheduledscans.yaml b/operator/crds/execution.securecodebox.io_scheduledscans.yaml index 4c93ddae2..dc0d85c7d 100644 --- a/operator/crds/execution.securecodebox.io_scheduledscans.yaml +++ b/operator/crds/execution.securecodebox.io_scheduledscans.yaml @@ -2107,7 +2107,9 @@ spec: type: integer type: object resizePolicy: - description: Resources resize policy for the container. + description: |- + Resources resize policy for the container. + This field cannot be set on ephemeral containers. items: description: ContainerResizePolicy represents resource resize policy for the container. @@ -2780,7 +2782,7 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string @@ -3348,8 +3350,11 @@ spec: - name type: object resources: - description: resources represents the minimum - resources the volume should have. + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. properties: limits: additionalProperties: @@ -4116,6 +4121,16 @@ spec: description: Kubelet's generated CSRs will be addressed to this signer. type: string + userAnnotations: + additionalProperties: + type: string + description: |- + userAnnotations allow pod authors to pass additional information to + the signer implementation. Kubernetes does not restrict or validate this + metadata in any way. + + These values are copied verbatim into the `spec. + type: object required: - keyType - signerName diff --git a/operator/utils/hash_test.go b/operator/utils/hash_test.go index 8e1ae9c77..d084c9fa8 100644 --- a/operator/utils/hash_test.go +++ b/operator/utils/hash_test.go @@ -53,7 +53,7 @@ var _ = Describe("ScanType Hashing", func() { It("should hash scantype consistently", func() { hashValues := HashScanType(scanType) // note: this hash changes with every kubernetes release as kubernetes adds new field to their objects which causes the hashes to change. - Expect(hashValues).To(Equal(uint64(11099598195720215515)), "Should hash scantype consistently") + Expect(hashValues).To(Equal(uint64(6491418262890710719)), "Should hash scantype consistently") }) It("should ignore non-scb annotations on the scantypes", func() { From d59cda3b8f37fe4702ea396801ce379db434973a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Mon, 5 Jan 2026 08:48:45 +0100 Subject: [PATCH 22/31] Bump list of supported k8s releases in docs Signed-off-by: Jannik Hollenbach --- documentation/docs/getting-started/installation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/docs/getting-started/installation.md b/documentation/docs/getting-started/installation.md index eff5cd292..7733bbfd9 100644 --- a/documentation/docs/getting-started/installation.md +++ b/documentation/docs/getting-started/installation.md @@ -24,7 +24,7 @@ You're now ready to install your [first scan types and start your first scans](/ ## Supported Kubernetes Version -The secureCodeBox supports the 4 latest Kubernetes releases (`v1.34`, `v1.33`, `v1.32` & `v1.31`). Older versions might also work but are not officially supported or tested. +The secureCodeBox supports the 4 latest Kubernetes releases (`v1.35`, `v1.34`, `v1.33` & `v1.32`). Older versions might also work but are not officially supported or tested. ## Accessing the included MinIO Instance From fb72a88752e34779dd04e6237466229892364101 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 13 Jan 2026 06:14:03 +0000 Subject: [PATCH 23/31] Update debian Docker tag to v13.3 --- scanners/screenshooter/scanner/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/screenshooter/scanner/Dockerfile b/scanners/screenshooter/scanner/Dockerfile index c715348b7..6b674a6ed 100644 --- a/scanners/screenshooter/scanner/Dockerfile +++ b/scanners/screenshooter/scanner/Dockerfile @@ -4,7 +4,7 @@ # This is using debian rather than alpine, as firefox on alpine seems to be missing some crucial fonts. # This lets the screenshots taken on alpine look weird -FROM debian:13.2 +FROM debian:13.3 RUN apt-get update && apt-get install firefox-esr -y RUN groupadd -g 1001 screenshooter \ && useradd -M -u 1001 -g 1001 securecodebox From 31e3e589531842a288201bd8551f37681748133c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Jan 2026 09:13:25 +0000 Subject: [PATCH 24/31] Bump the npm-version-updates group in /documentation with 2 updates Bumps the npm-version-updates group in /documentation with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react). Updates `@types/node` from 25.0.3 to 25.0.7 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 19.2.7 to 19.2.8 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.0.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@types/react" dependency-version: 19.2.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] --- documentation/package-lock.json | 16 ++++++++-------- documentation/package.json | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/documentation/package-lock.json b/documentation/package-lock.json index e6483b948..bd8df7666 100644 --- a/documentation/package-lock.json +++ b/documentation/package-lock.json @@ -30,8 +30,8 @@ "@docusaurus/module-type-aliases": "^3.6.0", "@docusaurus/tsconfig": "^3.9.2", "@docusaurus/types": "^3.6.0", - "@types/node": "^25.0.3", - "@types/react": "^19.2.7", + "@types/node": "^25.0.7", + "@types/react": "^19.2.8", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", "sass-loader": "^16.0.6", @@ -5449,9 +5449,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.0.3", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", - "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", + "version": "25.0.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.7.tgz", + "integrity": "sha512-C/er7DlIZgRJO7WtTdYovjIFzGsz0I95UlMyR9anTb4aCpBSRWe5Jc1/RvLKUfzmOxHPGjSE5+63HgLtndxU4w==", "license": "MIT", "dependencies": { "undici-types": "~7.16.0" @@ -5490,9 +5490,9 @@ "license": "MIT" }, "node_modules/@types/react": { - "version": "19.2.7", - "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.7.tgz", - "integrity": "sha512-MWtvHrGZLFttgeEj28VXHxpmwYbor/ATPYbBfSFZEIRK0ecCFLl2Qo55z52Hss+UV9CRN7trSeq1zbgx7YDWWg==", + "version": "19.2.8", + "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.8.tgz", + "integrity": "sha512-3MbSL37jEchWZz2p2mjntRZtPt837ij10ApxKfgmXCTuHWagYg7iA5bqPw6C8BMPfwidlvfPI/fxOc42HLhcyg==", "license": "MIT", "dependencies": { "csstype": "^3.2.2" diff --git a/documentation/package.json b/documentation/package.json index 01d0e7ae3..cf6269807 100644 --- a/documentation/package.json +++ b/documentation/package.json @@ -52,8 +52,8 @@ "@docusaurus/module-type-aliases": "^3.6.0", "@docusaurus/tsconfig": "^3.9.2", "@docusaurus/types": "^3.6.0", - "@types/node": "^25.0.3", - "@types/react": "^19.2.7", + "@types/node": "^25.0.7", + "@types/react": "^19.2.8", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", "sass-loader": "^16.0.6", From 276028df16c380115fc11fc588257d83efdbf47c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Jan 2026 09:15:34 +0000 Subject: [PATCH 25/31] Bump @types/node Bumps the npm-version-updates group with 1 update in the /parser-sdk/nodejs directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `@types/node` from 25.0.3 to 25.0.7 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.0.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] --- hook-sdk/nodejs/package-lock.json | 6 +++--- parser-sdk/nodejs/package-lock.json | 14 +++++++------- parser-sdk/nodejs/package.json | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json index d9af783fa..a9c9877ee 100644 --- a/hook-sdk/nodejs/package-lock.json +++ b/hook-sdk/nodejs/package-lock.json @@ -66,9 +66,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "24.10.4", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.4.tgz", - "integrity": "sha512-vnDVpYPMzs4wunl27jHrfmwojOGKya0xyM3sH+UE5iv5uPS6vX7UIoh6m+vQc5LGBq52HBKPIn/zcSZVzeDEZg==", + "version": "24.10.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.7.tgz", + "integrity": "sha512-+054pVMzVTmRQV8BhpGv3UyfZ2Llgl8rdpDTon+cUH9+na0ncBVXj3wTUKh14+Kiz18ziM3b4ikpP5/Pc0rQEQ==", "dependencies": { "undici-types": "~7.16.0" } diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index cea9275d1..d97a4c63a 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -16,7 +16,7 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.3" + "@types/node": "^25.0.7" } }, "node_modules/@jsep-plugin/assignment": { @@ -81,9 +81,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.0.3", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", - "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", + "version": "25.0.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.7.tgz", + "integrity": "sha512-C/er7DlIZgRJO7WtTdYovjIFzGsz0I95UlMyR9anTb4aCpBSRWe5Jc1/RvLKUfzmOxHPGjSE5+63HgLtndxU4w==", "dependencies": { "undici-types": "~7.16.0" } @@ -885,9 +885,9 @@ "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" }, "@types/node": { - "version": "25.0.3", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz", - "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==", + "version": "25.0.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.7.tgz", + "integrity": "sha512-C/er7DlIZgRJO7WtTdYovjIFzGsz0I95UlMyR9anTb4aCpBSRWe5Jc1/RvLKUfzmOxHPGjSE5+63HgLtndxU4w==", "requires": { "undici-types": "~7.16.0" } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index 61268d115..b7b6528ab 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -18,6 +18,6 @@ "jsonpointer": "^5.0.1" }, "devDependencies": { - "@types/node": "^25.0.3" + "@types/node": "^25.0.7" } } From 297b51ed9eeab44a7a20c3657520d4f13e485b3c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Jan 2026 09:16:52 +0000 Subject: [PATCH 26/31] Bump the github-actions-version-updates group across 1 directory with 2 updates Bumps the github-actions-version-updates group with 2 updates in the /.github/workflows directory: [actions/setup-go](https://github.com/actions/setup-go) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/setup-go` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4dc6199c7b1a012772edbd06daecab0f50c9053c...7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5) Updates `github/codeql-action` from 4.31.9 to 4.31.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...cdefb33c0f6224e58673d9004f47f7cb3e328b89) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-version-updates - dependency-name: github/codeql-action dependency-version: 4.31.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-version-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yaml | 12 ++++++------ .github/workflows/oss-scorecard.yaml | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 576aa6410..efca7e56d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -194,7 +194,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version-file: "operator/go.mod" @@ -233,7 +233,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version-file: "auto-discovery/kubernetes/go.mod" @@ -273,7 +273,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version-file: "auto-discovery/kubernetes/go.mod" @@ -366,7 +366,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version-file: "auto-discovery/cloud-aws/go.mod" @@ -497,7 +497,7 @@ jobs: chmod +x ./helm/helm && sudo mv ./helm/helm /usr/local/bin/helm - name: Go Setup - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version-file: "scanners/git-repo-scanner/scanner/go.mod" @@ -753,7 +753,7 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version-file: "scbctl/go.mod" diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml index 647ce8f97..2417a8a2d 100644 --- a/.github/workflows/oss-scorecard.yaml +++ b/.github/workflows/oss-scorecard.yaml @@ -33,6 +33,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: sarif_file: results.sarif From 63ad48552de750bf4818096ee0b22d8e42ac4426 Mon Sep 17 00:00:00 2001 From: Patrick Date: Thu, 8 Jan 2026 10:10:48 +0100 Subject: [PATCH 27/31] Add option to include target domain in subfinder findings Signed-off-by: Patrick --- scanners/subfinder/README.md | 1 + scanners/subfinder/parser/parser.js | 81 +++++++++++++------ .../templates/subfinder-parse-definition.yaml | 5 +- scanners/subfinder/values.yaml | 9 +-- 4 files changed, 67 insertions(+), 29 deletions(-) diff --git a/scanners/subfinder/README.md b/scanners/subfinder/README.md index 44b8feab9..f65cc3584 100644 --- a/scanners/subfinder/README.md +++ b/scanners/subfinder/README.md @@ -65,6 +65,7 @@ Kubernetes: `>=v1.11.0-0` |-----|------|---------|-------------| | cascadingRules.enabled | bool | `false` | Enables or disables the installation of the default cascading rules for this scanner | | imagePullSecrets | list | `[]` | Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) | +| includeTargetDomain | bool | false | Include target domain in findings | | parser.affinity | object | `{}` | Optional affinity settings that control how the parser job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | parser.env | list | `[]` | Optional environment variables mapped into each parseJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | | parser.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js index 7bd813561..2a9a40151 100644 --- a/scanners/subfinder/parser/parser.js +++ b/scanners/subfinder/parser/parser.js @@ -2,32 +2,66 @@ // // SPDX-License-Identifier: Apache-2.0 -export async function parse(fileContent) { - if (!fileContent) - return []; +const includeTargetDomain = + process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() == "true"; + +export async function parse(fileContent, scan) { + if (!fileContent && !includeTargetDomain) return []; const targets = parseResultFile(fileContent); - return transformToFindings(targets); + const findings = transformToFindings(targets); + + const domain = includeTargetDomain + ? getArgValue(scan.spec.parameters, "-d", "-domain") + : null; + if (domain) { + findings.push(getTargetDomainFinding(domain)); + } + + return findings; +} + +function getArgValue(args, ...flags) { + const index = args.findIndex((arg) => flags.includes(arg)); + return index !== -1 && index + 1 < args.length ? args[index + 1] : null; +} + +function getTargetDomainFinding(domain) { + return { + name: domain, + identified_at: null, + description: `Found subdomain ${domain}`, + category: "Subdomain", + location: domain, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + domain: domain, + hostname: domain, + ip_address: null, + ip_addresses: [], + source: "parser", + }, + }; } function transformToFindings(targets) { return targets.map((item) => ({ - "name": item.host, - "identified_at": null, - "description": `Found subdomain ${item.host}`, - "category": "Subdomain", - "location": item.host, - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - "attributes": { - "domain": item.input, - "hostname": item.host, - "ip_address": item?.ip || null, - "ip_addresses": [item?.ip || null].filter(Boolean), - "source": item.source, - } - } - )); + name: item.host, + identified_at: null, + description: `Found subdomain ${item.host}`, + category: "Subdomain", + location: item.host, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + domain: item.input, + hostname: item.host, + ip_address: item?.ip || null, + ip_addresses: [item?.ip || null].filter(Boolean), + source: item.source, + }, + })); } /** @@ -35,7 +69,8 @@ function transformToFindings(targets) { * @param {*} fileContent */ function parseResultFile(fileContent) { - return fileContent.trim() - .split('\n') - .map(line => JSON.parse(line)); + return fileContent + .trim() + .split("\n") + .map((line) => JSON.parse(line)); } diff --git a/scanners/subfinder/templates/subfinder-parse-definition.yaml b/scanners/subfinder/templates/subfinder-parse-definition.yaml index 66ed1a34f..9af468d3c 100644 --- a/scanners/subfinder/templates/subfinder-parse-definition.yaml +++ b/scanners/subfinder/templates/subfinder-parse-definition.yaml @@ -10,7 +10,10 @@ spec: image: "{{ .Values.parser.image.repository }}:{{ .Values.parser.image.tag | default .Chart.Version }}" imagePullPolicy: {{.Values.parser.image.pullPolicy}} ttlSecondsAfterFinished: {{.Values.parser.ttlSecondsAfterFinished}} - env: {{- toYaml .Values.parser.env | nindent 4}} + env: + {{- $env := .Values.parser.env | default (list) }} + {{- $env = append $env (dict "name" "INCLUDE_TARGET_DOMAIN" "value" (.Values.includeTargetDomain | toString)) }} + {{- toYaml $env | nindent 4 }} scopeLimiterAliases: {{- toYaml .Values.parser.scopeLimiterAliases | nindent 4}} affinity: {{- toYaml .Values.parser.affinity | nindent 4}} diff --git a/scanners/subfinder/values.yaml b/scanners/subfinder/values.yaml index b3dea8c4d..393b04e84 100644 --- a/scanners/subfinder/values.yaml +++ b/scanners/subfinder/values.yaml @@ -5,6 +5,9 @@ # -- Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) imagePullSecrets: [] +# includeTargetDomain -- include target domain in findings +includeTargetDomain: false + parser: image: # parser.image.repository -- Parser image repository @@ -75,7 +78,6 @@ scanner: - name: subfinder-config emptyDir: {} - # scanner.extraVolumeMounts -- Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) extraVolumeMounts: - name: subfinder-config @@ -85,10 +87,7 @@ scanner: extraContainers: [] # scanner.podSecurityContext -- Optional securityContext set on scanner pod (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) - podSecurityContext: - { - runAsUser: 10001 - } + podSecurityContext: {runAsUser: 10001} # scanner.securityContext -- Optional securityContext set on scanner container (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) securityContext: From 152aec92a69f01b559b9d4a33878e78287eb945c Mon Sep 17 00:00:00 2001 From: Patrick Date: Tue, 13 Jan 2026 11:04:19 +0100 Subject: [PATCH 28/31] Add parser test Signed-off-by: Patrick --- .../parser/__snapshots__/parser.test.js.snap | 149 ++++++++++++++++++ scanners/subfinder/parser/parser.js | 10 +- scanners/subfinder/parser/parser.test.js | 26 +++ 3 files changed, 181 insertions(+), 4 deletions(-) diff --git a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap index 901da3c7c..cac911b84 100644 --- a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap +++ b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap @@ -157,3 +157,152 @@ exports[`should properly parse subfinder json file with ip output 1`] = ` `; exports[`should properly parse empty json file 1`] = `[]`; + +exports[`should properly parse subfinder json file and add target domain to findings 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "releases.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain releases.example.com", + "identified_at": null, + "location": "releases.example.com", + "name": "releases.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "myap.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain myap.example.com", + "identified_at": null, + "location": "myap.example.com", + "name": "myap.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "not-exist.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain not-exist.example.com", + "identified_at": null, + "location": "not-exist.example.com", + "name": "not-exist.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "new-client.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain new-client.example.com", + "identified_at": null, + "location": "new-client.example.com", + "name": "new-client.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "op.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain op.example.com", + "identified_at": null, + "location": "op.example.com", + "name": "op.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "mall.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain mall.example.com", + "identified_at": null, + "location": "mall.example.com", + "name": "mall.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "cdn1.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain cdn1.example.com", + "identified_at": null, + "location": "cdn1.example.com", + "name": "cdn1.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "xn--rksmrgs-5wao1o.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain xn--rksmrgs-5wao1o.example.com", + "identified_at": null, + "location": "xn--rksmrgs-5wao1o.example.com", + "name": "xn--rksmrgs-5wao1o.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js index 2a9a40151..4bd404fea 100644 --- a/scanners/subfinder/parser/parser.js +++ b/scanners/subfinder/parser/parser.js @@ -2,10 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -const includeTargetDomain = - process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() == "true"; - -export async function parse(fileContent, scan) { +export async function parse( + fileContent, + scan, + includeTargetDomain = process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() == + "true", +) { if (!fileContent && !includeTargetDomain) return []; const targets = parseResultFile(fileContent); diff --git a/scanners/subfinder/parser/parser.test.js b/scanners/subfinder/parser/parser.test.js index 9e1c85abc..ad13f6e74 100644 --- a/scanners/subfinder/parser/parser.test.js +++ b/scanners/subfinder/parser/parser.test.js @@ -41,3 +41,29 @@ test("should properly parse empty json file", async () => { expect(validateParser(findings)).toBeUndefined(); expect(findings).toMatchSnapshot(); }); + +test("should properly parse subfinder json file and add target domain to findings", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "-domain", "example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile( + __dirname + "/__testFiles__/passive_scan_without_ip_example.com.jsonl", + { + encoding: "utf8", + }, + ); + const findings = await parse(fileContent, scan, "true"); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); From 86691c0bd3dd7e48788d1c5e441ea902fa6a09b1 Mon Sep 17 00:00:00 2001 From: Patrick Date: Wed, 14 Jan 2026 09:21:14 +0100 Subject: [PATCH 29/31] Refactor extractDomainFromArgs Signed-off-by: Patrick --- .../parser/__snapshots__/parser.test.js.snap | 300 +++++++++++++++++- scanners/subfinder/parser/parser.js | 27 +- scanners/subfinder/parser/parser.test.js | 54 +++- 3 files changed, 375 insertions(+), 6 deletions(-) diff --git a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap index cac911b84..840f42518 100644 --- a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap +++ b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap @@ -158,7 +158,305 @@ exports[`should properly parse subfinder json file with ip output 1`] = ` exports[`should properly parse empty json file 1`] = `[]`; -exports[`should properly parse subfinder json file and add target domain to findings 1`] = ` +exports[`should properly parse subfinder json file and add target domain to findings with param -d 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "releases.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain releases.example.com", + "identified_at": null, + "location": "releases.example.com", + "name": "releases.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "myap.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain myap.example.com", + "identified_at": null, + "location": "myap.example.com", + "name": "myap.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "not-exist.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain not-exist.example.com", + "identified_at": null, + "location": "not-exist.example.com", + "name": "not-exist.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "new-client.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain new-client.example.com", + "identified_at": null, + "location": "new-client.example.com", + "name": "new-client.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "op.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain op.example.com", + "identified_at": null, + "location": "op.example.com", + "name": "op.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "mall.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain mall.example.com", + "identified_at": null, + "location": "mall.example.com", + "name": "mall.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "cdn1.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain cdn1.example.com", + "identified_at": null, + "location": "cdn1.example.com", + "name": "cdn1.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "xn--rksmrgs-5wao1o.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain xn--rksmrgs-5wao1o.example.com", + "identified_at": null, + "location": "xn--rksmrgs-5wao1o.example.com", + "name": "xn--rksmrgs-5wao1o.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; + +exports[`should properly parse subfinder json file and add target domain to findings with param -domain 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "releases.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain releases.example.com", + "identified_at": null, + "location": "releases.example.com", + "name": "releases.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "myap.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain myap.example.com", + "identified_at": null, + "location": "myap.example.com", + "name": "myap.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "not-exist.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain not-exist.example.com", + "identified_at": null, + "location": "not-exist.example.com", + "name": "not-exist.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "new-client.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain new-client.example.com", + "identified_at": null, + "location": "new-client.example.com", + "name": "new-client.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "op.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain op.example.com", + "identified_at": null, + "location": "op.example.com", + "name": "op.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "mall.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain mall.example.com", + "identified_at": null, + "location": "mall.example.com", + "name": "mall.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "cdn1.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain cdn1.example.com", + "identified_at": null, + "location": "cdn1.example.com", + "name": "cdn1.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "xn--rksmrgs-5wao1o.example.com", + "ip_address": null, + "ip_addresses": [], + "source": "alienvault", + }, + "category": "Subdomain", + "description": "Found subdomain xn--rksmrgs-5wao1o.example.com", + "identified_at": null, + "location": "xn--rksmrgs-5wao1o.example.com", + "name": "xn--rksmrgs-5wao1o.example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; + +exports[`should properly parse subfinder json file and add target domain to findings with param --domain= 1`] = ` [ { "attributes": { diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js index 4bd404fea..fda5fe69f 100644 --- a/scanners/subfinder/parser/parser.js +++ b/scanners/subfinder/parser/parser.js @@ -2,6 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 +const DOMAIN_FLAGS = ["-d", "-domain", "--domain"]; + export async function parse( fileContent, scan, @@ -14,7 +16,7 @@ export async function parse( const findings = transformToFindings(targets); const domain = includeTargetDomain - ? getArgValue(scan.spec.parameters, "-d", "-domain") + ? extractDomainFromArgs(scan.spec.parameters) : null; if (domain) { findings.push(getTargetDomainFinding(domain)); @@ -23,9 +25,26 @@ export async function parse( return findings; } -function getArgValue(args, ...flags) { - const index = args.findIndex((arg) => flags.includes(arg)); - return index !== -1 && index + 1 < args.length ? args[index + 1] : null; +function extractDomainFromArgs(args) { + for (let i = 0; i < args.length; i++) { + const arg = args[i]; + + // Check for --domain=value or --domain="value" format + for (const flag of DOMAIN_FLAGS) { + if (arg.startsWith(`${flag}=`)) { + const value = arg.slice(flag.length + 1); + // Remove surrounding quotes if present + return value.replace(/^["']|["']$/g, ""); + } + } + + // Check for -d value, -domain value, --domain value format + if (DOMAIN_FLAGS.includes(arg) && i + 1 < args.length) { + return args[i + 1]; + } + } + + return null; } function getTargetDomainFinding(domain) { diff --git a/scanners/subfinder/parser/parser.test.js b/scanners/subfinder/parser/parser.test.js index ad13f6e74..90c761b12 100644 --- a/scanners/subfinder/parser/parser.test.js +++ b/scanners/subfinder/parser/parser.test.js @@ -42,7 +42,33 @@ test("should properly parse empty json file", async () => { expect(findings).toMatchSnapshot(); }); -test("should properly parse subfinder json file and add target domain to findings", async () => { +test("should properly parse subfinder json file and add target domain to findings with param -d", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "-d", "example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile( + __dirname + "/__testFiles__/passive_scan_without_ip_example.com.jsonl", + { + encoding: "utf8", + }, + ); + const findings = await parse(fileContent, scan, "true"); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); + +test("should properly parse subfinder json file and add target domain to findings with param -domain", async () => { const scan = { spec: { scanType: "subfinder", @@ -67,3 +93,29 @@ test("should properly parse subfinder json file and add target domain to finding expect(validateParser(findings)).toBeUndefined(); expect(findings).toMatchSnapshot(); }); + +test("should properly parse subfinder json file and add target domain to findings with param --domain=", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "--domain=example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile( + __dirname + "/__testFiles__/passive_scan_without_ip_example.com.jsonl", + { + encoding: "utf8", + }, + ); + const findings = await parse(fileContent, scan, "true"); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); From 77f3b390b0af0f56e9e6ee58a2efc8afc4574678 Mon Sep 17 00:00:00 2001 From: Patrick Date: Wed, 14 Jan 2026 09:34:43 +0100 Subject: [PATCH 30/31] Make RegEx more readable Signed-off-by: Patrick --- scanners/subfinder/parser/parser.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js index fda5fe69f..2afdfc93c 100644 --- a/scanners/subfinder/parser/parser.js +++ b/scanners/subfinder/parser/parser.js @@ -34,7 +34,9 @@ function extractDomainFromArgs(args) { if (arg.startsWith(`${flag}=`)) { const value = arg.slice(flag.length + 1); // Remove surrounding quotes if present - return value.replace(/^["']|["']$/g, ""); + return value + .replace(/^["']/, "") // Remove leading quote + .replace(/["']$/, ""); // Remove trailing quote } } From a493d228df6fa24480579752ae4b4c79cc1268bd Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Wed, 14 Jan 2026 09:43:29 +0000 Subject: [PATCH 31/31] Updating Helm Docs Signed-off-by: secureCodeBoxBot --- scanners/subfinder/README.md | 2 +- scanners/subfinder/docs/README.ArtifactHub.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/scanners/subfinder/README.md b/scanners/subfinder/README.md index f65cc3584..616198b00 100644 --- a/scanners/subfinder/README.md +++ b/scanners/subfinder/README.md @@ -65,7 +65,7 @@ Kubernetes: `>=v1.11.0-0` |-----|------|---------|-------------| | cascadingRules.enabled | bool | `false` | Enables or disables the installation of the default cascading rules for this scanner | | imagePullSecrets | list | `[]` | Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) | -| includeTargetDomain | bool | false | Include target domain in findings | +| includeTargetDomain | bool | `false` | include target domain in findings | | parser.affinity | object | `{}` | Optional affinity settings that control how the parser job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | parser.env | list | `[]` | Optional environment variables mapped into each parseJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | | parser.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | diff --git a/scanners/subfinder/docs/README.ArtifactHub.md b/scanners/subfinder/docs/README.ArtifactHub.md index ee3f4a846..c674bf2fa 100644 --- a/scanners/subfinder/docs/README.ArtifactHub.md +++ b/scanners/subfinder/docs/README.ArtifactHub.md @@ -70,6 +70,7 @@ Kubernetes: `>=v1.11.0-0` |-----|------|---------|-------------| | cascadingRules.enabled | bool | `false` | Enables or disables the installation of the default cascading rules for this scanner | | imagePullSecrets | list | `[]` | Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) | +| includeTargetDomain | bool | `false` | include target domain in findings | | parser.affinity | object | `{}` | Optional affinity settings that control how the parser job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) | | parser.env | list | `[]` | Optional environment variables mapped into each parseJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | | parser.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images |